covenantfdnlottery.smccheckout.com Open in urlscan Pro
204.191.247.17 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.dreamlifelottery.win/l/tpVl2wI2RKzE8nXaV26vYhc712EC_v-mqMQr2BFddqM
Effective URL:
https://covenantfdnlottery.smccheckout.com/tickets/covenantfoundationlottery?utm_source=pinpointe&utm_medium=email&utm_campaign=cfl-ptb-202...
Submission: On July 25 via manual (July 25th 2022, 8:13:40 pm UTC) from CA — Scanned from CA

Summary HTTP 62 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 23 domains to perform 62 HTTP transactions. The main IP is 204.191.247.17, located in Edmonton, Canada and belongs to TELUS Communications, CA. The main domain is covenantfdnlottery.smccheckout.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 9th 2022. Valid for: a year.

This is the only time covenantfdnlottery.smccheckout.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	199.127.241.136 199.127.241.136	53797 (PINPOINTE-N1) (PINPOINTE-N1)
13	204.191.247.17 204.191.247.17	852 (TELUS Com...) (TELUS Communications)
5	2600:141b:13:... 2600:141b:13::17d7:82eb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2607:f8b0:400... 2607:f8b0:4006:807::2004	15169 (GOOGLE) (GOOGLE)
1	2600:141b:13:... 2600:141b:13::17d7:82e3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81d::200e	15169 (GOOGLE) (GOOGLE)
5	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	13.225.214.74 13.225.214.74	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.65.166 142.250.65.166	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	52.1.151.185 52.1.151.185	14618 (AMAZON-AES) (AMAZON-AES)
1	51.161.118.84 51.161.118.84	16276 (OVH) (OVH)
2	2620:116:800b... 2620:116:800b:21:f059:4f7e:28a9:1588	27281 (QUANTCAST) (QUANTCAST)
1 2	68.67.161.208 68.67.161.208	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	2606:4700:440... 2606:4700:4400::ac40:98f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.18.32.107 104.18.32.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	68.67.161.205 68.67.161.205	29990 (ASN-APPNEX) (ASN-APPNEX)
5 5	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
2 2	3.218.90.66 3.218.90.66	14618 (AMAZON-AES) (AMAZON-AES)
1 2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:809::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c07::9c	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21d... 2600:9000:21dd:c400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	54.230.163.28 54.230.163.28	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
1	13.225.214.103 13.225.214.103	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:80a::2002	15169 (GOOGLE) (GOOGLE)
1	54.195.161.48 54.195.161.48	16509 (AMAZON-02) (AMAZON-02)
62	27

1 199.127.241.136 (United States) 1 redirects

ASN53797 (PINPOINTE-N1, US)
PTR: mail.emailmarketing.zgm.management

info.dreamlifelottery.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 204.191.247.17 (Edmonton, Canada)

ASN852 (TELUS Communications, CA)

covenantfdnlottery.smccheckout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.smccheckout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:141b:13::17d7:82eb (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:807::2004 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::17d7:82e3 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80c::2003 (New York, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::2008 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-74.ewr50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f6.1e100.net

11120644.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.1.151.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-151-185.compute-1.amazonaws.com

cdn.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.161.118.84 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns571695.ip-51-161-118.net

t.us1.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:f059:4f7e:28a9:1588 (United States)

ASN27281 (QUANTCAST, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.161.208 (New York, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:98f5 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.32.107 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a4.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.161.205 (New York, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 799.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.71.131.137 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.218.90.66 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::200e (New York, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c07::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2003 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:c400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.163.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-28.ewr53.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2002 (New York, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-103.ewr50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::2002 (New York, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.195.161.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-161-48.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	smccheckout.com covenantfdnlottery.smccheckout.com api.smccheckout.com	1 MB
7	google.com www.google.com — Cisco Umbrella Rank: 10 analytics.google.com — Cisco Umbrella Rank: 511 adservice.google.com — Cisco Umbrella Rank: 96	26 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	343 KB
6	typekit.net use.typekit.net — Cisco Umbrella Rank: 572 p.typekit.net — Cisco Umbrella Rank: 688	72 KB
5	adsrvr.org 5 redirects insight.adsrvr.org — Cisco Umbrella Rank: 616 match.adsrvr.org — Cisco Umbrella Rank: 362	3 KB
5	doubleclick.net 2 redirects 11120644.fls.doubleclick.net cm.g.doubleclick.net — Cisco Umbrella Rank: 205 stats.g.doubleclick.net — Cisco Umbrella Rank: 117	3 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
4	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 430 ib.adnxs.com — Cisco Umbrella Rank: 234	4 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 637 script.hotjar.com — Cisco Umbrella Rank: 795 vars.hotjar.com — Cisco Umbrella Rank: 874 in.hotjar.com — Cisco Umbrella Rank: 1519	68 KB
3	google.ca www.google.ca — Cisco Umbrella Rank: 7542 adservice.google.ca — Cisco Umbrella Rank: 12225	1 KB
3	tribalfusion.com 3 redirects a.tribalfusion.com — Cisco Umbrella Rank: 813 s.tribalfusion.com — Cisco Umbrella Rank: 2171 a4.tribalfusion.com — Cisco Umbrella Rank: 34323	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	500 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531	2 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 285	623 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 991 pixel.quantserve.com — Cisco Umbrella Rank: 452	30 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	110 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	147 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 942	690 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 333	916 B
1	dyntrk.com t.us1.dyntrk.com — Cisco Umbrella Rank: 32376	351 B
1	callrail.com cdn.callrail.com — Cisco Umbrella Rank: 7579	312 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1323	44 KB
1	dreamlifelottery.win 1 redirects info.dreamlifelottery.win	478 B
62	23

	Domain	Requested by
9	covenantfdnlottery.smccheckout.com	covenantfdnlottery.smccheckout.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com covenantfdnlottery.smccheckout.com
5	use.typekit.net	covenantfdnlottery.smccheckout.com use.typekit.net
4	match.adsrvr.org	4 redirects
4	api.smccheckout.com	covenantfdnlottery.smccheckout.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	covenantfdnlottery.smccheckout.com www.gstatic.com www.google.com
2	www.facebook.com	covenantfdnlottery.smccheckout.com
2	www.google.ca	covenantfdnlottery.smccheckout.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	analytics.google.com	www.googletagmanager.com
2	fonts.gstatic.com	www.google.com
2	dsum-sec.casalemedia.com	1 redirects covenantfdnlottery.smccheckout.com
2	ups.analytics.yahoo.com	2 redirects
2	ib.adnxs.com	1 redirects covenantfdnlottery.smccheckout.com
2	secure.adnxs.com	1 redirects covenantfdnlottery.smccheckout.com
2	connect.facebook.net	covenantfdnlottery.smccheckout.com connect.facebook.net
2	11120644.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	covenantfdnlottery.smccheckout.com www.googletagmanager.com
1	in.hotjar.com	script.hotjar.com
1	pixel.quantserve.com	covenantfdnlottery.smccheckout.com
1	adservice.google.ca	adservice.google.com
1	vars.hotjar.com	static.hotjar.com
1	adservice.google.com	11120644.fls.doubleclick.net
1	script.hotjar.com	static.hotjar.com
1	rules.quantcount.com	secure.quantserve.com
1	cm.g.doubleclick.net	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	insight.adsrvr.org	1 redirects
1	a4.tribalfusion.com	1 redirects
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	secure.quantserve.com	covenantfdnlottery.smccheckout.com
1	t.us1.dyntrk.com	www.googletagmanager.com
1	cdn.callrail.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	p.typekit.net	use.typekit.net
1	info.dreamlifelottery.win	1 redirects
62	39

This site contains links to these domains. Also see Links.

Domain
covenantfoundationlottery.ca

Subject Issuer	Validity	Valid
*.smccheckout.com Go Daddy Secure Certificate Authority - G2	`2022-01-09` - `2023-01-25`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-04` - `2022-08-02`	3 months	crt.sh
cdn.callrail.com Amazon	`2022-02-24` - `2023-03-25`	a year	crt.sh
t.us1.dyntrk.com R3	`2022-06-10` - `2022-09-08`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://covenantfdnlottery.smccheckout.com/tickets/covenantfoundationlottery?utm_source=pinpointe&utm_medium=email&utm_campaign=cfl-ptb-2022&utm_term=vehicles-cta&utm_content=vehicles-1
Frame ID: 910F4EC68555F70D376984BEBD585F6F
Requests: 49 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc3LjcdAAAAAPMHH6UhIW-_Et2HZJb6ISnF5j-U&co=aHR0cHM6Ly9jb3ZlbmFudGZkbmxvdHRlcnkuc21jY2hlY2tvdXQuY29tOjQ0Mw..&hl=en&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=xjpfakp51da4
Frame ID: 8D7B43B5A440E4E765FBBD2188E166A1
Requests: 7 HTTP requests in this frame

Frame: https://11120644.fls.doubleclick.net/activityi;dc_pre=CODprYztlPkCFZQHaAgdbNAFHw;src=11120644;type=invmedia;cat=coven00;ord=8781195550252;gtm=2wg7k0;auiddc=968453708.1658780015;~oref=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2Fcovenantfoundationlottery%3Futm_source%3Dpinpointe%26utm_medium%3Demail%26utm_campaign%3Dcfl-ptb-2022%26utm_term%3Dvehicles-cta%26utm_content%3Dvehicles-1
Frame ID: FD55D06DD59DB46019CB878B56B26A89
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CODprYztlPkCFZQHaAgdbNAFHw;src=11120644;type=invmedia;cat=coven00;ord=8781195550252;gtm=2wg7k0;auiddc=968453708.1658780015;~oref=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2Fcovenantfoundationlottery%3Futm_source%3Dpinpointe%26utm_medium%3Demail%26utm_campaign%3Dcfl-ptb-2022%26utm_term%3Dvehicles-cta%26utm_content%3Dvehicles-1
Frame ID: 725DF6C92DBD398E476D8860FB71B412
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html
Frame ID: B3699CA5E5AA0800696EF5D668473575
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.ca/ddm/fls/i/dc_pre=CODprYztlPkCFZQHaAgdbNAFHw;src=11120644;type=invmedia;cat=coven00;ord=8781195550252;gtm=2wg7k0;auiddc=968453708.1658780015;~oref=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2Fcovenantfoundationlottery%3Futm_source%3Dpinpointe%26utm_medium%3Demail%26utm_campaign%3Dcfl-ptb-2022%26utm_term%3Dvehicles-cta%26utm_content%3Dvehicles-1
Frame ID: C21218D8536FEB529D4A7AC2A3ACBF33
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Covenant Foundation Lottery | Checkout

Page URL History Show full URLs

https://info.dreamlifelottery.win/l/tpVl2wI2RKzE8nXaV26vYhc712EC_v-mqMQr2BFddqM HTTP 302
https://covenantfdnlottery.smccheckout.com/tickets/covenantfoundationlottery?utm_source=pinpointe&utm_medium=email&utm_... Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

62
Requests

95 %
HTTPS

50 %
IPv6

23
Domains

39
Subdomains

27
IPs

4
Countries

1941 kB
Transfer

4601 kB
Size

31
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://covenantfoundationlottery.ca/
Title: Back to Home Page

Search URL Search Domain Scan URL

URL: https://covenantfoundationlottery.ca/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.dreamlifelottery.win/l/tpVl2wI2RKzE8nXaV26vYhc712EC_v-mqMQr2BFddqM HTTP 302
https://covenantfdnlottery.smccheckout.com/tickets/covenantfoundationlottery?utm_source=pinpointe&utm_medium=email&utm_campaign=cfl-ptb-2022&utm_term=vehicles-cta&utm_content=vehicles-1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://11120644.fls.doubleclick.net/activityi;src=11120644;type=invmedia;cat=coven00;ord=8781195550252;gtm=2wg7k0;auiddc=968453708.1658780015;~oref=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2Fcovenantfoundationlottery%3Futm_source%3Dpinpointe%26utm_medium%3Demail%26utm_campaign%3Dcfl-ptb-2022%26utm_term%3Dvehicles-cta%26utm_content%3Dvehicles-1 HTTP 302
https://11120644.fls.doubleclick.net/activityi;dc_pre=CODprYztlPkCFZQHaAgdbNAFHw;src=11120644;type=invmedia;cat=coven00;ord=8781195550252;gtm=2wg7k0;auiddc=968453708.1658780015;~oref=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2Fcovenantfoundationlottery%3Futm_source%3Dpinpointe%26utm_medium%3Demail%26utm_campaign%3Dcfl-ptb-2022%26utm_term%3Dvehicles-cta%26utm_content%3Dvehicles-1

Request Chain 29

https://secure.adnxs.com/px?id=1502069&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1502069%26t%3D2

Request Chain 30

https://a.tribalfusion.com/i.visitor?clientName=Covenant%20Foundation%20Lottery&clientID=794253&segmentNumber=0&segmentName=Landing%20page HTTP 302
https://s.tribalfusion.com/z/i.visitor?clientName=Covenant%20Foundation%20Lottery&clientID=794253&segmentNumber=0&segmentName=Landing%20page HTTP 302
https://a4.tribalfusion.com/ipg?ip6=2607:5300:60:7867::3&kv=%7B%22ord%22%3A%2014612846%2C%20%22clientID%22%3A%20794253%7D&redirect=https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
https://ib.adnxs.com/setuid?entity=305&code=$TF_USER_ID_ENC$

Request Chain 31

https://insight.adsrvr.org/track/pxl/?adv=h5ykmjs&ct=0:d02ux36&fmt=3 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=24cb61b1-a8c6-44a5-8060-9f9b41544694&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MjRjYjYxYjEtYThjNi00NGE1LTgwNjAtOWY5YjQxNTQ0Njk0&gdpr=0&gdpr_consent=&ttd_tdid=24cb61b1-a8c6-44a5-8060-9f9b41544694 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=24cb61b1-a8c6-44a5-8060-9f9b41544694&google_gid=CAESEHXGuimGKZb2In2adoxjRHo&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=24cb61b1-a8c6-44a5-8060-9f9b41544694&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=24cb61b1-a8c6-44a5-8060-9f9b41544694&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-eDrQkvJE2uLd.xxaDtIr4tAZfCAI9yo-~A&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=24cb61b1-a8c6-44a5-8060-9f9b41544694 HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=1996979043898387568&ttd_tdid=24cb61b1-a8c6-44a5-8060-9f9b41544694 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=24cb61b1-a8c6-44a5-8060-9f9b41544694&expiration=1661372015&gdpr=0&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=24cb61b1-a8c6-44a5-8060-9f9b41544694&expiration=1661372015&gdpr=0&gdpr_consent=&C=1

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request covenantfoundationlottery Show response
covenantfdnlottery.smccheckout.com/tickets/
Redirect Chain

https://info.dreamlifelottery.win/l/tpVl2wI2RKzE8nXaV26vYhc712EC_v-mqMQr2BFddqM
https://covenantfdnlottery.smccheckout.com/tickets/covenantfoundationlottery?utm_source=pinpointe&utm_medium=email&utm_campaign=cfl-ptb-2022&utm_term=vehicles-cta&utm_content=vehicles-1

256 KB
55 KB

415ms
114ms

Document
text/html

204.191.247.17
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://covenantfdnlottery.smccheckout.com/tickets/covenantfoundationlottery?utm_source=pinpointe&utm_medium=email&utm_campaign=cfl-ptb-2022&utm_term=vehicles-cta&utm_content=vehicles-1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.191.247.17 Edmonton, Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

7dccd00694ed611b12cada56e49500ba03af6295e40674b8d066ff67f3cc6bf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: none
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 25 Jul 2022 20:13:33 GMT
etag: "3ff77-+ppoLBCYSGSjpbFwtdgGqODTtus"
server: nginx/1.21.6
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-type: text/html; charset=UTF-8
date: Mon, 25 Jul 2022 20:13:33 GMT
location: https://covenantfdnlottery.smccheckout.com/tickets/covenantfoundationlottery?utm_source=pinpointe&utm_medium=email&utm_campaign=cfl-ptb-2022&utm_term=vehicles-cta&utm_content=vehicles-1
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: User-Agent
x-powered-by: PHP/7.4.30
x-robots-tag: noindex, nofollow

GET
H2 200 kly1usq.css
use.typekit.net/ 4 KB
1 KB 94ms
29ms Stylesheet
text/css 2600:141b:13::17d7:82eb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/kly1usq.css

Requested by

Host: covenantfdnlottery.smccheckout.com
URL: https://covenantfdnlottery.smccheckout.com/tickets/covenantfoundationlottery?utm_source=pinpointe&utm_medium=email&utm_campaign=cfl-ptb-2022&utm_term=vehicles-cta&utm_content=vehicles-1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13::17d7:82eb New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

475aadca34b49b1d1ced911f05577b6c14a1b83d1740f6883ad9cb545e9cbb7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Mon, 25 Jul 2022 20:13:34 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 869

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
997 B 95ms
46ms Script
text/javascript 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lc3LjcdAAAAAPMHH6UhIW-_Et2HZJb6ISnF5j-U

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d681ed65ede595229a0c3d9d0d2bfd33d08b2ead03f895d5eb3d42b555b41dda

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 20:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 584
x-xss-protection: 1; mode=block
expires: Mon, 25 Jul 2022 20:13:34 GMT

GET
H2 200 bb66233.js Show response
covenantfdnlottery.smccheckout.com/_nuxt/ 2 KB
2 KB 143ms
141ms Script
application/javascript 204.191.247.17
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://covenantfdnlottery.smccheckout.com/_nuxt/bb66233.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.191.247.17 Edmonton, Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

5414d5c9cacbb3bc9cc17bfa8ab96efc5277437732e262c4a1a3226408835b22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/tickets/covenantfoundationlottery?utm_source=pinpointe&utm_medium=email&utm_campaign=cfl-ptb-2022&utm_term=vehicles-cta&utm_content=vehicles-1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 20:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jun 2022 15:44:46 GMT
server: nginx/1.21.6
etag: W/"9dc-181b54941b0"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 f6e10af.js Show response
covenantfdnlottery.smccheckout.com/_nuxt/ 234 KB
80 KB 143ms
142ms Script
application/javascript 204.191.247.17
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://covenantfdnlottery.smccheckout.com/_nuxt/f6e10af.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.191.247.17 Edmonton, Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

dcd491b60be368edc3293109ea1dece3cce902566e339e3cac93bf370f52535d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/tickets/covenantfoundationlottery?utm_source=pinpointe&utm_medium=email&utm_campaign=cfl-ptb-2022&utm_term=vehicles-cta&utm_content=vehicles-1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 20:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jun 2022 15:44:46 GMT
server: nginx/1.21.6
etag: W/"3a648-181b54941b0"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 5687033.js Show response
covenantfdnlottery.smccheckout.com/_nuxt/ 693 KB
198 KB 143ms
141ms Script
application/javascript 204.191.247.17
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://covenantfdnlottery.smccheckout.com/_nuxt/5687033.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.191.247.17 Edmonton, Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

9adf6b92ef3df96b7f6e4f268382cff99fbdd051e535a16042204b6606a04735

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/tickets/covenantfoundationlottery?utm_source=pinpointe&utm_medium=email&utm_campaign=cfl-ptb-2022&utm_term=vehicles-cta&utm_content=vehicles-1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 20:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jun 2022 15:44:46 GMT
server: nginx/1.21.6
etag: W/"ad582-181b54941b0"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 e1fa3a2.js Show response
covenantfdnlottery.smccheckout.com/_nuxt/ 510 KB
144 KB 143ms
142ms Script
application/javascript 204.191.247.17
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://covenantfdnlottery.smccheckout.com/_nuxt/e1fa3a2.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.191.247.17 Edmonton, Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

f5749705ab19c05da285a8137e95724f532cde04de928185b07f0c8747b9e305

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/tickets/covenantfoundationlottery?utm_source=pinpointe&utm_medium=email&utm_campaign=cfl-ptb-2022&utm_term=vehicles-cta&utm_content=vehicles-1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 20:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jun 2022 15:44:46 GMT
server: nginx/1.21.6
etag: W/"7f99f-181b54941b0"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 6649044.js Show response
covenantfdnlottery.smccheckout.com/_nuxt/ 15 KB
5 KB 147ms
147ms Script
application/javascript 204.191.247.17
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://covenantfdnlottery.smccheckout.com/_nuxt/6649044.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.191.247.17 Edmonton, Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

2d264c289ca3711d95a923e7f006918e7a66f5d57007c52e78b377079ae8134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/tickets/covenantfoundationlottery?utm_source=pinpointe&utm_medium=email&utm_campaign=cfl-ptb-2022&utm_term=vehicles-cta&utm_content=vehicles-1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 20:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jun 2022 15:44:46 GMT
server: nginx/1.21.6
etag: W/"3c1b-181b54941b0"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 87ms
18ms Stylesheet
text/css 2600:141b:13::17d7:82e3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=kly1usq&ht=tk&f=15498.15510.15818.37504.35885&a=11355900&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/kly1usq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82e3 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 20:13:34 GMT
last-modified: Sat, 02 Oct 2021 08:25:28 GMT
server: nginx
etag: "61581778-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ 362 KB
143 KB 67ms
20ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lc3LjcdAAAAAPMHH6UhIW-_Et2HZJb6ISnF5j-U

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1623c971db0db2b388998de397f9705778141f903b0cfc30f5e76d0ae2cd0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://covenantfdnlottery.smccheckout.com/
Origin: https://covenantfdnlottery.smccheckout.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 19:51:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146050
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 04:01:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jul 2023 19:51:48 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 231 KB
76 KB 106ms
57ms Script
application/javascript 2607:f8b0:4006:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K4TBN5G

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ec37c701f8208374bb81964220b571467cedeb2184bb829add5638f1a4afa96f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 20:13:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76917
x-xss-protection: 0
last-modified: Mon, 25 Jul 2022 18:59:24 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Jul 2022 20:13:34 GMT

GET
H2 200 checkout-bg-2022.f5c8e7c.jpg
covenantfdnlottery.smccheckout.com/_nuxt/img/ 572 KB
573 KB 103ms
102ms Image
image/jpeg 204.191.247.17
TELUS Communications

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://covenantfdnlottery.smccheckout.com/_nuxt/img/checkout-bg-2022.f5c8e7c.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.191.247.17 Edmonton, Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

336e41cee9ab0692e738f5aacc87dadde0be420e45c1448d8a3f9ad3e616ce61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/tickets/covenantfoundationlottery?utm_source=pinpointe&utm_medium=email&utm_campaign=cfl-ptb-2022&utm_term=vehicles-cta&utm_content=vehicles-1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 20:13:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 30 Jun 2022 15:44:46 GMT
server: nginx/1.21.6
etag: W/"8eea7-181b54941b0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 585383
x-xss-protection: 1; mode=block

GET
H2 200 l
use.typekit.net/af/7f1b26/00000000000000007735a0ac/30/ 18 KB
18 KB 255ms
203ms Font
application/font-woff2 2600:141b:13::17d7:82eb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/7f1b26/00000000000000007735a0ac/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/kly1usq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82eb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b31a6df4a3b84a0ddf94049577dc2387a4beb73a9893d231a491284c32bc7bc9

Request headers

Referer: https://use.typekit.net/kly1usq.css
Origin: https://covenantfdnlottery.smccheckout.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 20:13:34 GMT
server: nginx
etag: "d147e95641e65d1a7cc5337545f91c505664b4b0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18564

GET
H2 200 l
use.typekit.net/af/bed39a/00000000000000007735a0f4/30/ 17 KB
17 KB 87ms
35ms Font
application/font-woff2 2600:141b:13::17d7:82eb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/bed39a/00000000000000007735a0f4/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/kly1usq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82eb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b118475aec74bcf13fb68afdb2f033609ed2c740e791fb0b17454fd333d8fb4d

Request headers

Referer: https://use.typekit.net/kly1usq.css
Origin: https://covenantfdnlottery.smccheckout.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 20:13:34 GMT
server: nginx
etag: "24081d39c1ec9c832b1f765cc31e0a35ab54a339"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17340

GET
H2 200 l
use.typekit.net/af/43f61b/00000000000000007735a0ec/30/ 17 KB
17 KB 91ms
39ms Font
application/font-woff2 2600:141b:13::17d7:82eb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/43f61b/00000000000000007735a0ec/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/kly1usq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82eb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f92b9f83ac6cbbe32bd3630995ec55bacc612acc3ecc4586a6a02af687e3f42a

Request headers

Referer: https://use.typekit.net/kly1usq.css
Origin: https://covenantfdnlottery.smccheckout.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 20:13:34 GMT
server: nginx
etag: "1f319d415a4aab3272db12875f8551078c57dcf7"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17592

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 8D7B 43 KB
23 KB 51ms
50ms Document
text/html 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc3LjcdAAAAAPMHH6UhIW-_Et2HZJb6ISnF5j-U&co=aHR0cHM6Ly9jb3ZlbmFudGZkbmxvdHRlcnkuc21jY2hlY2tvdXQuY29tOjQ0Mw..&hl=en&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=xjpfakp51da4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c66d958420c0803f83dc022f4355a9271d985552247efa6a704bb78b21211cf4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-clrPmd1_Da45EDqRDz_IWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://covenantfdnlottery.smccheckout.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23250
content-security-policy: script-src 'report-sample' 'nonce-clrPmd1_Da45EDqRDz_IWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Jul 2022 20:13:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 204 lottery
api.smccheckout.com/api/v1/ Frame 0
0 281ms
78ms Preflight 204.191.247.17
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://api.smccheckout.com:447/api/v1/lottery

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.191.247.17 Edmonton, Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: */*
Access-Control-Request-Headers: smc-lid
Access-Control-Request-Method: GET
Origin: https://covenantfdnlottery.smccheckout.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: smc-lid
access-control-allow-methods: GET
access-control-allow-origin: https://covenantfdnlottery.smccheckout.com
date: Mon, 25 Jul 2022 20:13:34 GMT
server: Kestrel
strict-transport-security: max-age=2592000

GET
H2 200 05ca705.js Show response
covenantfdnlottery.smccheckout.com/_nuxt/ 5 KB
2 KB 79ms
79ms Script
application/javascript 204.191.247.17
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://covenantfdnlottery.smccheckout.com/_nuxt/05ca705.js

Requested by

Host: covenantfdnlottery.smccheckout.com
URL: https://covenantfdnlottery.smccheckout.com/_nuxt/bb66233.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.191.247.17 Edmonton, Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

11d069f9db41cf408ee2004ff4e67f7d748144c3ab0c5b7c96dfed43e41f97e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/tickets/covenantfoundationlottery?utm_source=pinpointe&utm_medium=email&utm_campaign=cfl-ptb-2022&utm_term=vehicles-cta&utm_content=vehicles-1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 20:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jun 2022 15:44:46 GMT
server: nginx/1.21.6
etag: W/"1485-181b54941b0"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 lottery Show response
api.smccheckout.com/api/v1/ 3 KB
3 KB 176ms
166ms XHR
application/json 204.191.247.17
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://api.smccheckout.com:447/api/v1/lottery

Requested by

Host: covenantfdnlottery.smccheckout.com
URL: https://covenantfdnlottery.smccheckout.com/_nuxt/f6e10af.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.191.247.17 Edmonton, Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Kestrel /

Resource Hash

d9c90a8347382aa89b4ce05bcb49f01f4fab13696f74232cfba97905f127e680

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://covenantfdnlottery.smccheckout.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
smc-lid: c7045693-69e3-4571-f6b9-08d8f84eca9a

Response headers

access-control-allow-origin: https://covenantfdnlottery.smccheckout.com
date: Mon, 25 Jul 2022 20:13:34 GMT
access-control-allow-credentials: true
server: Kestrel
strict-transport-security: max-age=2592000
content-type: application/json; charset=utf-8

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ Frame 8D7B 51 KB
24 KB 66ms
23ms Stylesheet
text/css 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc3LjcdAAAAAPMHH6UhIW-_Et2HZJb6ISnF5j-U&co=aHR0cHM6Ly9jb3ZlbmFudGZkbmxvdHRlcnkuc21jY2hlY2tvdXQuY29tOjQ0Mw..&hl=en&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=xjpfakp51da4

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 19:51:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 04:01:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jul 2023 19:51:48 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/ Frame 8D7B 362 KB
143 KB 64ms
22ms Script
text/javascript 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1623c971db0db2b388998de397f9705778141f903b0cfc30f5e76d0ae2cd0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 19:51:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146050
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 04:01:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jul 2023 19:51:48 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 116 KB
44 KB 109ms
52ms Script
application/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-T4K4DW3

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4TBN5G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8aa8cfc14611a3a3234f5d867f1649b13c41cd23910305c32f818063cb1bbb6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 20:13:34 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44811
x-xss-protection: 0
expires: Mon, 25 Jul 2022 20:13:34 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
71 KB 105ms
57ms Script
application/javascript 2607:f8b0:4006:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N4TCKWHVSV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4TBN5G

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e5ef35b69159ce8178c50a7c06914b6c33d354ecdb79b555653335d6886b405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 20:13:34 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72706
x-xss-protection: 0
expires: Mon, 25 Jul 2022 20:13:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 59ms
11ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4TBN5G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 351
date: Mon, 25 Jul 2022 20:07:43 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 25 Jul 2022 22:07:43 GMT

GET
H2 200 hotjar-1511765.js Show response
static.hotjar.com/c/ 5 KB
3 KB 189ms
96ms Script
application/javascript 13.225.214.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1511765.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4TBN5G

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.214.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-214-74.ewr50.r.cloudfront.net

Software

Resource Hash

da51889af17b5240612543e6deeefa1d4cae4efac218a90dc67f07a3e31fe39b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 20:13:34 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: EWR50-C1
etag: W/5ce247ce780a7e1da0681a8fa14695e5
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-amz-cf-id: -O-w6LP08YclZONuLt16Iud9Utu_5Z0PJmR5c8zaV9qa6PX00sm-JQ==
via: 1.1 cae77502d3847ca96378af9649c50cb4.cloudfront.net (CloudFront)

GET
H3

200

activityi;dc_pre=CODprYztlPkCFZQHaAgdbNAFHw;src=11120644;type=invmedia;cat=coven00;ord=8781195550252;gtm=2wg7k0;auiddc=968453708.1658780015;~oref=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2F... Show response
11120644.fls.doubleclick.net/ Frame FD55
Redirect Chain

https://11120644.fls.doubleclick.net/activityi;src=11120644;type=invmedia;cat=coven00;ord=8781195550252;gtm=2wg7k0;auiddc=968453708.1658780015;~oref=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com...
https://11120644.fls.doubleclick.net/activityi;dc_pre=CODprYztlPkCFZQHaAgdbNAFHw;src=11120644;type=invmedia;cat=coven00;ord=8781195550252;gtm=2wg7k0;auiddc=968453708.1658780015;~oref=https%3A%2F%2F...

666 B
508 B

87ms
37ms

Document
text/html

142.250.65.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11120644.fls.doubleclick.net/activityi;dc_pre=CODprYztlPkCFZQHaAgdbNAFHw;src=11120644;type=invmedia;cat=coven00;ord=8781195550252;gtm=2wg7k0;auiddc=968453708.1658780015;~oref=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2Fcovenantfoundationlottery%3Futm_source%3Dpinpointe%26utm_medium%3Demail%26utm_campaign%3Dcfl-ptb-2022%26utm_term%3Dvehicles-cta%26utm_content%3Dvehicles-1?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4TBN5G

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f6.1e100.net

Software

cafe /

Resource Hash

e100457720a0c4450589c32afbf9c79e22e838745cdc556aa0eb89459485b199

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 483
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Jul 2022 20:13:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Jul 2022 20:13:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11120644.fls.doubleclick.net/activityi;dc_pre=CODprYztlPkCFZQHaAgdbNAFHw;src=11120644;type=invmedia;cat=coven00;ord=8781195550252;gtm=2wg7k0;auiddc=968453708.1658780015;~oref=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2Fcovenantfoundationlottery%3Futm_source%3Dpinpointe%26utm_medium%3Demail%26utm_campaign%3Dcfl-ptb-2022%26utm_term%3Dvehicles-cta%26utm_content%3Dvehicles-1?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 59ms
19ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ae31d2c42bca396f9ad140594890b16f599b6cd8f36c809adac8ebd5eb45b2e5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26093
x-xss-protection: 0
pragma: public
x-fb-debug: gbqKX7X+LxqUnv2ARLz4yGXSx27Q/QnR3Lcdrg5E8k7+kOb9P81GqsMbYUh4qsL5lvx4auDGe8IfOGv7S3maxg==
x-fb-trip-id: 1512268381
x-frame-options: DENY
date: Mon, 25 Jul 2022 20:13:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 swap.js Show response
cdn.callrail.com/companies/160931456/3d868b59325c928f275a/12/ 32 B
312 B 99ms
30ms Script
text/javascript 52.1.151.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.callrail.com/companies/160931456/3d868b59325c928f275a/12/swap.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4TBN5G
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.151.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-151-185.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-runtime: 0.005660
date: Mon, 25 Jul 2022 20:13:34 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
etag: W/"d18beba8a6db32dd84b24258cf6542ac"
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=3600, public
timing-allow-origin: *
x-request-id: 106ae85c-c8e5-4640-bb04-fbf005fe9786

GET
H/1.1 200
OK pt.php Show response
t.us1.dyntrk.com/ 2 B
351 B 70ms
23ms Script
text/html 51.161.118.84
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.us1.dyntrk.com/pt.php?dynk=MTAyMTg102189&dynt=28&dyncp=107380&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_434}
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K4TBN5G
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.161.118.84 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns571695.ip-51-161-118.net
Software: nginx /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 20:13:34 GMT
server: nginx
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
access-control-allow-origin: *
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H2 200 quant.js Show response
secure.quantserve.com/ 118 KB
30 KB 121ms
46ms Script
application/javascript 2620:116:800b:21:f059:4f7e:28a9:1588
QUANTCAST

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: covenantfdnlottery.smccheckout.com
URL: https://covenantfdnlottery.smccheckout.com/tickets/covenantfoundationlottery?utm_source=pinpointe&utm_medium=email&utm_campaign=cfl-ptb-2022&utm_term=vehicles-cta&utm_content=vehicles-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN27281 (QUANTCAST, US),
Reverse DNS
Software: /
Resource Hash: d60f6f17937b8ed0a18321076438f53d6bb0d62879d42d3832bd50aa7e91e18d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 20:13:34 GMT
content-encoding: gzip
etag: "kVQ9bYjc9nNVTXISAKx8jA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 01 Aug 2022 20:13:34 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1502069&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1502069%26t%3D2

43 B
1 KB

60ms
60ms

Image
image/gif

68.67.161.208
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1502069%26t%3D2

Requested by

Protocol

HTTP/1.1

Server

68.67.161.208 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 20:13:34 GMT
X-Proxy-Origin: 149.56.153.186; 149.56.153.186; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4eb1e782-3178-4777-afa6-d9b3a8b217b8
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 20:13:34 GMT
X-Proxy-Origin: 149.56.153.186; 149.56.153.186; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: ce4ed1ec-7610-4cb7-b51d-0578a0749c71
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1502069%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://a.tribalfusion.com/i.visitor?clientName=Covenant%20Foundation%20Lottery&clientID=794253&segmentNumber=0&segmentName=Landing%20page
https://s.tribalfusion.com/z/i.visitor?clientName=Covenant%20Foundation%20Lottery&clientID=794253&segmentNumber=0&segmentName=Landing%20page
https://a4.tribalfusion.com/ipg?ip6=2607:5300:60:7867::3&kv=%7B%22ord%22%3A%2014612846%2C%20%22clientID%22%3A%20794253%7D&redirect=https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=...
https://ib.adnxs.com/setuid?entity=305&code=$TF_USER_ID_ENC$

43 B
1008 B

54ms
17ms

Image
image/gif

68.67.161.205
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=305&code=$TF_USER_ID_ENC$

Requested by

Protocol

HTTP/1.1

Server

68.67.161.205 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

799.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jul 2022 20:13:35 GMT
X-Proxy-Origin: 149.56.153.186; 149.56.153.186; 799.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: dd7abf32-2deb-4829-ad42-2737417a1e7a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Jul 2022 20:13:35 GMT
cf-cache-status: DYNAMIC
x-function: 201
server: cloudflare
x-reuse-index: 2066
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 73078e9678dca241-YYZ
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://ib.adnxs.com/setuid?entity=305&code=$TF_USER_ID_ENC$
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=h5ykmjs&ct=0:d02ux36&fmt=3
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=24cb61b1-a8c6-44a5-8060-9f9b41544694&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=MjRjYjYxYjEtYThjNi00NGE1LTgwNjAtOWY5YjQxNTQ0Njk0&gdpr=0&gdpr_consent=&ttd_tdid=24cb61b1-a8c6-44a5-8060-9f9b4...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=24cb61b1-a8c6-44a5-8060-9f9b41544694&google_gid=CAESEHXGuimGKZb2In2adoxjRHo&google_cver=1
https://ups.analytics.yahoo.com/ups/55953/sync?uid=24cb61b1-a8c6-44a5-8060-9f9b41544694&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=24cb61b1-a8c6-44a5-8060-9f9b41544694&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-eDrQkvJE2uLd.xxaDtIr4tAZfCAI9yo-~A&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=24cb61b1-a8c6-44a5-8060-9f9b41544694
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=1996979043898387568&ttd_tdid=24cb61b1-a8c6-44a5-8060-9f9b41544694
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=24cb61b1-a8c6-44a5-8060-9f9b41544694&expiration=1661372015&gdpr=0&gdpr_consent=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=24cb61b1-a8c6-44a5-8060-9f9b41544694&expiration=1661372015&gdpr=0&gdpr_consent=&C=1

43 B
948 B

113ms
91ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=24cb61b1-a8c6-44a5-8060-9f9b41544694&expiration=1661372015&gdpr=0&gdpr_consent=&C=1
Requested by: Host: covenantfdnlottery.smccheckout.com
URL: https://covenantfdnlottery.smccheckout.com/tickets/covenantfoundationlottery?utm_source=pinpointe&utm_medium=email&utm_campaign=cfl-ptb-2022&utm_term=vehicles-cta&utm_content=vehicles-1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 73078e99d93ca208-YYZ
pragma: no-cache
date: Mon, 25 Jul 2022 20:13:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYTQyFPvpm%2F3B3ZRQe4p0G6NbkjiNu6iY47KFXu%2BSGOlz%2BBZgEaPc1FfONhGt8lTquwcR9IWOSfHKvT7%2BtckPrCl98G8UrJnGDbVgfoAF9%2Bc3XGnTuSSGNPqVQXPggX49DOTo6K%2Bot3PSw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Jul 2022 20:13:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pf9F6vRNYi9TThahC%2FkariHUD53J4IQgPduFi7tVkWqYoZfVpg%2FTwixRnk5qaM4gTmFFM8ZZXOYzJTLqZ%2BuaU66s3TVZ9kZb5lL1KDEDtbCIZFhue4sfjKpeasCq%2FoujeZDdzTD8KKVSkA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=39&external_user_id=24cb61b1-a8c6-44a5-8060-9f9b41544694&expiration=1661372015&gdpr=0&gdpr_consent=&C=1
cache-control: no-cache
cf-ray: 73078e993fae3ffd-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 200 461031967577155 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 82ms
61ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/461031967577155?v=2.9.66&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d316660d86b26a32a5e49bf0387b814cab56781a0ae1862ad7edd33040bcfa26

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 9WmUPNAYNXnmhE5k1EkVGSfdZRmRR+n+MXK6daq13p+4Wfyo/GT9o6u28M9upfHd6h3qG/PB6u8+b6rTmVKBMQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 25 Jul 2022 20:13:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1658780014890
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 8D7B 2 KB
2 KB 20ms
20ms Image
image/png 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 10:20:50 GMT
x-content-type-options: nosniff
age: 553964
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 26 Jul 2022 10:20:50 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8D7B 15 KB
15 KB 21ms
20ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 15:59:51 GMT
x-content-type-options: nosniff
age: 533623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 19 Jul 2023 15:59:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8D7B 15 KB
15 KB 23ms
22ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 22:35:09 GMT
x-content-type-options: nosniff
age: 596305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 22:35:09 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 8D7B 102 B
134 B 42ms
42ms Other
text/javascript 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=CHIHFAf1bjFPOjwwi5Xa4cWR

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e188004f0a39aabe846e187d7aedb30407c55e6d567c3317ae9566313dc58100

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc3LjcdAAAAAPMHH6UhIW-_Et2HZJb6ISnF5j-U&co=aHR0cHM6Ly9jb3ZlbmFudGZkbmxvdHRlcnkuc21jY2hlY2tvdXQuY29tOjQ0Mw..&hl=en&v=CHIHFAf1bjFPOjwwi5Xa4cWR&size=invisible&cb=xjpfakp51da4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 20:13:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 25 Jul 2022 20:13:34 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
360 B 81ms
33ms Ping
text/plain 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-N4TCKWHVSV&gtm=2oe7k0&_p=2067699505&_z=ccd.v9B&_gaz=1&cid=1510241284.1658780015&ul=en-us&sr=1600x1200&_s=1&sid=1658780014&sct=1&seg=0&dl=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2Fcovenantfoundationlottery%3Futm_source%3Dpinpointe%26utm_medium%3Demail%26utm_campaign%3Dcfl-ptb-2022%26utm_term%3Dvehicles-cta%26utm_content%3Dvehicles-1&dt=Covenant%20Foundation%20Lottery%20%7C%20Checkout&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N4TCKWHVSV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:809::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 20:13:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://covenantfdnlottery.smccheckout.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
351 B 99ms
43ms Ping
text/plain 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N4TCKWHVSV&cid=1510241284.1658780015&gtm=2oe7k0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N4TCKWHVSV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 20:13:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://covenantfdnlottery.smccheckout.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 242ms
182ms Image
image/gif 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N4TCKWHVSV&cid=1510241284.1658780015&gtm=2oe7k0&aip=1&z=1828207259

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 20:13:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 58ms
32ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2067699505&t=pageview&_s=1&dl=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2Fcovenantfoundationlottery%3Futm_source%3Dpinpointe%26utm_medium%3Demail%26utm_campaign%3Dcfl-ptb-2022%26utm_term%3Dvehicles-cta%26utm_content%3Dvehicles-1&ul=en-us&de=UTF-8&dt=Covenant%20Foundation%20Lottery%20%7C%20Checkout&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEABRAAAAC~&jid=1555649679&gjid=848237126&cid=1510241284.1658780015&tid=UA-81007742-1&_gid=1115801538.1658780015&_r=1&gtm=2wg7k0K4TBN5G&z=1052772145

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://covenantfdnlottery.smccheckout.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 20:13:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://covenantfdnlottery.smccheckout.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 33ms
11ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2067699505&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2Fcovenantfoundationlottery%3Futm_source%3Dpinpointe%26utm_medium%3Demail%26utm_campaign%3Dcfl-ptb-2022%26utm_term%3Dvehicles-cta%26utm_content%3Dvehicles-1&ul=en-us&de=UTF-8&dt=Covenant%20Foundation%20Lottery%20%7C%20Checkout&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Checkout%20Steps&ea=Page%20View&el=Step%201%20-%20%2F%20Tickets&_u=aCDACEABRAAAAC~&jid=&gjid=&cid=1510241284.1658780015&tid=UA-81007742-1&_gid=1115801538.1658780015&gtm=2wg7k0K4TBN5G&z=1559460356

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 09:38:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38086
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-EsVdUfLJ2Vz_d.js Show response
rules.quantcount.com/ 209 B
690 B 142ms
76ms Script
application/javascript 2600:9000:21dd:c400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-EsVdUfLJ2Vz_d.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:c400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be45d4259f8c2f5a126654f20df9a4f0e2688d6ed4e26bea61d2343eee81c2b8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 20:13:36 GMT
via: 1.1 c5c79ef7442267e414f3389ffcc2f0fa.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 209
last-modified: Mon, 27 Jun 2022 17:50:44 GMT
server: AmazonS3
etag: "75c6d737568170d6027ddd90394787c4"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: gHQqxQAC6ZsvhhRkJdVIX9zj-_qLme9CzyqAcuMXRTkYNjB2JOLInA==

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 61ms
19ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=461031967577155&ev=PageView&dl=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2Fcovenantfoundationlottery%3Futm_source%3Dpinpointe%26utm_medium%3Demail%26utm_campaign%3Dcfl-ptb-2022%26utm_term%3Dvehicles-cta%26utm_content%3Dvehicles-1&rl=&if=false&ts=1658780015063&sw=1600&sh=1200&v=2.9.66&r=stable&ec=0&o=30&fbp=fb.1.1658780015062.633527906&it=1658780014823&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 20:13:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 25 Jul 2022 20:13:35 GMT

GET
H2 200 modules.6a5da0d590df764ca613.js Show response
script.hotjar.com/ 247 KB
64 KB 73ms
21ms Script
application/javascript 54.230.163.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6a5da0d590df764ca613.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1511765.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.163.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-163-28.ewr53.r.cloudfront.net

Software

Resource Hash

eea54a25d415f4abf48a1e89d7a6d9211b65986bb081de9ad324dcbb103db9b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 383668
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 64657
access-control-allow-origin: *
last-modified: Thu, 21 Jul 2022 09:39:03 GMT
etag: "2bddb6ee72f2a47166ed0f5f35ee713b"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 34d691c1cf360a32817ace92de30761c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: tSlFVRvRnyAhRQhQFEVF8ciGPA1gfcfig6k79x4Z3FBFAAbGvFiZHA==

GET
H2 200 dc_pre=CODprYztlPkCFZQHaAgdbNAFHw;src=11120644;type=invmedia;cat=coven00;ord=8781195550252;gtm=2wg7k0;auiddc=968453708.1658780015;~oref=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2F... Show response
adservice.google.com/ddm/fls/i/ Frame 725D 665 B
952 B 87ms
38ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CODprYztlPkCFZQHaAgdbNAFHw;src=11120644;type=invmedia;cat=coven00;ord=8781195550252;gtm=2wg7k0;auiddc=968453708.1658780015;~oref=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2Fcovenantfoundationlottery%3Futm_source%3Dpinpointe%26utm_medium%3Demail%26utm_campaign%3Dcfl-ptb-2022%26utm_term%3Dvehicles-cta%26utm_content%3Dvehicles-1

Requested by

Host: 11120644.fls.doubleclick.net
URL: https://11120644.fls.doubleclick.net/activityi;dc_pre=CODprYztlPkCFZQHaAgdbNAFHw;src=11120644;type=invmedia;cat=coven00;ord=8781195550252;gtm=2wg7k0;auiddc=968453708.1658780015;~oref=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2Fcovenantfoundationlottery%3Futm_source%3Dpinpointe%26utm_medium%3Demail%26utm_campaign%3Dcfl-ptb-2022%26utm_term%3Dvehicles-cta%26utm_content%3Dvehicles-1?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bd92eab8efa1f750a1a48d1071d02749fe988184d6825073c08c9194ea21692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11120644.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 483
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Jul 2022 20:13:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 38ms
37ms XHR
text/plain 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-81007742-1&cid=1510241284.1658780015&jid=1555649679&gjid=848237126&_gid=1115801538.1658780015&_u=aCDACEAARAAAAC~&z=1059817634

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://covenantfdnlottery.smccheckout.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 25 Jul 2022 20:13:35 GMT
content-type: text/plain
access-control-allow-origin: https://covenantfdnlottery.smccheckout.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tickets Show response
api.smccheckout.com/api/v1/lottery/ 6 KB
6 KB 132ms
132ms XHR
application/json 204.191.247.17
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://api.smccheckout.com:447/api/v1/lottery/tickets

Requested by

Host: covenantfdnlottery.smccheckout.com
URL: https://covenantfdnlottery.smccheckout.com/_nuxt/f6e10af.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.191.247.17 Edmonton, Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Kestrel /

Resource Hash

df41ab0a0a6357d0989d2c345a410a6aed9915bf9d6ed647f092f94ef7252365

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: application/json, text/plain, */*
Referer: https://covenantfdnlottery.smccheckout.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
smc-lid: c7045693-69e3-4571-f6b9-08d8f84eca9a

Response headers

access-control-allow-origin: https://covenantfdnlottery.smccheckout.com
date: Mon, 25 Jul 2022 20:13:34 GMT
access-control-allow-credentials: true
server: Kestrel
strict-transport-security: max-age=2592000
content-type: application/json; charset=utf-8

OPTIONS
H2 204 tickets
api.smccheckout.com/api/v1/lottery/ Frame 0
0 77ms
77ms Preflight 204.191.247.17
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://api.smccheckout.com:447/api/v1/lottery/tickets

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.191.247.17 Edmonton, Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: */*
Access-Control-Request-Headers: smc-lid
Access-Control-Request-Method: GET
Origin: https://covenantfdnlottery.smccheckout.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: smc-lid
access-control-allow-methods: GET
access-control-allow-origin: https://covenantfdnlottery.smccheckout.com
date: Mon, 25 Jul 2022 20:13:34 GMT
server: Kestrel
strict-transport-security: max-age=2592000

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 39ms
38ms Image
image/gif 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-81007742-1&cid=1510241284.1658780015&jid=1555649679&_u=aCDACEAARAAAAC~&z=561508185

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 20:13:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 184ms
183ms Image
image/gif 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-81007742-1&cid=1510241284.1658780015&jid=1555649679&_u=aCDACEAARAAAAC~&z=561508185

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 20:13:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-0004cb77850b00d4aa7e1e08ff61e8f0.html Show response
vars.hotjar.com/ Frame B369 2 KB
1 KB 71ms
19ms Document
text/html 13.225.214.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1511765.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.214.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-214-103.ewr50.r.cloudfront.net

Software

Resource Hash

cbbfda74ce57788b9a3877e57fb6ccd91c2e8db043acc08b0091a4ee7509f489

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://covenantfdnlottery.smccheckout.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 885688
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 14:12:07 GMT
etag: "d2caf2e569940c65a88268a169f3facf"
last-modified: Fri, 15 Jul 2022 14:11:55 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 b4d936db4a90ac6e06d19d66ebba832e.cloudfront.net (CloudFront)
x-amz-cf-id: iKU3BnjlluS07-hL9m0ixTJLmxszlt0lE86LSJcR9KN2U-DKimW9Sw==
x-amz-cf-pop: EWR50-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 dc_pre=CODprYztlPkCFZQHaAgdbNAFHw;src=11120644;type=invmedia;cat=coven00;ord=8781195550252;gtm=2wg7k0;auiddc=968453708.1658780015;~oref=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2F... Show response
adservice.google.ca/ddm/fls/i/ Frame C212 194 B
870 B 114ms
38ms Document
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/ddm/fls/i/dc_pre=CODprYztlPkCFZQHaAgdbNAFHw;src=11120644;type=invmedia;cat=coven00;ord=8781195550252;gtm=2wg7k0;auiddc=968453708.1658780015;~oref=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2Fcovenantfoundationlottery%3Futm_source%3Dpinpointe%26utm_medium%3Demail%26utm_campaign%3Dcfl-ptb-2022%26utm_term%3Dvehicles-cta%26utm_content%3Dvehicles-1

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CODprYztlPkCFZQHaAgdbNAFHw;src=11120644;type=invmedia;cat=coven00;ord=8781195550252;gtm=2wg7k0;auiddc=968453708.1658780015;~oref=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2Fcovenantfoundationlottery%3Futm_source%3Dpinpointe%26utm_medium%3Demail%26utm_campaign%3Dcfl-ptb-2022%26utm_term%3Dvehicles-cta%26utm_content%3Dvehicles-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Jul 2022 20:13:35 GMT
expires: Mon, 25 Jul 2022 20:13:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel;r=1846984854;labels=_fp.event.Default;rf=0;a=p-EsVdUfLJ2Vz_d;url=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2Fcovenantfoundationlottery%3Futm_source%3Dpinpointe%26utm_medium%3...
pixel.quantserve.com/ 35 B
371 B 44ms
26ms Image
image/gif 2620:116:800b:21:f059:4f7e:28a9:1588
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1846984854;labels=_fp.event.Default;rf=0;a=p-EsVdUfLJ2Vz_d;url=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2Fcovenantfoundationlottery%3Futm_source%3Dpinpointe%26utm_medium%3Demail%26utm_campaign%3Dcfl-ptb-2022%26utm_term%3Dvehicles-cta%26utm_content%3Dvehicles-1;uht=2;fpan=1;fpa=P0-1565613029-1658780015214;pbc=;ns=0;ce=1;qjs=1;qv=40d1d9f5-20220725143430;cm=;gdpr=0;ref=;d=smccheckout.com;dst=0;et=1658780015214;tzo=0;ogl=title.Covenant%20Foundation%20Lottery%20%7C%20Checkout%2Cdescription.Enter%20for%20your%20chance%20to%20win%20great%20prizes%252C%20including%20the%20%242%252E1%20Million%20Dream%20Home%2Cimage.https%3A%2F%2Fcms%252Ecovenantfoundationlottery%252Eca%2Fimg%2Fassets%2Fcheckout%2Flogo%252Epng%3Fpreset%3Ddef%2Ctype.website%2Ctitle.covenantfoundationlottery%2Csite_name.covenantfoundationlottery%2Cdescription.Nuxt%20Black%20Dashboard%20PRO

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 20:13:35 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1511765/ 148 B
323 B 312ms
103ms XHR
application/json 54.195.161.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1511765/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.6a5da0d590df764ca613.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.161.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-161-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c9d4bf2b35d1dd9ac94b5f8b06e69b5b8acdc0e41d372770ecfd37eca82d61ca

Request headers

Referer: https://covenantfdnlottery.smccheckout.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 25 Jul 2022 20:13:35 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 l
use.typekit.net/af/9d5bd3/00000000000000007735a09f/30/ 18 KB
18 KB 42ms
41ms Font
application/font-woff2 2600:141b:13::17d7:82eb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/9d5bd3/00000000000000007735a09f/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/kly1usq.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82eb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6dbf8b9a2d7af12afbec3a5b89ccb42f6346348a3900ae68d3e9d8a0306b559b

Request headers

Referer: https://use.typekit.net/kly1usq.css
Origin: https://covenantfdnlottery.smccheckout.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 20:13:35 GMT
server: nginx
etag: "8945823b0bf6bdf101e76667b3e27d166991ad8d"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18492

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 40ms
19ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=461031967577155&ev=Microdata&dl=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2Fcovenantfoundationlottery%3Futm_source%3Dpinpointe%26utm_medium%3Demail%26utm_campaign%3Dcfl-ptb-2022%26utm_term%3Dvehicles-cta%26utm_content%3Dvehicles-1&rl=&if=false&ts=1658780015567&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Covenant%20Foundation%20Lottery%20%7C%20Checkout%22%2C%22meta%3Adescription%22%3A%22Enter%20for%20your%20chance%20to%20win%20great%20prizes%2C%20including%20the%20%242.1%20Million%20Dream%20Home%20%E2%80%93%20supporting%20your%20Covenant%20Health%20Grey%20Nuns%20and%20Misericordia%20Hospitals.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22covenantfoundationlottery%22%2C%22og%3Adescription%22%3A%22Nuxt%20Black%20Dashboard%20PRO%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcms.covenantfoundationlottery.ca%2Fimg%2Fassets%2Fcheckout%2Flogo.png%3Fpreset%3Ddefault%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22covenantfoundationlottery%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.66&r=stable&ec=1&o=30&fbp=fb.1.1658780015062.633527906&it=1658780014823&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 20:13:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 25 Jul 2022 20:13:35 GMT

GET
H2 200 255e790.js Show response
covenantfdnlottery.smccheckout.com/_nuxt/ 19 KB
6 KB 83ms
82ms Script
application/javascript 204.191.247.17
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL

https://covenantfdnlottery.smccheckout.com/_nuxt/255e790.js

Requested by

Host: covenantfdnlottery.smccheckout.com
URL: https://covenantfdnlottery.smccheckout.com/_nuxt/bb66233.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.191.247.17 Edmonton, Canada, ASN852 (TELUS Communications, CA),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

b447705cdcfdbe94e155fb8ee854bd07baa6b39d7ffebe6e9989ca7cc8640b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/tickets/covenantfoundationlottery?utm_source=pinpointe&utm_medium=email&utm_campaign=cfl-ptb-2022&utm_term=vehicles-cta&utm_content=vehicles-1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 20:13:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jun 2022 15:44:46 GMT
server: nginx/1.21.6
etag: W/"4c1b-181b54941b0"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 11ms
10ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2067699505&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2Fcovenantfoundationlottery%3Futm_source%3Dpinpointe%26utm_medium%3Demail%26utm_campaign%3Dcfl-ptb-2022%26utm_term%3Dvehicles-cta%26utm_content%3Dvehicles-1&ul=en-us&de=UTF-8&dt=Covenant%20Foundation%20Lottery%20%7C%20Checkout&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Content%20Consumption&ea=25&el=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2Fcovenantfoundationlottery%3Futm_source%3Dpinpointe%26utm_medium%3Demail%26utm_campaign%3Dcfl-ptb-2022%26utm_term%3Dvehicles-cta%26utm_content%3Dvehicles-1&_u=aCDACEABRAAAAC~&jid=&gjid=&cid=1510241284.1658780015&tid=UA-81007742-1&_gid=1115801538.1658780015&gtm=2wg7k0K4TBN5G&z=1973900633

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 09:38:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38086
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 12ms
12ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2067699505&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2Fcovenantfoundationlottery%3Futm_source%3Dpinpointe%26utm_medium%3Demail%26utm_campaign%3Dcfl-ptb-2022%26utm_term%3Dvehicles-cta%26utm_content%3Dvehicles-1&ul=en-us&de=UTF-8&dt=Covenant%20Foundation%20Lottery%20%7C%20Checkout&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Content%20Consumption&ea=50&el=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2Fcovenantfoundationlottery%3Futm_source%3Dpinpointe%26utm_medium%3Demail%26utm_campaign%3Dcfl-ptb-2022%26utm_term%3Dvehicles-cta%26utm_content%3Dvehicles-1&_u=aCDACEABRAAAAC~&jid=&gjid=&cid=1510241284.1658780015&tid=UA-81007742-1&_gid=1115801538.1658780015&gtm=2wg7k0K4TBN5G&z=708096027

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 09:38:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38086
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 73ms
32ms Ping
text/plain 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-N4TCKWHVSV&gtm=2oe7k0&_p=2067699505&_z=ccd.v9B&cid=1510241284.1658780015&ul=en-us&sr=1600x1200&_s=2&sid=1658780014&sct=1&seg=0&dl=https%3A%2F%2Fcovenantfdnlottery.smccheckout.com%2Ftickets%2Fcovenantfoundationlottery%3Futm_source%3Dpinpointe%26utm_medium%3Demail%26utm_campaign%3Dcfl-ptb-2022%26utm_term%3Dvehicles-cta%26utm_content%3Dvehicles-1&dt=Covenant%20Foundation%20Lottery%20%7C%20Checkout&en=scroll&epn.percent_scrolled=90&_et=62
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N4TCKWHVSV&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://covenantfdnlottery.smccheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jul 2022 20:13:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://covenantfdnlottery.smccheckout.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dreamlifelottery.win/	1970-01-20 13:32:16	Name: PPVTOK Value: eyJlbWFpbG1hcmtldGluZy56Z20ubWFuYWdlbWVudCI6IkR1MDBjYVBfUFhSUTZES19XYjFfNVZpcFB4QmoyOWNkRGd0RVpEczQwdWMifQ%3D%3D
covenantfdnlottery.smccheckout.com/	1970-01-20 13:31:56	Name: i18n_redirected Value: en
.smccheckout.com/	1970-01-20 06:55:56	Name: _gcl_au Value: 1.1.968453708.1658780015
.adnxs.com/	1970-01-20 06:55:56	Name: uuid2 Value: 1996979043898387568
.adsrvr.org/	1970-01-20 13:31:56	Name: TDID Value: 24cb61b1-a8c6-44a5-8060-9f9b41544694
.rubiconproject.com/	1970-01-20 13:31:56	Name: khaos Value: L616SJ1V-1K-JBM3
.rubiconproject.com/	1970-01-20 13:31:56	Name: audit Value: 1\|6t2jQF7cKG6GB4HZkymR5/pnwz4tGmAWIM882vZ49H4eECEUBMheijzrQV9+82M7WAmU9JV6C/0wHTRO1/p4iHX0qfg68IpFQAPcN3ARK85oRBIGush3askJfhkyBp0eyWCIEx4DqzyP3kpZiRQdza7AVS8G4Fj+hr6Mlmuw4bzREvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
.smccheckout.com/	1970-01-20 22:17:32	Name: _ga Value: GA1.2.1510241284.1658780015
.smccheckout.com/	1970-01-20 04:47:46	Name: _gid Value: GA1.2.1115801538.1658780015
.smccheckout.com/	1970-01-20 04:46:20	Name: _gat_UA-81007742-1 Value: 1
.tribalfusion.com/	1970-01-20 06:55:56	Name: ANON_ID Value: a2nrmeP3rTwCiAyPrWjMtthk6kKVVZbcox1eUB2yaB670oqPx0l1cB5YcZbl6t7pJ6KoRJ
.smccheckout.com/	1970-01-20 22:17:32	Name: _ga_N4TCKWHVSV Value: GS1.1.1658780014.1.0.1658780015.59
.smccheckout.com/	1970-01-20 06:55:56	Name: _fbp Value: fb.1.1658780015062.633527906
.facebook.com/	1970-01-20 06:55:56	Name: fr Value: 0ZPKQ5PW3yhw4hT2h..Bi3vlv...1.0.Bi3vlv.
.doubleclick.net/	1970-01-20 22:17:32	Name: IDE Value: AHWqTUkbv1hm7Tf9yIc52dLKO6DrES6esaHOjeKyucHUvguHY7a2yyxFF-cNep9aRA0
.smccheckout.com/	1970-01-20 13:31:56	Name: _hjSessionUser_1511765 Value: eyJpZCI6IjhlNDY4ZTVjLTlhNDUtNWIxMS1iYzU0LWVkMmI2NTY3M2NkYSIsImNyZWF0ZWQiOjE2NTg3ODAwMTUxOTcsImV4aXN0aW5nIjpmYWxzZX0=
.smccheckout.com/	1970-01-20 04:46:21	Name: _hjFirstSeen Value: 1
covenantfdnlottery.smccheckout.com/	1970-01-20 04:46:20	Name: _hjIncludedInSessionSample Value: 1
.smccheckout.com/	1970-01-20 04:46:21	Name: _hjSession_1511765 Value: eyJpZCI6IjBjN2MwOTc2LTlkOTQtNDM5Ni04YmVkLTAxOWE2M2E3NjQ4NiIsImNyZWF0ZWQiOjE2NTg3ODAwMTUyMTksImluU2FtcGxlIjp0cnVlfQ==
covenantfdnlottery.smccheckout.com/	1970-01-20 04:46:20	Name: _hjIncludedInPageviewSample Value: 1
.smccheckout.com/	1970-01-20 04:46:21	Name: _hjAbsoluteSessionInProgress Value: 0
.quantserve.com/	1970-01-20 14:16:34	Name: mc Value: 62def96f-3cb8c-c6fe4-d7ee4
.smccheckout.com/	1970-01-20 14:10:48	Name: __qca Value: P0-1565613029-1658780015214
.adnxs.com/	1970-01-20 06:55:56	Name: anj Value: dTM7k!M4/YE:2jUF']wIg2E?dq4dWN!]td=8i_jAf!5CO17y]i(DdKbD.Z(w>VC@08E*ccuVhs4E!>>.D$25ADb6_:!1M_ZQ_@d[
.yahoo.com/	1970-01-20 13:32:17	Name: A3 Value: d=AQABBG_53mICEPL6IGDbgEcpp4JHH-3ytigFEgEBAQFK4GLoYgAAAAAA_eMAAA&S=AQAAArUbu8oHOtZJV2WLITKztO0
.analytics.yahoo.com/	1970-01-20 13:31:56	Name: IDSYNC Value: 1769~267w
.adsrvr.org/	1970-01-20 13:31:56	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCKrA7vaFofc6EAUSFQoGZ29vZ2xlEgsIltSu-oWh9zoQBRIZCgpyaWdodG1lZGlhEgsIltSu-oWh9zoQBRIXCghhcHBuZXh1cxILCPj0l_2Fofc6EAUSFQoGY2FzYWxlEgsI-PSX_YWh9zoQBRgFIAQoATILCKq48aOcofc6EAVCDyINCAESCQoFdGllcjIQAVoHaDV5a21qc2ABcgZjYXNhbGU.
.casalemedia.com/	1970-01-20 13:31:56	Name: CMID Value: Yt75b3X1cvkRSb-Yh0UUQgAA
.casalemedia.com/	1970-01-20 06:55:56	Name: CMPS Value: 151
.casalemedia.com/	1970-01-20 06:55:56	Name: CMPRO Value: 151
.casalemedia.com/	1970-01-20 06:55:56	Name: CMTS Value: 054

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11120644.fls.doubleclick.net
a.tribalfusion.com
a4.tribalfusion.com
adservice.google.ca
adservice.google.com
analytics.google.com
api.smccheckout.com
cdn.callrail.com
cm.g.doubleclick.net
connect.facebook.net
covenantfdnlottery.smccheckout.com
dsum-sec.casalemedia.com
fonts.gstatic.com
ib.adnxs.com
in.hotjar.com
info.dreamlifelottery.win
insight.adsrvr.org
match.adsrvr.org
p.typekit.net
pixel.quantserve.com
pixel.rubiconproject.com
rules.quantcount.com
s.tribalfusion.com
script.hotjar.com
secure.adnxs.com
secure.quantserve.com
static.hotjar.com
stats.g.doubleclick.net
t.us1.dyntrk.com
ups.analytics.yahoo.com
use.typekit.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
104.18.19.126
104.18.32.107
13.225.214.103
13.225.214.74
142.250.65.166
142.251.40.194
199.127.241.136
2001:4860:4802:34::178
204.191.247.17
2600:141b:13::17d7:82e3
2600:141b:13::17d7:82eb
2600:9000:21dd:c400:6:44e3:f8c0:93a1
2606:4700:4400::ac40:98f5
2607:f8b0:4004:c07::9c
2607:f8b0:4006:807::2004
2607:f8b0:4006:809::200e
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80b::2008
2607:f8b0:4006:80c::2003
2607:f8b0:4006:817::2003
2607:f8b0:4006:81d::200e
2607:f8b0:4006:824::2002
2620:116:800b:21:f059:4f7e:28a9:1588
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
3.218.90.66
35.71.131.137
51.161.118.84
52.1.151.185
54.195.161.48
54.230.163.28
68.67.161.205
68.67.161.208
69.173.151.100
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11d069f9db41cf408ee2004ff4e67f7d748144c3ab0c5b7c96dfed43e41f97e0
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2d264c289ca3711d95a923e7f006918e7a66f5d57007c52e78b377079ae8134e
336e41cee9ab0692e738f5aacc87dadde0be420e45c1448d8a3f9ad3e616ce61
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
475aadca34b49b1d1ced911f05577b6c14a1b83d1740f6883ad9cb545e9cbb7c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5414d5c9cacbb3bc9cc17bfa8ab96efc5277437732e262c4a1a3226408835b22
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6dbf8b9a2d7af12afbec3a5b89ccb42f6346348a3900ae68d3e9d8a0306b559b
7dccd00694ed611b12cada56e49500ba03af6295e40674b8d066ff67f3cc6bf3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8aa8cfc14611a3a3234f5d867f1649b13c41cd23910305c32f818063cb1bbb6a
8e5ef35b69159ce8178c50a7c06914b6c33d354ecdb79b555653335d6886b405
9adf6b92ef3df96b7f6e4f268382cff99fbdd051e535a16042204b6606a04735
9bd92eab8efa1f750a1a48d1071d02749fe988184d6825073c08c9194ea21692
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
ae31d2c42bca396f9ad140594890b16f599b6cd8f36c809adac8ebd5eb45b2e5
b118475aec74bcf13fb68afdb2f033609ed2c740e791fb0b17454fd333d8fb4d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b31a6df4a3b84a0ddf94049577dc2387a4beb73a9893d231a491284c32bc7bc9
b447705cdcfdbe94e155fb8ee854bd07baa6b39d7ffebe6e9989ca7cc8640b89
be45d4259f8c2f5a126654f20df9a4f0e2688d6ed4e26bea61d2343eee81c2b8
c66d958420c0803f83dc022f4355a9271d985552247efa6a704bb78b21211cf4
c9d4bf2b35d1dd9ac94b5f8b06e69b5b8acdc0e41d372770ecfd37eca82d61ca
cbbfda74ce57788b9a3877e57fb6ccd91c2e8db043acc08b0091a4ee7509f489
d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b
d316660d86b26a32a5e49bf0387b814cab56781a0ae1862ad7edd33040bcfa26
d60f6f17937b8ed0a18321076438f53d6bb0d62879d42d3832bd50aa7e91e18d
d681ed65ede595229a0c3d9d0d2bfd33d08b2ead03f895d5eb3d42b555b41dda
d9c90a8347382aa89b4ce05bcb49f01f4fab13696f74232cfba97905f127e680
da51889af17b5240612543e6deeefa1d4cae4efac218a90dc67f07a3e31fe39b
dcd491b60be368edc3293109ea1dece3cce902566e339e3cac93bf370f52535d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df41ab0a0a6357d0989d2c345a410a6aed9915bf9d6ed647f092f94ef7252365
e100457720a0c4450589c32afbf9c79e22e838745cdc556aa0eb89459485b199
e188004f0a39aabe846e187d7aedb30407c55e6d567c3317ae9566313dc58100
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec37c701f8208374bb81964220b571467cedeb2184bb829add5638f1a4afa96f
eea54a25d415f4abf48a1e89d7a6d9211b65986bb081de9ad324dcbb103db9b8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1623c971db0db2b388998de397f9705778141f903b0cfc30f5e76d0ae2cd0bc
f5749705ab19c05da285a8137e95724f532cde04de928185b07f0c8747b9e305
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f92b9f83ac6cbbe32bd3630995ec55bacc612acc3ecc4586a6a02af687e3f42a

covenantfdnlottery.smccheckout.com Open in urlscan Pro 204.191.247.17 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

95 %HTTPS

50 %IPv6

23 Domains

39 Subdomains

27 IPs

4 Countries

1941 kBTransfer

4601 kBSize

31 Cookies

2 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

covenantfdnlottery.smccheckout.com Open in urlscan Pro
204.191.247.17 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

95 %
HTTPS

50 %
IPv6

23
Domains

39
Subdomains

27
IPs

4
Countries

1941 kB
Transfer

4601 kB
Size

31
Cookies

62 HTTP transactions
0 data transactions