urlscan.io logo urlscan.io
SecurityTrails logo

www.lottolore.com Open in urlscan Pro
216.251.32.98  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.lottolore.com/ontar49.html
Submission: On September 04 via api from ZA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 15 domains to perform 109 HTTP transactions. The main IP is 216.251.32.98, located in Canada and belongs to INFB-AS, CA. The main domain is www.lottolore.com.
This is the only time www.lottolore.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 216.251.32.98 14116 (INFB-AS)
26 172.217.13.98 15169 (GOOGLE)
1 217.147.127.42 201071 (VISL-IE)
2 66.175.41.113 30447 (INFB2-AS)
3 52.46.135.132 16509 (AMAZON-02)
4 4 44.215.118.203 14618 (AMAZON-AES)
1 20 172.217.13.162 15169 (GOOGLE)
3 23.46.156.47 20940 (AKAMAI-ASN1)
4 52.94.237.66 16509 (AMAZON-02)
4 18.165.3.209 16509 (AMAZON-02)
1 172.217.13.130 15169 (GOOGLE)
13 34.149.135.28 396982 (GOOGLE-CL...)
18 142.250.65.161 15169 (GOOGLE)
10 104.26.3.190 13335 (CLOUDFLAR...)
1 172.217.13.195 15169 (GOOGLE)
1 172.217.13.196 15169 (GOOGLE)
109 16
3    216.251.32.98 (Canada)

ASN14116 (INFB-AS, CA)
PTR: hosting.megawebservers.com
www.lottolore.com
26    172.217.13.98 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f2.1e100.net
pagead2.googlesyndication.com
www.googleadservices.com
1    217.147.127.42 (Gibraltar)

ASN201071 (VISL-IE, GI)
PTR: www.aff-tech.net
ic.aff-handler.com
2    66.175.41.113 (Canada)

ASN30447 (INFB2-AS, CA)
PTR: wiredminds.carrierzone.com
count.carrierzone.com
3    52.46.135.132 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
ws-na.amazon-adsystem.com
ws-na.assoc-amazon.com
4    44.215.118.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-118-203.compute-1.amazonaws.com
rcm-na.amazon-adsystem.com
20    172.217.13.162 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f2.1e100.net
googleads.g.doubleclick.net
www.googletagservices.com
3    23.46.156.47 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-46-156-47.deploy.static.akamaitechnologies.com
images-na.ssl-images-amazon.com
m.media-amazon.com
4    52.94.237.66 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
fls-na.amazon-adsystem.com
4    18.165.3.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-3-209.pit50.r.cloudfront.net
wms-na.amazon-adsystem.com
1    172.217.13.130 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f2.1e100.net
partner.googleadservices.com
13    34.149.135.28 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 28.135.149.34.bc.googleusercontent.com
g.bidbrain.app
18    142.250.65.161 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f1.1e100.net
tpc.googlesyndication.com
10    104.26.3.190 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.rtbrain.app
1    172.217.13.195 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f3.1e100.net
www.gstatic.com
1    172.217.13.196 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
42 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
434 KB
14 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
303 KB
13 bidbrain.app
g.bidbrain.app — Cisco Umbrella Rank: 27385
621 B
13 amazon-adsystem.com
ws-na.amazon-adsystem.com — Cisco Umbrella Rank: 18834
rcm-na.amazon-adsystem.com — Cisco Umbrella Rank: 30413
fls-na.amazon-adsystem.com — Cisco Umbrella Rank: 7882
wms-na.amazon-adsystem.com — Cisco Umbrella Rank: 27104
54 KB
10 rtbrain.app
cdn.rtbrain.app — Cisco Umbrella Rank: 10937
2 MB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 214
339 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1104
www.googleadservices.com — Cisco Umbrella Rank: 149
602 B
3 lottolore.com
www.lottolore.com
9 KB
2 media-amazon.com
m.media-amazon.com — Cisco Umbrella Rank: 545
6 KB
2 assoc-amazon.com
ws-na.assoc-amazon.com — Cisco Umbrella Rank: 27482
29 KB
2 carrierzone.com
count.carrierzone.com — Cisco Umbrella Rank: 96557
36 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 gstatic.com
www.gstatic.com
15 KB
1 ssl-images-amazon.com
images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 863
2 KB
1 aff-handler.com
ic.aff-handler.com — Cisco Umbrella Rank: 494107
23 KB
109 15
Domain Requested by
24 pagead2.googlesyndication.com www.lottolore.com
pagead2.googlesyndication.com
www.googletagservices.com
tpc.googlesyndication.com
18 tpc.googlesyndication.com googleads.g.doubleclick.net
www.lottolore.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
14 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.lottolore.com
13 g.bidbrain.app googleads.g.doubleclick.net
www.lottolore.com
10 cdn.rtbrain.app googleads.g.doubleclick.net
6 www.googletagservices.com googleads.g.doubleclick.net
4 wms-na.amazon-adsystem.com ws-na.assoc-amazon.com
4 fls-na.amazon-adsystem.com ws-na.amazon-adsystem.com
ws-na.assoc-amazon.com
4 rcm-na.amazon-adsystem.com 4 redirects
3 www.lottolore.com www.lottolore.com
2 www.googleadservices.com www.lottolore.com
2 m.media-amazon.com ws-na.assoc-amazon.com
2 ws-na.assoc-amazon.com www.lottolore.com
2 count.carrierzone.com www.lottolore.com
1 www.google.com tpc.googlesyndication.com
1 www.gstatic.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 images-na.ssl-images-amazon.com ws-na.amazon-adsystem.com
1 ws-na.amazon-adsystem.com www.lottolore.com
1 ic.aff-handler.com www.lottolore.com
109 20

This site contains links to these domains. Also see Links.

Domain
www.giantlottos.com
ic.aff-handler.com
Subject Issuer Validity Valid
safe-installation.com
Thawte TLS RSA CA G1		 2023-06-06 -
2024-06-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.carrierzone.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-29 -
2024-06-28		 a year crt.sh
ws-na.assoc-amazon.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-01-21		 10 months crt.sh
m.media-amazon.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-29 -
2024-08-28		 a year crt.sh
wms-na.assoc-amazon.com
Amazon RSA 2048 M01		 2023-03-21 -
2024-01-14		 10 months crt.sh
fls-na.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-08 -
2024-03-07		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.bidbrain.app
R3		 2023-08-30 -
2023-11-28		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
rtbrain.app
Cloudflare Inc ECC CA-3		 2022-11-18 -
2023-11-18		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh

This page contains 15 frames:

Primary Page: http://www.lottolore.com/ontar49.html
Frame ID: 7D928D57705BB3F3680E2A1319F41389
Requests: 23 HTTP requests in this frame

Frame: http://ws-na.amazon-adsystem.com/widgets/cm?o=15&p=40&l=ur1&category=amazonhomepage&f=ifr&linkID=c77fb09888c868ac3e09517024bc738c&t=lottolore-20&tracking_id=lottolore-20
Frame ID: 3F4706BC2283ED6FD4E6391C4477F855
Requests: 4 HTTP requests in this frame

Frame: https://ws-na.assoc-amazon.com/widgets/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B00KWBSDYC&linkId=af66f7d558e802c6234d1855dc875b23
Frame ID: A61CA651528A8A734F4C9ACB118EAA3A
Requests: 5 HTTP requests in this frame

Frame: https://ws-na.assoc-amazon.com/widgets/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B071NHHWCN&linkId=7de144e5ae1243b0b4e77ba3c0727721
Frame ID: E12CDBA794AF9C92B89AD05D6303F55E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/zrt_lookup.html
Frame ID: 2A371E031C856552921C8C33750B64E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&adk=1812271804&adf=3025194257&lmt=1693741962&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&ea=0&pra=5&wgl=1&easpi=1&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1693789883995&bpp=3&bdt=139&idt=257&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4190839710619&frm=20&pv=2&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=280
Frame ID: D975CBF99ED7BC2833EA41569A7DCF78
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=90&slotname=2032194561&adk=597357111&adf=3091200385&pi=t.ma~as.2032194561&w=728&lmt=1693741962&format=728x90&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789883998&bpp=1&bdt=142&idt=286&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=FVuCTEcB0S&p=http%3A//www.lottolore.com&dtd=292
Frame ID: 5A7BC40C581D2710708F6855916C0D5D
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=60&slotname=3883624712&adk=3438795909&adf=4283936622&pi=t.ma~as.3883624712&w=468&lmt=1693741962&format=468x60&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789883999&bpp=1&bdt=143&idt=294&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=bbHYSsQRe0&p=http%3A//www.lottolore.com&dtd=297
Frame ID: 0EB40CC8AE391798A3E0CA0A3E8530E6
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=600&slotname=6113378365&adk=4060815285&adf=1600584185&pi=t.ma~as.6113378365&w=120&lmt=1693741962&format=120x600&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789884000&bpp=1&bdt=144&idt=300&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C468x60&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1062&ady=431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=r0G1WDyrqm&p=http%3A//www.lottolore.com&dtd=303
Frame ID: B087607B5A1B3B3124CF8869873F865B
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/zrt_lookup.html?fsb=1
Frame ID: F77EB7894BEC741B423AD817BD38EBCF
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/zrt_lookup.html?fsb=1
Frame ID: 305E7688E12753E0AB18FA004629B0CB
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/zrt_lookup.html?fsb=1
Frame ID: A91A77985BDB67BB18CD021809296167
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
Frame ID: BCB9E61705E7C1ACE28FB20A0BCC7F23
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A290C76DC98957BA3F0EF3C555386CEF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6C370D1B3A3FF5DC365FED2CC3A7D4C6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Latest Ontario 49 winning numbers from Lotto Lore

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

109
Requests

92 %
HTTPS

0 %
IPv6

15
Domains

20
Subdomains

16
IPs

4
Countries

2845 kB
Transfer

5011 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://rcm-na.amazon-adsystem.com/e/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B00KWBSDYC&linkId=af66f7d558e802c6234d1855dc875b23 HTTP 301
  • https://rcm-na.amazon-adsystem.com/e/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B00KWBSDYC&linkId=af66f7d558e802c6234d1855dc875b23 HTTP 302
  • https://ws-na.assoc-amazon.com/widgets/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B00KWBSDYC&linkId=af66f7d558e802c6234d1855dc875b23
Request Chain 8
  • http://rcm-na.amazon-adsystem.com/e/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B071NHHWCN&linkId=7de144e5ae1243b0b4e77ba3c0727721 HTTP 301
  • https://rcm-na.amazon-adsystem.com/e/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B071NHHWCN&linkId=7de144e5ae1243b0b4e77ba3c0727721 HTTP 302
  • https://ws-na.assoc-amazon.com/widgets/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B071NHHWCN&linkId=7de144e5ae1243b0b4e77ba3c0727721
Request Chain 93
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CtOhVvC71ZPXCE7nO0_wPvZWm2AW64cjjcvj2qO7_EJz-j9DpMBABIIe4-gFg_aCZgegDoAHp_fXPA8gBAagDAcgDywSqBPoBT9DOlQR6sbgLzLFN97z-fCOm-9E41NrcRwqvySXMVNBjnc2m7LKowDNhD0aWzL1jyrfrq_oiXPnbPHdlAWMK-r-nRNop-N9n7eGd-t6T-JtHm5cZZzDBsHXEw7MojIPOWArt3a_exm3zP9_h2UJ3_kDFgwOgrBqGtAnMIlfGsnBB4PyDn-AJV_tfM9Pj_YIiK1LDOIR0QKLLvuU70awabT_aRYcpS04EarMaQdf9xeKpnldazybHFjLjXMnc-MO9r7uBtR97SP4W1GCTi7LUg4fVlFmB_veSltuK0MFaOqT06zi_r1UnQeYzfx7314y4mvhOTCV4rzQf5cAEhIPdnKUEiAXrmafKSZIFBAgEGAGSBQQIBRgEoAYCgAe2_bqKA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEN6ZFtIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgk7aHR0cHM6Ly9zZWFyY2hmYXZvcml0ZXMubmV0L2luZGV4LnBocD9yZ2lkPTUxMTEyOSZzdWI9Z2NsaWSACgHICwHaDBEKCxDgrc2n6saHq4kBEgIBA9gTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi00MDQ5NDAwMzcyNzUyNjc4GAA&sigh=TJBlFjDtBL8&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWSa2oK12wtdvxK0EGBJ8roEbyWe2LyxgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x615a870c86b9cdd60000000000000000%22,%222%22:%220x17e4120bebaa69150000000000000000%22,%223%22:%220x830ed6d6fda36a3c0000000000000000%22,%224%22:%220x297eb5dcba6f84420000000000000000%22,%225%22:%220x1aca286919525fbc0000000000000000%22},%22debug_key%22:%227352524431766058572%22,%22debug_reporting%22:true,%22destination%22:%22https://searchfavorites.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%224%22:[%2209-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216557585382705865761%22}&andc=true

109 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ontar49.html
www.lottolore.com/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.lottolore.com/ontar49.html
Protocol
HTTP/1.1
Server
216.251.32.98 , Canada, ASN14116 (INFB-AS, CA),
Reverse DNS
hosting.megawebservers.com
Software
/
Resource Hash
537c71e1c20a3fe495d0b462ce47b885ee02a07f5d5164cc1dcda29a5d7322e1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=315360000
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 04 Sep 2023 01:11:23 GMT
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified
Sun, 03 Sep 2023 04:52:42 GMT
Transfer-Encoding
chunked
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
HTTP/1.1
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a8dde9fe9739159f5f534b84f47713f793b6ba279cca3e95b14ddf97b48a9fa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.lottolore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 01:11:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
54067
X-XSS-Protection
0
Server
cafe
ETag
8160263981586555156
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600
Timing-Allow-Origin
*
Expires
Mon, 04 Sep 2023 01:11:23 GMT
lorelogo.gif
www.lottolore.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.lottolore.com/lorelogo.gif
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
HTTP/1.1
Server
216.251.32.98 , Canada, ASN14116 (INFB-AS, CA),
Reverse DNS
hosting.megawebservers.com
Software
/
Resource Hash
a011990e765194136203d27da85782e816307dc0aad8cb3deb4518050ebf1866

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.lottolore.com/ontar49.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 01:11:23 GMT
Last-Modified
Tue, 04 Nov 2014 19:28:52 GMT
ETag
"f04-5070d79326631"
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3844
Expires
Thu, 31 Dec 2037 23:55:55 GMT
linkgif.gif
www.lottolore.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.lottolore.com/linkgif.gif
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
HTTP/1.1
Server
216.251.32.98 , Canada, ASN14116 (INFB-AS, CA),
Reverse DNS
hosting.megawebservers.com
Software
/
Resource Hash
0daff1f5463a19bc137fea655529bf74b3085efcf0d664d1261252ca37df2628

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.lottolore.com/ontar49.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 01:11:26 GMT
Last-Modified
Tue, 04 Nov 2014 19:29:04 GMT
ETag
"55c-5070d79e973c3"
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1372
Expires
Thu, 31 Dec 2037 23:55:55 GMT
44990
ic.aff-handler.com/I/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.aff-handler.com/I/44990?sr=866205&anid=
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.147.127.42 , Gibraltar, ASN201071 (VISL-IE, GI),
Reverse DNS
www.aff-tech.net
Software
/
Resource Hash
d14a56dbdacb54a03a3e185b7f20c4d99e51bc514fdfae42767b6765e65418c0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.lottolore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 01:11:24 GMT
X-AspNetMvc-Version
4.0
Server
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
srv
1231321
Content-Length
23662
Expires
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4049400372752678
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
50aa45b57bdb172cb34866964496d6f2db7b379cf6e8001a7dd91d4992f89068
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lottolore.com/
Origin
http://www.lottolore.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50947
x-xss-protection
0
server
cafe
etag
15780262313270346527
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 01:11:23 GMT
count.js
count.carrierzone.com/app/count_server/ 		35 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://count.carrierzone.com/app/count_server/count.js
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.175.41.113 , Canada, ASN30447 (INFB2-AS, CA),
Reverse DNS
wiredminds.carrierzone.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f418e6b5416f03cbc22b24f481582e2d55ee0f7ca6989c562b59f12c9229214e

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.lottolore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 01:11:16 GMT
Last-Modified
Fri, 08 Jun 2012 10:17:02 GMT
Server
Apache/2.2.15 (CentOS)
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
36029
cm
ws-na.amazon-adsystem.com/widgets/ Frame 3F47 		45 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ws-na.amazon-adsystem.com/widgets/cm?o=15&p=40&l=ur1&category=amazonhomepage&f=ifr&linkID=c77fb09888c868ac3e09517024bc738c&t=lottolore-20&tracking_id=lottolore-20
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
HTTP/1.1
Server
52.46.135.132 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
081ac21be6e96b215ed8048da21bcf6949af932420dad9a3d17b7c1e901307ef

Request headers

Referer
http://www.lottolore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
must-revalidate
Connection
close
Content-Length
46075
Content-Type
text/html;charset=UTF-8
Date
Mon, 04 Sep 2023 01:11:23 GMT
Expires
-1
Pragma
no-cache
Server
Server
Vary
User-Agent
charset
UTF-8
cm
ws-na.assoc-amazon.com/widgets/ Frame A61C
Redirect Chain
  • http://rcm-na.amazon-adsystem.com/e/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B00KWBSDYC&lin...
  • https://rcm-na.amazon-adsystem.com/e/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B00KWBSDYC&li...
  • https://ws-na.assoc-amazon.com/widgets/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B00KWBSDYC&...
14 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ws-na.assoc-amazon.com/widgets/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B00KWBSDYC&linkId=af66f7d558e802c6234d1855dc875b23
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.135.132 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
bdb14b4fa1ee72675b6cc19afe8411964ef2335a3b148c40d8d0b749a730f2cc

Request headers

Referer
http://www.lottolore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
must-revalidate
Connection
close
Content-Length
14644
Content-Type
text/html;charset=UTF-8
Date
Mon, 04 Sep 2023 01:11:24 GMT
Expires
-1
Pragma
no-cache
Server
Server
Vary
User-Agent
charset
UTF-8

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 04 Sep 2023 01:11:24 GMT
Location
https://ws-na.assoc-amazon.com/widgets/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B00KWBSDYC&linkId=af66f7d558e802c6234d1855dc875b23
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
4JJSCE44X92CXYYE4R1K
cm
ws-na.assoc-amazon.com/widgets/ Frame E12C
Redirect Chain
  • http://rcm-na.amazon-adsystem.com/e/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B071NHHWCN&lin...
  • https://rcm-na.amazon-adsystem.com/e/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B071NHHWCN&li...
  • https://ws-na.assoc-amazon.com/widgets/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B071NHHWCN&...
14 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ws-na.assoc-amazon.com/widgets/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B071NHHWCN&linkId=7de144e5ae1243b0b4e77ba3c0727721
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.135.132 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c2d0968f40bd1e6e4a5321415768c334c515e64e1333925fe5056060deb2e149

Request headers

Referer
http://www.lottolore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
must-revalidate
Connection
close
Content-Length
14542
Content-Type
text/html;charset=UTF-8
Date
Mon, 04 Sep 2023 01:11:24 GMT
Expires
-1
Pragma
no-cache
Server
Server
Vary
User-Agent
charset
UTF-8

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 04 Sep 2023 01:11:24 GMT
Location
https://ws-na.assoc-amazon.com/widgets/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B071NHHWCN&linkId=7de144e5ae1243b0b4e77ba3c0727721
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
FFARQHGBHNKGPD24PSJR
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/ 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
09773b164a8cbf0d6e76b0f93eb985539a1a2a7257600f05901c5ffe7942632f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.lottolore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133293
x-xss-protection
0
server
cafe
etag
14034281897042170355
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 01:11:24 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/ Frame 2A37 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lottolore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
37185
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 14:51:39 GMT
etag
9878862242593084568
expires
Sun, 17 Sep 2023 14:51:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=false&host_v=false&frequency=0.01&eid=44759875%2C44759926%2C44759837%2C44798934%2C20222283
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.lottolore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=predictive_abg&a_c=ca-pub-4049400372752678&p_c=ca-pub-4049400372752678&b_v=r20230830&eid=44759875%2C44759926%2C44759837%2C44798934%2C20222283
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.lottolore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca_banner_logow_120x60.gif
images-na.ssl-images-amazon.com/images/G/15/associates/2011/banners/ Frame 3F47 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-na.ssl-images-amazon.com/images/G/15/associates/2011/banners/ca_banner_logow_120x60.gif
Requested by
Host: ws-na.amazon-adsystem.com
URL: http://ws-na.amazon-adsystem.com/widgets/cm?o=15&p=40&l=ur1&category=amazonhomepage&f=ifr&linkID=c77fb09888c868ac3e09517024bc738c&t=lottolore-20&tracking_id=lottolore-20
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.156.47 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-46-156-47.deploy.static.akamaitechnologies.com
Software
Server /
Resource Hash
b71c4907db3c2f5a1f932c7a4ff0f95fd08675820fe28f0e0abd2efd8e4b1d59

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://ws-na.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:24 GMT
akamai-cache-status
Miss from child, Hit from parent
akamai-grn
0.2f972e17.1693789884.255557c4
x-cache
Hit from akamai
x-nginx-cache-status
HIT
server-timing
provider;desc="ak"
content-length
1153
surrogate-key
x-cache-617 /images/G/15/associates/2011/banners/ca_banner_logow_120x60
last-modified
Fri, 11 Feb 2011 00:31:30 GMT
server
Server
content-type
image/gif
access-control-allow-origin
*
peer-cache
Hit
cache-control
public, max-age=86400
x-amz-ir-id
95de8630-2b07-41b9-aeb8-28d5f89daad5
accept-ranges
bytes
timing-allow-origin
http://ws-na.amazon-adsystem.com/
expires
Tue, 05 Sep 2023 01:11:24 GMT
json
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame 3F47 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1693789884051&logType=banner_impressions&p=%7B%22mobile_supported%22%3A%22true%22%2C%22action%22%3A%22onload%22%2C%22adunit_type%22%3A%22banners%22%2C%22adunit_properties%22%3A%7B%22height%22%3A%22%24%7Bheight%7D%22%2C%22width%22%3A%22%24%7Bwidth%7D%22%2C%22category%22%3A%22%24%7Bcampaigns%7D%22%2C%22marketplace%22%3A%22amazon%22%2C%22link_id%22%3A%22%24%7Blinkid%7D%22%2C%22region%22%3A%22CA%22%7D%2C%22logType%22%3A%22banner_impressions%22%7D
Requested by
Host: ws-na.amazon-adsystem.com
URL: http://ws-na.amazon-adsystem.com/widgets/cm?o=15&p=40&l=ur1&category=amazonhomepage&f=ifr&linkID=c77fb09888c868ac3e09517024bc738c&t=lottolore-20&tracking_id=lottolore-20
Protocol
HTTP/1.1
Server
52.94.237.66 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://ws-na.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 01:11:23 GMT
x-amzn-RequestId
c38c7a2b-2eea-4e56-8787-19a0623cb012
Content-Length
43
Content-Type
image/gif
/
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/ Frame 3F47 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/?cb=1693789884051&p=%7B%22program%22%3A%2215%22%2C%22tag%22%3A%22lottolore-20%22%2C%22linkCode%22%3A%22ur1%22%2C%22refUrl%22%3A%22http%3A%2F%2Fwww.lottolore.com%2F%22%2C%22panda%22%3Atrue%7D
Requested by
Host: ws-na.amazon-adsystem.com
URL: http://ws-na.amazon-adsystem.com/widgets/cm?o=15&p=40&l=ur1&category=amazonhomepage&f=ifr&linkID=c77fb09888c868ac3e09517024bc738c&t=lottolore-20&tracking_id=lottolore-20
Protocol
HTTP/1.1
Server
52.94.237.66 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://ws-na.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 01:11:23 GMT
x-amzn-RequestId
849912af-c19d-4ac2-9ff9-0b7a60330720
Content-Length
43
Content-Type
image/gif
a-logo-amazon.png
wms-na.amazon-adsystem.com/panda/20070822/CA/img/ Frame A61C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wms-na.amazon-adsystem.com/panda/20070822/CA/img/a-logo-amazon.png
Requested by
Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B00KWBSDYC&linkId=af66f7d558e802c6234d1855dc875b23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.3.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-3-209.pit50.r.cloudfront.net
Software
Server /
Resource Hash
8c88fd6d4fa548972cc8ca15773c65498a1656f5eac257bdd4fea020721de8ea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ws-na.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 08:33:43 GMT
via
1.1 6e0534026c8ccca1223c4e9932ce0e6e.cloudfront.net (CloudFront)
last-modified
Tue, 25 Jul 2023 22:26:10 GMT
server
Server
x-amz-cf-pop
PIT50-P1
age
232661
etag
"6d3-6015737d334a5"
x-cache
Hit from cloudfront
content-type
image/png
charset
UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1747
x-amz-cf-id
2KH9qbMNmGoyFIP5A2mJJO04C6t63E7336FWLCPReM7TBmlfVbbamw==
expires
Fri, 08 Sep 2023 08:33:43 GMT
41MylbQj7xS._AC_AC_SR98,95_.jpg
m.media-amazon.com/images/I/ Frame A61C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/41MylbQj7xS._AC_AC_SR98,95_.jpg
Requested by
Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B00KWBSDYC&linkId=af66f7d558e802c6234d1855dc875b23
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.156.47 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-46-156-47.deploy.static.akamaitechnologies.com
Software
Server /
Resource Hash
40315b18ee409516c2e78b29789a31c4b9a3c077815b64d65955eeb85a02601d
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ws-na.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:24 GMT
strict-transport-security
max-age=86400
akamai-cache-status
Miss from child, Hit from parent
akamai-grn
0.2f972e17.1693789884.255557f3
x-cache
Hit from akamai
x-nginx-cache-status
MISS
server-timing
provider;desc="ak"
content-length
1991
surrogate-key
x-cache-580 /images/I/41MylbQj7xS
last-modified
Tue, 08 Jun 2021 21:37:10 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
peer-cache
Hit
cache-control
public, max-age=630720000
x-amz-ir-id
184f918b-b566-4f98-a9a1-440974adee83
accept-ranges
bytes
timing-allow-origin
https://ws-na.assoc-amazon.com/
expires
Sun, 30 Aug 2043 01:11:24 GMT
json
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame A61C 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1693789884238&p=%7B%22program%22%3A%2215%22%2C%22linkCode%22%3A%22w00%22%2C%22panda%22%3Atrue%2C%22tag%22%3A%22lottolore-20%22%2C%22refUrl%22%3A%22http%3A%2F%2Fwww.lottolore.com%2F%22%7D
Requested by
Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B00KWBSDYC&linkId=af66f7d558e802c6234d1855dc875b23
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.94.237.66 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ws-na.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 01:11:24 GMT
x-amzn-RequestId
8a0bbb6d-2ebe-4b39-a852-7e5bc4270b97
Content-Length
43
Content-Type
image/gif
cart.gif
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame A61C 		341 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wms-na.amazon-adsystem.com/panda/20070822/US/img/cart.gif
Requested by
Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B00KWBSDYC&linkId=af66f7d558e802c6234d1855dc875b23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.3.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-3-209.pit50.r.cloudfront.net
Software
Server /
Resource Hash
6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ws-na.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 05:45:34 GMT
via
1.1 6e0534026c8ccca1223c4e9932ce0e6e.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 20:18:29 GMT
server
Server
x-amz-cf-pop
PIT50-P1
age
933950
etag
"155-60104f7cd59ff"
x-cache
Hit from cloudfront
content-type
image/gif
charset
UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
content-length
341
x-amz-cf-id
XUKtLETMDthbcXy3gGh3vvuAsnf9KdMv_Wn2lWUGjHrQtHqqUA3QzA==
expires
Thu, 31 Aug 2023 05:45:34 GMT
a-logo-amazon.png
wms-na.amazon-adsystem.com/panda/20070822/CA/img/ Frame E12C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wms-na.amazon-adsystem.com/panda/20070822/CA/img/a-logo-amazon.png
Requested by
Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B071NHHWCN&linkId=7de144e5ae1243b0b4e77ba3c0727721
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.3.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-3-209.pit50.r.cloudfront.net
Software
Server /
Resource Hash
8c88fd6d4fa548972cc8ca15773c65498a1656f5eac257bdd4fea020721de8ea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ws-na.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 08:33:43 GMT
via
1.1 6e0534026c8ccca1223c4e9932ce0e6e.cloudfront.net (CloudFront)
last-modified
Tue, 25 Jul 2023 22:26:10 GMT
server
Server
x-amz-cf-pop
PIT50-P1
age
232661
etag
"6d3-6015737d334a5"
x-cache
Hit from cloudfront
content-type
image/png
charset
UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1747
x-amz-cf-id
BiguCBshh8w9hE8TWD-firtr7SR-gG2zcXCMyo8Lo4l0h7L67kZOcg==
expires
Fri, 08 Sep 2023 08:33:43 GMT
41Ld6oZWIOL._AC_AC_SR98,95_.jpg
m.media-amazon.com/images/I/ Frame E12C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/I/41Ld6oZWIOL._AC_AC_SR98,95_.jpg
Requested by
Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B071NHHWCN&linkId=7de144e5ae1243b0b4e77ba3c0727721
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.156.47 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-46-156-47.deploy.static.akamaitechnologies.com
Software
Server /
Resource Hash
31b1f6cd975416e6c7822434d67be99cbfb72bbf2d6657168f0331858dad9641
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ws-na.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:24 GMT
strict-transport-security
max-age=86400
akamai-cache-status
Miss from child, Hit from parent
akamai-grn
0.2f972e17.1693789884.255557f7
x-cache
Hit from akamai
x-nginx-cache-status
MISS
server-timing
provider;desc="ak"
content-length
3032
surrogate-key
x-cache-351 /images/I/41Ld6oZWIOL
last-modified
Wed, 19 Oct 2022 10:23:02 GMT
server
Server
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=630720000
x-amz-ir-id
124145d9-5d68-4b7e-bce8-aaa17d392d43
accept-ranges
bytes
timing-allow-origin
https://ws-na.assoc-amazon.com/
expires
Sun, 30 Aug 2043 01:11:24 GMT
json
fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame E12C 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1693789884246&p=%7B%22program%22%3A%2215%22%2C%22linkCode%22%3A%22w00%22%2C%22panda%22%3Atrue%2C%22tag%22%3A%22lottolore-20%22%2C%22refUrl%22%3A%22http%3A%2F%2Fwww.lottolore.com%2F%22%7D
Requested by
Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B071NHHWCN&linkId=7de144e5ae1243b0b4e77ba3c0727721
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.94.237.66 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ws-na.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 01:11:24 GMT
x-amzn-RequestId
c66a721f-01e6-4ea0-964d-974e3869e593
Content-Length
43
Content-Type
image/gif
cart.gif
wms-na.amazon-adsystem.com/panda/20070822/US/img/ Frame E12C 		341 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wms-na.amazon-adsystem.com/panda/20070822/US/img/cart.gif
Requested by
Host: ws-na.assoc-amazon.com
URL: https://ws-na.assoc-amazon.com/widgets/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=lottolore-20&language=en_CA&o=15&p=8&l=as4&m=amazon&f=ifr&ref=as_ss_li_til&asins=B071NHHWCN&linkId=7de144e5ae1243b0b4e77ba3c0727721
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.3.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-3-209.pit50.r.cloudfront.net
Software
Server /
Resource Hash
6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ws-na.assoc-amazon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 05:45:34 GMT
via
1.1 6e0534026c8ccca1223c4e9932ce0e6e.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 20:18:29 GMT
server
Server
x-amz-cf-pop
PIT50-P1
age
933950
etag
"155-60104f7cd59ff"
x-cache
Hit from cloudfront
content-type
image/gif
charset
UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
content-length
341
x-amz-cf-id
OrKzXXrsKqHJg01jJFkkUXpLXvUx4IxN6sEFU43H8NPw5wQOJvyd0Q==
expires
Thu, 31 Aug 2023 05:45:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=abg_host&host=www.lottolore.com&eid=44759875%2C44759926%2C44759837%2C44798934%2C20222283
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.lottolore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=2&tms=200&eid=44759875%2C44759926%2C44759837%2C44798934%2C20222283
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.lottolore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		393 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.lottolore.com&callback=_gfp_s_&client=ca-pub-4049400372752678
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
402d827b85f487a06519910ca2de42f3be3636db4ab95cd3be59b875481c67f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.lottolore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
251
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D975 		511 KB
127 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&adk=1812271804&adf=3025194257&lmt=1693741962&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&ea=0&pra=5&wgl=1&easpi=1&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1693789883995&bpp=3&bdt=139&idt=257&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4190839710619&frm=20&pv=2&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=280
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
6b760506ae90a1d968a1977b1970849055e41d6a0a36bd9ac21d5b5a389536e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lottolore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
129514
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 01:11:25 GMT
expires
Mon, 04 Sep 2023 01:11:25 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=1&tms=200&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.lottolore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 5A7B 		154 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=90&slotname=2032194561&adk=597357111&adf=3091200385&pi=t.ma~as.2032194561&w=728&lmt=1693741962&format=728x90&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789883998&bpp=1&bdt=142&idt=286&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=FVuCTEcB0S&p=http%3A//www.lottolore.com&dtd=292
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9993f2bfce99ae1034867e89fb19ee677f8761ff8969b361d1e959a2b74b0d79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lottolore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
54382
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 01:11:25 GMT
expires
Mon, 04 Sep 2023 01:11:25 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0EB4 		150 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=60&slotname=3883624712&adk=3438795909&adf=4283936622&pi=t.ma~as.3883624712&w=468&lmt=1693741962&format=468x60&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789883999&bpp=1&bdt=143&idt=294&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=bbHYSsQRe0&p=http%3A//www.lottolore.com&dtd=297
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
1ea3efb551d7a0528dea083a6efb3e6c76c944180ae234ebda871d8d11f16415
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lottolore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
52798
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 01:11:24 GMT
expires
Mon, 04 Sep 2023 01:11:24 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=0&tms=200&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.lottolore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B087 		154 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=600&slotname=6113378365&adk=4060815285&adf=1600584185&pi=t.ma~as.6113378365&w=120&lmt=1693741962&format=120x600&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789884000&bpp=1&bdt=144&idt=300&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C468x60&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1062&ady=431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=r0G1WDyrqm&p=http%3A//www.lottolore.com&dtd=303
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a0541f284ee8346e2269a1c767cb101cb81777532c12175ac7ec64d5a9d0f6eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lottolore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
54378
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 01:11:24 GMT
expires
Mon, 04 Sep 2023 01:11:24 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ctin.php
count.carrierzone.com/track/ 		42 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://count.carrierzone.com/track/ctin.php?t=1693789884319&custnum=4e6b8917d439244e&sname=www.lottolore.com&pagename=ontar49.html&group=%2Fservices%2Fwebpages%2Fl%2Fo%2Flottolore.com%2Fpublic&version=%24Rev%3A%207840%20%24&js=1&jv=0&resolution=1600x1200&color_depth=24&campaign=&referrer=&page_url=http%253A%252F%252Fwww.lottolore.com%252Fontar49.html&plugins=Chrome%20PDF%20Plugin%3BChrome%20PDF%20Viewer%3BNative%20Client%3B
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
HTTP/1.1
Server
66.175.41.113 , Canada, ASN30447 (INFB2-AS, CA),
Reverse DNS
wiredminds.carrierzone.com
Software
Apache/2.2.15 (CentOS) / PHP/5.2.17
Resource Hash
5b27cb8a843da7b4f70f68d669798596541491654185df0bd45867d951a31947

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.lottolore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 01:11:16 GMT
Last-Modified
Mon, 04 Sep 2023 01:11:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.2.17
P3P
CP="NOI NID ADMa OUR IND UNI COM NAV"
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=10, max=100
Content-Length
42
Expires
Thu, 01 Jan 1970 01:23:45 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 0EB4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C3-vfvC71ZJTCFO33zLUPl6eEyAbSkbaNbbnQrsqWD8CNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi00MDQ5NDAwMzcyNzUyNjc4yAEJqAMByAMCqgTvAU_QUoBGHOcyZ7ceQSR1n4mCxY7qItJirfuJX6c3LtifVBeCmiOO96UF3JBgoVr28HcSlK5cx4mnss9tY6JGeWW9LkXX0Ka9PonfgHbvy-8BCUzMCQ5UXQzu7j-UHGdo47AdCWL8U7FrR_k4LXyVIEJNb8ExNXgbdCseK-2ZKSVJ9rhdAStzyV9P3nAMv6gqYH_Hzecg2DQJuNh60OO2NscJy2uaJT_TRvDA_YzBxg8gHg_zeuQVzqVux-KRMqrWuQ6SrCTWHGbN90HWrIASSVmJh3JfwV4rtIPpBeXjMxuu_U3lYuuZbuZfP9jgRJg0gAary-zo57HHvoMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00MDQ5NDAwMzcyNzUyNjc4GAA&sigh=UfhtvGxmY30&uach_m=[UACH]&cid=CAQSGwBpAlJWH9GM7e0xW2_ZXTKGXwDt9XUqg8FPdxgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=60&slotname=3883624712&adk=3438795909&adf=4283936622&pi=t.ma~as.3883624712&w=468&lmt=1693741962&format=468x60&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789883999&bpp=1&bdt=143&idt=294&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=bbHYSsQRe0&p=http%3A//www.lottolore.com&dtd=297
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=60&slotname=3883624712&adk=3438795909&adf=4283936622&pi=t.ma~as.3883624712&w=468&lmt=1693741962&format=468x60&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789883999&bpp=1&bdt=143&idt=294&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=bbHYSsQRe0&p=http%3A//www.lottolore.com&dtd=297
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 04 Sep 2023 01:11:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Sep 2023 01:11:24 GMT
rtimp
g.bidbrain.app/ Frame 0EB4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp?sid=f764b9b5-4abf-11ee-91f3-26822c80f6a2&d=www.lottolore.com&cr=ext_gen2_v10_start_prot8&a=imp&p=ZPUuvAAFIRQAszvtAAETlxgjBKEQ2RKyak6T0Q&im=eqTztfecdTI7D5jU7y4NnYdr_LYBJRGt_vklrtmmgOC3NNsFCUK_umVwbwLoXKTjkNFivQoUnHFPBitd2SipJzzhosmvkjqeY8u6Y_6n64n0JmhWsZi82I99BqbjUYJGLVjqqw92OGUxitGhIvxK9y6HTYfr-fdtmOosoDCdWSjmNJZ5tmfzgFMvzXqe7Fz0OHtjPO-vznRwGaIapH_154RcFgN1Cyu4PeDonebzICmpUpAvkEX_CFyS85j2FfOJtnyDi9KVPYpEBr8IW8QvPqS7iLwjGMo7lhbYEFQq96Gi3SSZX8S4rypwZFIHTWeELRv_qM_yOBpBTMsYJybilx5o9v7h833RYjXKAJXpqUDCCzQUouBf53SZ2CYmJdq-TYqYyarhIycYDMSuq_fWtg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=60&slotname=3883624712&adk=3438795909&adf=4283936622&pi=t.ma~as.3883624712&w=468&lmt=1693741962&format=468x60&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789883999&bpp=1&bdt=143&idt=294&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=bbHYSsQRe0&p=http%3A//www.lottolore.com&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:24 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 0EB4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=60&slotname=3883624712&adk=3438795909&adf=4283936622&pi=t.ma~as.3883624712&w=468&lmt=1693741962&format=468x60&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789883999&bpp=1&bdt=143&idt=294&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=bbHYSsQRe0&p=http%3A//www.lottolore.com&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.161 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
72977
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 04:55:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 0EB4 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=60&slotname=3883624712&adk=3438795909&adf=4283936622&pi=t.ma~as.3883624712&w=468&lmt=1693741962&format=468x60&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789883999&bpp=1&bdt=143&idt=294&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=bbHYSsQRe0&p=http%3A//www.lottolore.com&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.161 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
72978
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 04:55:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0EB4 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=60&slotname=3883624712&adk=3438795909&adf=4283936622&pi=t.ma~as.3883624712&w=468&lmt=1693741962&format=468x60&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789883999&bpp=1&bdt=143&idt=294&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=bbHYSsQRe0&p=http%3A//www.lottolore.com&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 01:11:24 GMT
truncated
/ Frame 0EB4 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a9d6ce2aaaefefe615e648a6cb9649f10b638b0c0339c772cb263a77d352a46c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame B087 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=600&slotname=6113378365&adk=4060815285&adf=1600584185&pi=t.ma~as.6113378365&w=120&lmt=1693741962&format=120x600&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789884000&bpp=1&bdt=144&idt=300&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C468x60&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1062&ady=431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=r0G1WDyrqm&p=http%3A//www.lottolore.com&dtd=303
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.161 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
72977
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 04:55:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame B087 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=600&slotname=6113378365&adk=4060815285&adf=1600584185&pi=t.ma~as.6113378365&w=120&lmt=1693741962&format=120x600&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789884000&bpp=1&bdt=144&idt=300&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C468x60&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1062&ady=431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=r0G1WDyrqm&p=http%3A//www.lottolore.com&dtd=303
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.161 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
72978
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 04:55:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B087 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=600&slotname=6113378365&adk=4060815285&adf=1600584185&pi=t.ma~as.6113378365&w=120&lmt=1693741962&format=120x600&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789884000&bpp=1&bdt=144&idt=300&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C468x60&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1062&ady=431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=r0G1WDyrqm&p=http%3A//www.lottolore.com&dtd=303
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 01:11:25 GMT
Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame 0EB4 		159 KB
160 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=60&slotname=3883624712&adk=3438795909&adf=4283936622&pi=t.ma~as.3883624712&w=468&lmt=1693741962&format=468x60&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789883999&bpp=1&bdt=143&idt=294&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=bbHYSsQRe0&p=http%3A//www.lottolore.com&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2534
x-guploader-uploadid
ADPycdu96hHgET-7m7Io5RJDoLXT_DeBNLVsZz9nmsZl4eDeoNph7Znp0Rhz7QZr5TgwGFgmPYQcT547gJsjRa7aAs0CLw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162876
last-modified
Wed, 14 Jun 2023 14:22:11 GMT
server
cloudflare
etag
"ac3f799d5bbaf5196fab15ab8de8431c"
vary
Accept-Encoding
x-goog-generation
1686752530970769
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MiV873SXQBKp%2Fz1K3LMkiSr23L1qqKnPDjXsw1qy9nGqOBA6IUL6KETuSVaOVXQ0ssWqmr8WfirK8Lsd5Xu6nIjlBy28c%2B2Y6i4PJuq1LCSTthEtQdNiYmbW3nOPxquwJA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162876
accept-ranges
bytes
cf-ray
80125bbdbff238e1-YYZ
expires
Mon, 04 Sep 2023 00:53:24 GMT
Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame 0EB4 		159 KB
159 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=60&slotname=3883624712&adk=3438795909&adf=4283936622&pi=t.ma~as.3883624712&w=468&lmt=1693741962&format=468x60&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789883999&bpp=1&bdt=143&idt=294&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=bbHYSsQRe0&p=http%3A//www.lottolore.com&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1907
x-guploader-uploadid
ADPycduZMD-D0bbwiRXFENcgSY2kszotTXWwtjxzTRL-vhc9xMijVkiG5W5dAWEwkcnN_yOflfR9VCSrxi0YcPg7xwBYtRB1knFa
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162464
last-modified
Wed, 14 Jun 2023 14:03:41 GMT
server
cloudflare
etag
"d329cc8b34667f114a95422aaad1b063"
vary
Accept-Encoding
x-goog-generation
1686751421527536
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evRawxVETzcbH2OVLtdBW2b8JuijYECo86AIOp674g6g5vtsPeOHJ9Yzw8JTE%2FkZwDt3bNXEFkOMd%2F61hfQpXZU%2FqK93pHpMgumqf5ZdRTAtbYvdxKkrJfl95u3kLB%2FT1g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162464
accept-ranges
bytes
cf-ray
80125bbdbff438e1-YYZ
expires
Mon, 04 Sep 2023 01:22:18 GMT
truncated
/ Frame B087 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbb0de79b67ce3f984e0a9cf14cb537cc0fd1045ebae86209e15ab18f628478d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
rtimp
g.bidbrain.app/ Frame 0EB4 		0
154 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=60&slotname=3883624712&adk=3438795909&adf=4283936622&pi=t.ma~as.3883624712&w=468&lmt=1693741962&format=468x60&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789883999&bpp=1&bdt=143&idt=294&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=bbHYSsQRe0&p=http%3A//www.lottolore.com&dtd=297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:25 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
adview
googleads.g.doubleclick.net/pagead/ Frame B087 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C0a_0vC71ZJ__FLa9j-8P5eOJmA7SkbaNbbnQrsqWD8CNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi00MDQ5NDAwMzcyNzUyNjc4yAEJqAMByAMCqgTwAU_Qr3U-A-gGxrMZhguj3RHPGnXOw65kVFF0tO4ytwt7whz-H3rIOg1a_RMi_kUssprPpjDoBKlpFtzNze-c9QMI7Y9ZKhvaOwuyHPKuJXUOaP5aNis52w5fvwf6cH2b0zbwbqpGXNhdQGZRfvlSxQV87sVGG03Lu8WhwDD1OLejHoaasKAf8hzW5cgklNg939gccNPT59_0UwQQYA9f2pLGsEQnKztiprPZjq5yRm7eNbbpYmrBX5eyNMs-63sfmhpz36AmIxWNbdwK-A1r1YZTOfI0UD6JGe-wOrUSQ9LAYSnI9PSuGkv3Mqw-r5kORoAGq8vs6Oexx76DAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDA0OTQwMDM3Mjc1MjY3OBgA&sigh=TFSYifJOM_Q&uach_m=[UACH]&cid=CAQSGwBpAlJW1ppNPrBxudF3ryrcorT9Ykq6Yr3jPBgB&cbvp=2&vis=1
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=600&slotname=6113378365&adk=4060815285&adf=1600584185&pi=t.ma~as.6113378365&w=120&lmt=1693741962&format=120x600&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789884000&bpp=1&bdt=144&idt=300&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C468x60&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1062&ady=431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=r0G1WDyrqm&p=http%3A//www.lottolore.com&dtd=303
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 04 Sep 2023 01:11:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rtimp
g.bidbrain.app/ Frame B087 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.bidbrain.app/rtimp?sid=f76245af-4abf-11ee-ac6d-66edea9983ba&d=www.lottolore.com&cr=ext_gen2_v10_start_prot8&a=imp&p=ZPUuvAAFP58H4962AAJx5Xqk_Eb0Ib_gtlcQyQ&im=0Fib7e25Wernu9j7FPHwjx0SD5dzRbn86neG3Gvtwa-AVxiueHEIlxCVBOy69psBRTtodrrtGN6Kr_zlGnDGJiFGeFAsplzqq-AQVYfpw4oOa3q7YU-PsFRZJBr8u2E3-hHl4ymo4vG01P102DZSd83ACEt0zLlf3sCycxY5BhhjahSeiyjZ5ojHGT1ZboHPUTFuBTZoCsluT0n0EcbFC2T-7OX5caH7rR3OwPEv3FefJoX5YUb3HPEPa7YUQs1Wmzf5E7nsS4lw857jm3xFfKLA73kPtlF6HAa3nV8GT_h5JccUQG_4FSwJHkdkSgghpwEcwsPn0XYYwncyJH9ACB-d56wUvW8Z5H_zX_UzIrRUo8JJk2xQCpoysH35g8lwgsyP_rGOSHIWYiD5Xgwpqw&cbvp=2
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:25 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame B087 		159 KB
160 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=600&slotname=6113378365&adk=4060815285&adf=1600584185&pi=t.ma~as.6113378365&w=120&lmt=1693741962&format=120x600&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789884000&bpp=1&bdt=144&idt=300&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C468x60&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1062&ady=431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=r0G1WDyrqm&p=http%3A//www.lottolore.com&dtd=303
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2534
x-guploader-uploadid
ADPycdu96hHgET-7m7Io5RJDoLXT_DeBNLVsZz9nmsZl4eDeoNph7Znp0Rhz7QZr5TgwGFgmPYQcT547gJsjRa7aAs0CLw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162876
last-modified
Wed, 14 Jun 2023 14:22:11 GMT
server
cloudflare
etag
"ac3f799d5bbaf5196fab15ab8de8431c"
vary
Accept-Encoding
x-goog-generation
1686752530970769
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ev2VOZRp75Ng1MrcPS4hcC7sMowq6Gyu%2FffSwHm4PvVaZOSZZPIGE9%2BZ3KBdbKtPMaXstsDX%2Fh4l3M1ieMOoJTXlr0DeO9Vq%2F%2F4W7kVdz1uXum4j7ExOhiR0ksyELqqVJg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162876
accept-ranges
bytes
cf-ray
80125bbe289e38e1-YYZ
expires
Mon, 04 Sep 2023 00:53:24 GMT
Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame B087 		159 KB
159 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=600&slotname=6113378365&adk=4060815285&adf=1600584185&pi=t.ma~as.6113378365&w=120&lmt=1693741962&format=120x600&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789884000&bpp=1&bdt=144&idt=300&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C468x60&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1062&ady=431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=r0G1WDyrqm&p=http%3A//www.lottolore.com&dtd=303
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1907
x-guploader-uploadid
ADPycduZMD-D0bbwiRXFENcgSY2kszotTXWwtjxzTRL-vhc9xMijVkiG5W5dAWEwkcnN_yOflfR9VCSrxi0YcPg7xwBYtRB1knFa
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162464
last-modified
Wed, 14 Jun 2023 14:03:41 GMT
server
cloudflare
etag
"d329cc8b34667f114a95422aaad1b063"
vary
Accept-Encoding
x-goog-generation
1686751421527536
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKGgeZ%2BKgkcU%2Ftht0WMAaarCs8jzbnpqCLa8DAQvOasmN8Ea6p33lu6Co1587wSKV4BnHECMi%2F1BSd%2FKsEMtDHbwatvTDaANg0dwU%2FvqUSQ%2BYdqJRPWBi1%2FRhr%2Fd9lwnQA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162464
accept-ranges
bytes
cf-ray
80125bbe28a138e1-YYZ
expires
Mon, 04 Sep 2023 01:22:18 GMT
rtimp
g.bidbrain.app/ Frame 0EB4 		0
18 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=60&slotname=3883624712&adk=3438795909&adf=4283936622&pi=t.ma~as.3883624712&w=468&lmt=1693741962&format=468x60&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789883999&bpp=1&bdt=143&idt=294&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=bbHYSsQRe0&p=http%3A//www.lottolore.com&dtd=297
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:25 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 5A7B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=90&slotname=2032194561&adk=597357111&adf=3091200385&pi=t.ma~as.2032194561&w=728&lmt=1693741962&format=728x90&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789883998&bpp=1&bdt=142&idt=286&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=FVuCTEcB0S&p=http%3A//www.lottolore.com&dtd=292
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
72978
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 04:55:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 5A7B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=90&slotname=2032194561&adk=597357111&adf=3091200385&pi=t.ma~as.2032194561&w=728&lmt=1693741962&format=728x90&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789883998&bpp=1&bdt=142&idt=286&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=FVuCTEcB0S&p=http%3A//www.lottolore.com&dtd=292
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
72979
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 04:55:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5A7B 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=90&slotname=2032194561&adk=597357111&adf=3091200385&pi=t.ma~as.2032194561&w=728&lmt=1693741962&format=728x90&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789883998&bpp=1&bdt=142&idt=286&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=FVuCTEcB0S&p=http%3A//www.lottolore.com&dtd=292
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 01:11:25 GMT
rtimp
g.bidbrain.app/ Frame B087 		0
18 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=600&slotname=6113378365&adk=4060815285&adf=1600584185&pi=t.ma~as.6113378365&w=120&lmt=1693741962&format=120x600&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789884000&bpp=1&bdt=144&idt=300&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C468x60&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1062&ady=431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=r0G1WDyrqm&p=http%3A//www.lottolore.com&dtd=303
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:25 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
truncated
/ Frame 5A7B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c531ffd8027bdd0cdc858258bb9c57bf1fb31d2035c88d5622c16895c3a75de3

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 5A7B 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CU_7WvC71ZNedFJKSj-8PuJyAkAnSkbaNbbnQrsqWD8CNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi00MDQ5NDAwMzcyNzUyNjc4yAEJqAMByAMCqgTvAU_Qwc5RNxHF1pZiiMqm_dsukUiWF8zRMsON_VHUxame7AGArrMeIpZuseUyhqdqRflLDT6GiB75_tQqeYrzigdbN2jMD3s3ACmEhqTZ3JTi4WaB9D46HOn2i0bZdpTkK6psO1u5l_lNysgyPtPp-eUf7h5Fvcs685ftm8lzUfKvkr2LxVVdUxxmZxKTZ60gyBd2PRlS4gDRpimWIGpUS6ldtBTHGH5yTpqyiGPiuifCEA1mOKJMXkVByXbZ0ZtSuRrsTw-EtX7y63EqcgjSk6-s8H4eVvu6gpzHUA87CZOvkPPaoht-ax4S4NbEKx-HgAary-zo57HHvoMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00MDQ5NDAwMzcyNzUyNjc4GAA&sigh=IGSLezNn--I&uach_m=[UACH]&cid=CAQSGwBpAlJWrCJuchE4wnAtM7XN0cF-VsjG7jBonBgB&cbvp=2&vis=1
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=90&slotname=2032194561&adk=597357111&adf=3091200385&pi=t.ma~as.2032194561&w=728&lmt=1693741962&format=728x90&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789883998&bpp=1&bdt=142&idt=286&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=FVuCTEcB0S&p=http%3A//www.lottolore.com&dtd=292
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 04 Sep 2023 01:11:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rtimp
g.bidbrain.app/ Frame 5A7B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.bidbrain.app/rtimp?sid=f75eb9d4-4abf-11ee-af2a-e209d5054011&d=www.lottolore.com&cr=ext_gen2_v10_start_prot8&a=imp&p=ZPUuvAAFDtcH48kSAAAOOGQUzszilRz3DLaZ6A&im=K-blikBev7l60tWHduOvgHx6DQwZjxjLB5hTs-9NCVlUzlDiZqyYgE-LjAGQ0dXErNwgOW_vQYylJNA2Pc1dGzra3MDA22C-XgIij__bI84_7zYSw8qKl7qyp7Yuo4bTjI1YJxhMywiY8BOEbikbLf5QhPQlztkB9HToEbKILGTQATW5z8ivxCE9gow0qCO8Y0UpMKqNwQ80-WjZslfASsqUTuI2GEH1ShuAcJ7baD5dsisNSq2_3aYM_QxYVGkwoMV8oWr40kbFMBIyNLqwXVXDu5laymIASVFRHJ5IukAWg3o8cuhuGwGIHJKwn3-QEoAEtDyBdFTjYhIAp_LpBHvQL_R65lAZRDfxtXYP8NvLv4nmxZHjIjMWFgzvdEUynvWdi5UWuMIvwAhDKe0oOA&cbvp=2
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:25 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame 5A7B 		159 KB
160 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=90&slotname=2032194561&adk=597357111&adf=3091200385&pi=t.ma~as.2032194561&w=728&lmt=1693741962&format=728x90&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789883998&bpp=1&bdt=142&idt=286&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=FVuCTEcB0S&p=http%3A//www.lottolore.com&dtd=292
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2534
x-guploader-uploadid
ADPycdu96hHgET-7m7Io5RJDoLXT_DeBNLVsZz9nmsZl4eDeoNph7Znp0Rhz7QZr5TgwGFgmPYQcT547gJsjRa7aAs0CLw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162876
last-modified
Wed, 14 Jun 2023 14:22:11 GMT
server
cloudflare
etag
"ac3f799d5bbaf5196fab15ab8de8431c"
vary
Accept-Encoding
x-goog-generation
1686752530970769
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlLNQKHf%2BsmmwGSbQ3yTNOhycqHslUoMGfqtH5RE7zjD5sv4Sh4TqbSW0vbDhEuBrKrRiQCgeAt7LfXmc23Ffr2qjI3uSUe2KgFDfYiSJB5tFEq8PrVT3LC6Vt5gou5ofA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162876
accept-ranges
bytes
cf-ray
80125bbf6a3838e1-YYZ
expires
Mon, 04 Sep 2023 00:53:24 GMT
Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame 5A7B 		159 KB
159 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=90&slotname=2032194561&adk=597357111&adf=3091200385&pi=t.ma~as.2032194561&w=728&lmt=1693741962&format=728x90&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789883998&bpp=1&bdt=142&idt=286&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=FVuCTEcB0S&p=http%3A//www.lottolore.com&dtd=292
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1907
x-guploader-uploadid
ADPycduZMD-D0bbwiRXFENcgSY2kszotTXWwtjxzTRL-vhc9xMijVkiG5W5dAWEwkcnN_yOflfR9VCSrxi0YcPg7xwBYtRB1knFa
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162464
last-modified
Wed, 14 Jun 2023 14:03:41 GMT
server
cloudflare
etag
"d329cc8b34667f114a95422aaad1b063"
vary
Accept-Encoding
x-goog-generation
1686751421527536
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKdfkh%2FotH%2FWLcgTcdHs5iettX2fjfeb9alizuuSMeiqKE7T0m0CNov14l7Ros8Wlxph46antOOFHWurfFA3KLoTkMa2IdlBUDRxWVpgGKGAQEj75rcfQd0dG8mqOTUJ7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162464
accept-ranges
bytes
cf-ray
80125bbf6a3938e1-YYZ
expires
Mon, 04 Sep 2023 01:22:18 GMT
rtimp
g.bidbrain.app/ Frame 5A7B 		0
18 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4049400372752678&output=html&h=90&slotname=2032194561&adk=597357111&adf=3091200385&pi=t.ma~as.2032194561&w=728&lmt=1693741962&format=728x90&url=http%3A%2F%2Fwww.lottolore.com%2Fontar49.html&wgl=1&dt=1693789883998&bpp=1&bdt=142&idt=286&shv=r20230830&mjsv=m202308290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4190839710619&frm=20&pv=1&ga_vid=657231318.1693789884&ga_sid=1693789884&ga_hid=2026778591&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283&oid=2&pvsid=1400270309673344&tmod=876490479&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=FVuCTEcB0S&p=http%3A//www.lottolore.com&dtd=292
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:25 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/ 		154 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
b5e1b0e091991620af7624bc47eef8b9bd8a134ad186b6fc62ba7aec28278780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.lottolore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53637
x-xss-protection
0
server
cafe
etag
4705849664152620625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 01:11:26 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0EB4 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuG2zCVv7LPlGKvbtiCMUHUb3q-jKUDmJqZjvjnqGYz3O4Ud2YO1Mta7xifQt3Yl5GgBIYv8czjLNs6JLS4EF6T23ZLch74e_hU2E2Q&sig=Cg0ArKJSzCwl5JX662J6EAE&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3438795909&rs=2&la=0&cr=0&vs=4&r=v&rst=1693789884297&rpt=706&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=4&tms=200&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.lottolore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=2&tms=200&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.lottolore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=1&tms=200&eid=44759875%2C44759926%2C44759837%2C44798934%2C44797663%2C20222283
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.lottolore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/ Frame F77E 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lottolore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
37904
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 14:39:42 GMT
etag
9878862242593084568
expires
Sun, 17 Sep 2023 14:39:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/ Frame 305E 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lottolore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
37904
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 14:39:42 GMT
etag
9878862242593084568
expires
Sun, 17 Sep 2023 14:39:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/ Frame A91A 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lottolore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
37904
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Sep 2023 14:39:42 GMT
etag
9878862242593084568
expires
Sun, 17 Sep 2023 14:39:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame B087 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvct3ZBvVOqP7ipIwOUOcppaYq2vHfruTRyoJjWmObnu6D3REzWPIr9Vwb1mMsJSRRLYRyzOKt30y9p7SHjls1qe9MNRfsKYxHW3EpM&sig=Cg0ArKJSzBlufD1IAcyvEAE&id=lidar2&mcvt=1020&p=0,0,600,120&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4060815285&rs=2&la=0&cr=0&vs=4&r=v&rst=1693789884304&rpt=819&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame F77E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
72979
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 04:55:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame F77E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
72980
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 04:55:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F77E 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 01:11:26 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 305E 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
72979
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 04:55:07 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame 305E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
72979
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9067
x-xss-protection
0
server
cafe
etag
16184311534176170479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 04:55:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 305E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
72979
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 04:55:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 305E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
72980
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 04:55:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 305E 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 01:11:26 GMT
3c1ec1505caf618a1f8c049839112e9c.js
www.gstatic.com/mysidia/ Frame 305E 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f3.1e100.net
Software
sffe /
Resource Hash
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 01:06:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15058
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 00:31:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 01:06:15 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame A91A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
72979
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 04:55:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame A91A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
72980
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Sep 2023 04:55:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A91A 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 01:11:26 GMT
truncated
/ Frame F77E 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17dc716da30bd43d7d95ff5855b28fadf35cc3bf90ab6ec131ac316c7f0a51b3

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame F77E 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZfXNvC71ZPTCE7nO0_wPvZWm2AXSkbaNbbnQrsqWD8CNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi00MDQ5NDAwMzcyNzUyNjc4yAEJqAMByAMCqgTxAU_Qo_tcQKJL4FNhMNylgJYNHOAb7Dd3crsBu8bDhqOTsWMpO3myYPvZM-isyZg4N0ICQm8x9fswKUrv2t1TH5TkQ7l7sEH9Wd0isJHwKnU0O5-TZ35BDP3r3_W_iZ6aJFNqKLPr2BaEilqEYROhizWVIqzAZyn8cGiJ9vuF9O2zQ4EsAhRTBoclTyCpLoQuvH1ekOgs-_O-gO9-hsF_rP9olzE5g1JByDJV6uQkhzwcjdI-JsSekA-QeNnIIibFFVrkOS57YTldoIUOoH8cFAygCvKH2Hzx01wQ4hujcyFWUCTZ10CzkvZvJLZAPKhoGZyABqvL7Ojnsce-gwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQwNDk0MDAzNzI3NTI2NzgYAA&sigh=u3aWEZTsbvE&uach_m=[UACH]&cid=CAQSGwBpAlJWSa2oK12wtdvxK0EGBJ8roEbyWe2LyxgB&cbvp=2&vis=1
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 04 Sep 2023 01:11:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rtimp
g.bidbrain.app/ Frame F77E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.bidbrain.app/rtimp?sid=f75fadbf-4abf-11ee-b52f-1e8555364af5&d=www.lottolore.com&cr=ext_gen2_v10_start_prot8&a=imp&p=ZPUuvAAE4XQJlOc5AAmKvdX22yLdOSNLPbOjJg&im=JuCsK5H18AFz46KVGdRN7G2ZblI2-6_4jKTShKNXeYtiaKWIGgtqFCFQb3zk9S9kq8t4QovinmmQQlc7YndDkE_hQKLdNxA2c_fuNzprK6adJywFSjC2WPXmziqldk1SXGJOQzpyRn1oU5-p0S2vxVGoHs75NoXog3bk267I5TeAkHeCQ_XyHClRehLmdMU6j48iy4nFU2-KbPbhiIy1UYIzSEhW6AEdvbNZ1IlEMQOGylJrtBChvz0LT0Vjrz0WPc-3U3A4B5X3HVmNyMKtv1MbwkQwaBQw_SBE-MpO-WkfO7PyqjM3xEvgWor0e1Y3ARNG8H1x8TnYtbsI96u2NEXeCTMunYJbpIOHFZBckDd1xL-pMa8BO7W73y05zDcGjF4gTpS2ZivRwNpinkImHw&cbvp=2
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:26 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame F77E 		159 KB
160 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2535
x-guploader-uploadid
ADPycdu96hHgET-7m7Io5RJDoLXT_DeBNLVsZz9nmsZl4eDeoNph7Znp0Rhz7QZr5TgwGFgmPYQcT547gJsjRa7aAs0CLw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162876
last-modified
Wed, 14 Jun 2023 14:22:11 GMT
server
cloudflare
etag
"ac3f799d5bbaf5196fab15ab8de8431c"
vary
Accept-Encoding
x-goog-generation
1686752530970769
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFuy41l6KqXjQfWz6HpEyoLs3gnlCo5fHsyblpS5HwFUlqYdtqYuV4BgqMhigYsTrIOFeh9z8z%2BCPGmtgEd4nCgWPpNAV3ExuyXrSoCXEle%2FWxwQEZax5eu%2BzYrR0cNAFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162876
accept-ranges
bytes
cf-ray
80125bc58abf38e1-YYZ
expires
Mon, 04 Sep 2023 00:53:24 GMT
Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame F77E 		159 KB
159 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1908
x-guploader-uploadid
ADPycduZMD-D0bbwiRXFENcgSY2kszotTXWwtjxzTRL-vhc9xMijVkiG5W5dAWEwkcnN_yOflfR9VCSrxi0YcPg7xwBYtRB1knFa
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162464
last-modified
Wed, 14 Jun 2023 14:03:41 GMT
server
cloudflare
etag
"d329cc8b34667f114a95422aaad1b063"
vary
Accept-Encoding
x-goog-generation
1686751421527536
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rT2%2FWaxZ%2B1H0bZFYNUINfdqpkUTFTyxMocqRsXJJ6c4aQRA7nL4HE39iRBl7LBNssHhC%2BeWtFGSdDHUfaUxZ3ft94A%2Fba7ydEwPMvX4eaVgwJjb1tIOTYLLaieiC0RG2Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162464
accept-ranges
bytes
cf-ray
80125bc58ac238e1-YYZ
expires
Mon, 04 Sep 2023 01:22:18 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5A7B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCamHRGL9mIWtGS5SqhYB6vXJDS-D6D1pPgUKRzf9mdTeIFprX5KdPBTMe9Rqwc5aYrMor6QSDJul0g98EGkZUwzvxr8iLgdJktUBA&sig=Cg0ArKJSzNi7FUpgYiuiEAE&id=lidar2&mcvt=1020&p=0,0,90,728&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=597357111&rs=2&la=0&cr=0&vs=4&r=v&rst=1693789884291&rpt=1028&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
16277505992128403259
tpc.googlesyndication.com/daca_images/simgad/ Frame 305E 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/16277505992128403259?w=360&h=720
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
sffe /
Resource Hash
d6abc39b762f85156dd40c9fe8d807fdd6a48916093813a647b81ce76f91a8e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 23:11:09 GMT
x-content-type-options
nosniff
age
439217
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29781
x-xss-protection
0
last-modified
Tue, 29 Aug 2023 19:45:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 05 Sep 2023 23:11:09 GMT
truncated
/ Frame 305E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcab359d7c377567c78669764d840290a760bb4b83cd3cd37382f7f3043c8446

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
pagead2.googlesyndication.com/bg/ Frame BCB9 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
sffe /
Resource Hash
e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:24:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
470819
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14879
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Aug 2024 14:24:27 GMT
rtimp
g.bidbrain.app/ Frame F77E 		0
18 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:26 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 305E
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CtOhVvC71ZPXCE7nO0_wPvZWm2AW64cjjcvj2qO7_EJz-j9DpMBABIIe4-gFg_aCZgegDoAHp_fXPA8gBAagDAcgDywSqBPoBT9DOlQR6sbgLzLFN97z-fCOm-9E41NrcRwqvySXMVNBjnc2...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x615a870c86b9cdd60000000000000000%22,%222%22:%220x17e4120bebaa69150000000000000000%22,%223%22:%220x830ed6...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x615a870c86b9cdd60000000000000000%22,%222%22:%220x17e4120bebaa69150000000000000000%22,%223%22:%220x830ed6d6fda36a3c0000000000000000%22,%224%22:%220x297eb5dcba6f84420000000000000000%22,%225%22:%220x1aca286919525fbc0000000000000000%22},%22debug_key%22:%227352524431766058572%22,%22debug_reporting%22:true,%22destination%22:%22https://searchfavorites.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%224%22:[%2209-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216557585382705865761%22}&andc=true
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H3
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:26 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x615a870c86b9cdd60000000000000000","2":"0x17e4120bebaa69150000000000000000","3":"0x830ed6d6fda36a3c0000000000000000","4":"0x297eb5dcba6f84420000000000000000","5":"0x1aca286919525fbc0000000000000000"},"debug_key":"7352524431766058572","debug_reporting":true,"destination":"https://searchfavorites.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972914409"],"4":["09-04"],"6":["true"]},"priority":"500","source_event_id":"16557585382705865761"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Sep 2023 01:11:26 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 04 Sep 2023 01:11:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x615a870c86b9cdd60000000000000000","2":"0x17e4120bebaa69150000000000000000","3":"0x830ed6d6fda36a3c0000000000000000","4":"0x297eb5dcba6f84420000000000000000","5":"0x1aca286919525fbc0000000000000000"},"debug_key":"7352524431766058572","debug_reporting":true,"destination":"https://searchfavorites.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972914409"],"4":["09-04"],"6":["true"]},"priority":"500","source_event_id":"16557585382705865761"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame A91A 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e77546c5285085a298278bf6e734a4eac14ef70d683868b8c7c83dd890f351e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame A91A 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cq-MgvC71ZPbCE7nO0_wPvZWm2AXSkbaNbbnQrsqWD8CNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi00MDQ5NDAwMzcyNzUyNjc4yAEJqAMByAMCqgTwAU_Q1C65yR-riHojL7sZ2zDAJ6tBXNiFDk8C8s2-Pi4Sgn_KXpLO5nA3nOICyWEI83Hg7gtsnhkUYRJkUOheakwHGLYwN1KUnnzlLbWps-diy1S0h17wRVVzjlchoA-6ZPJ50EWae4pk9BXkuRO3LrbGAgC5MOwjodjiHjhYLsugPbtPeJ8xcgab7OUD2wnebFJmQMISwlOpclxiVbl8egd-0iTy3-LaBD_4pukcF3GTOTjZSGSTbGr1vIEcFdMWe7DZFkAhKly-pjhnEr88k23idpYF8KZpRFUG_a-VQYzDegRu1m7X5VUt6HPHQ4CBp4AGq8vs6Oexx76DAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDA0OTQwMDM3Mjc1MjY3OBgA&sigh=ArKSItWxXUw&uach_m=[UACH]&cid=CAQSGwBpAlJWSa2oK12wtdvxK0EGBJ8roEbyWe2LyxgB&cbvp=2&vis=1
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 04 Sep 2023 01:11:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rtimp
g.bidbrain.app/ Frame A91A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.bidbrain.app/rtimp?sid=f75f2bdd-4abf-11ee-b867-4e8417fbb591&d=www.lottolore.com&cr=ext_gen2_v10_start_prot8&a=imp&p=ZPUuvAAE4XYJlOc5AAmKvcwq49jSEUge62JSzg&im=suys7-64B7krKVP1WEF1IMV8xzc0zqijkwBk16oTOzt9_YJUYo_35CQwPczNlBStZ8CYYcxiDaVWgsXKZqV42jf9iTJmoTdTovUDKF7tvEEzqqeXQamJ9jciMoGwhJSwiVhWaEG-5PCBd_wYyjVwirQu41gnSFEzJ70cMr9BbPKQZeK881MrgGH1_HcpaOrw7kcfzece-tfa9leKeixOwYasRfxr64oXxedrviZP8Yz2lWbWBnObOlfr_w2hWwNVJKB7FnFq70mSty2fVVLdQpC2nbO3aCAr6Li7CQY6DbesrhyfCsz9HF3hnSIFHGaZsUnve-6_38cRN2rKS-e3xxcRG08Pv5eNjRxy3xTBLccyPzENIqNcdQgVM09bH9v9Y1SBfe76ZnINfvMuknY0mQ&cbvp=2
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:26 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame A91A 		159 KB
160 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2535
x-guploader-uploadid
ADPycdu96hHgET-7m7Io5RJDoLXT_DeBNLVsZz9nmsZl4eDeoNph7Znp0Rhz7QZr5TgwGFgmPYQcT547gJsjRa7aAs0CLw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162876
last-modified
Wed, 14 Jun 2023 14:22:11 GMT
server
cloudflare
etag
"ac3f799d5bbaf5196fab15ab8de8431c"
vary
Accept-Encoding
x-goog-generation
1686752530970769
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVVpeTJvJYQmjD77soNmggbXXCkxolrq2s11PTupQ1TTkTSZV%2BRC6gFThGqcPa%2B1ZDABvPK3TaPF7D%2BDD9iUsKHZnlTpiepOBo5UPEQMLPnjrOiQermLhsATX27ilWNG6A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162876
accept-ranges
bytes
cf-ray
80125bc65be738e1-YYZ
expires
Mon, 04 Sep 2023 00:53:24 GMT
Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame A91A 		159 KB
159 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1908
x-guploader-uploadid
ADPycduZMD-D0bbwiRXFENcgSY2kszotTXWwtjxzTRL-vhc9xMijVkiG5W5dAWEwkcnN_yOflfR9VCSrxi0YcPg7xwBYtRB1knFa
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162464
last-modified
Wed, 14 Jun 2023 14:03:41 GMT
server
cloudflare
etag
"d329cc8b34667f114a95422aaad1b063"
vary
Accept-Encoding
x-goog-generation
1686751421527536
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gaZGJqPhldeyjWnixHvSKMbeEVmTevrwVOr5ObkXpLSr47T3XAlgJpkQxQIsJ2WrNqHaOJB%2FWPp2Omy6g101i38D9kjbwj%2Bydv8O7pj%2BisyiEB101H3K4gmcAB0nIvKAog%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162464
accept-ranges
bytes
cf-ray
80125bc65bea38e1-YYZ
expires
Mon, 04 Sep 2023 01:22:18 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x615a870c86b9cdd60000000000000000%22,%222%22:%220x17e4120bebaa69150000000000000000%22,%223%22:%220x830ed6d6fda36a3c0000000000000000%22,%224%22:%220x297eb5dcba6f84420000000000000000%22,%225%22:%220x1aca286919525fbc0000000000000000%22},%22debug_key%22:%227352524431766058572%22,%22debug_reporting%22:true,%22destination%22:%22https://searchfavorites.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%224%22:[%2209-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216557585382705865761%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 01:11:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rtimp
g.bidbrain.app/ Frame A91A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:26 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
rtimp
g.bidbrain.app/ Frame F77E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:26 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
rtimp
g.bidbrain.app/ Frame A91A 		0
18 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: www.lottolore.com
URL: http://www.lottolore.com/ontar49.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.135.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:26 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230830&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
eb4ee65ee66f9bcd1765d17d674979e794f3138ea6829baa51fd0801989fc6e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.lottolore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11668
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.lottolore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Sep 2023 01:11:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A290 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lottolore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
159369
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Sep 2023 04:55:18 GMT
expires
Sun, 01 Sep 2024 04:55:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6C37 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
GSE /
Resource Hash
b09147ba1eb3395ddce0acdbf35f19476d71513b934b0e0e721f9e169d067bdd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IsZlzS2N4a5Er4kY1k89fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.lottolore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-IsZlzS2N4a5Er4kY1k89fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 01:11:27 GMT
expires
Mon, 04 Sep 2023 01:11:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame 305E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJVKWurbZFD1HWQJAplYFrXJ4TAsUAczkGMAQYl_5Ey5APMVbdI-pPs-laBjwM0TR3mTNanG7BjBL8nLOpVY8Ba60qnIIqm2WmCAZymmqzGHuK3y8zRHD871vS7NSoLmrkbU0akf1FGg&sai=AMfl-YSNAUAjA6tWvC5Ryp7sBZMyXz4ehCIJPEoUy8ACanzU48CsYuPV7MAu8lJ4BOl5qsXOgV4XI0yegEGH&sig=Cg0ArKJSzD-eOpMWXS9MEAE&cid=CAQSGwBpAlJWSa2oK12wtdvxK0EGBJ8roEbyWe2LyxgB&id=lidar2&mcvt=1000&p=-50,0,450,200&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1693789886146&rpt=226&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A91A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvuD9hz6ZPXqR-0rx5P-xeQumdrwV13zUqeJSZtfy0v1olVJsugb6OZs6SRT9v0Nlo7-iIUCxrUgKPfSXjBOTn4A5eT4fFv0a2z3nD1&sig=Cg0ArKJSzMZBhidfXeAcEAE&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1693789886151&rpt=269&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
pagead2.googlesyndication.com/bg/ Frame A290 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
sffe /
Resource Hash
e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:24:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
470820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14879
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Aug 2024 14:24:27 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F77E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkOy9mnFnAHnPaKGxxfokwC8LkNj-uGQv9mh4r10_u3YCL3yLbyihuFZIBoKahjW-D2sCP29RmBBi2G6oQ6IJUzvbDqe_48CI92jyz&sig=Cg0ArKJSzDy-zog8RpqQEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=85,768,1000,1107,1183&tos=85,683,232,107,76&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1693789886128&rpt=179&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 01:11:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6C37 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230830&jk=1400270309673344&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame A290 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?VSHrTA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.161 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:11:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230830&jk=1400270309673344&bg=!LyylLGPNAAYHwnCgJ8I7ADQBe5WfOM-L_FCfxbOyqmZMZyBeDM1dmuTOv3wGzspbeyVubyhJdUeyNMlQOW7vBERt4d71AgAAAF9SAAAABWgBBwoASrOOxUb2ZPAWQX6FgsA_ojbgcq3aWnOxb9Uwnebre7vwUo597wm0p91p-Wt3MxCua4P3lK92xZ1GnjG-IkrLA0b6JVKUpnlJEovRmQK47yAt-UrvDMHBcZV5so7AmENO-KiLBnTJgw8Yy-RRtDrfK5pQMjFTWJWRdpw4tqFVnXub8wJecvg0OBfeBC9VjgwcIGFxU28WTIK-9DyKXTd5hRhBQJsDENKM-3efrFCf2vPmgqAwC5CmSKhYH2QLJ9q4njM6Dn_B9ken9evHWgVAVvFSNvHSTHYL-wIae_Lq-XwCi9eYL6fgZF9tehmL7IZNxiHzLya_6byWpmS4K3PNbGtZvb9ISpBNrGPNYgfdIAb87ctTogh0YWZIOGH04mRV3aEb0QzaQW57iE-0ubFOF8kgkrsEw2nODGVm1kf7VtwSEClQHqjhcULAauaP-Dg8u84_Xqx37vpClkQcxSA4iscX5ptsvyLzFtEg29eXemgj7HieyvpFKT9PT138MAm2Lyvae0Owy3DhA2xK4x1qyV_gR-HVPWBf6xDK0CXH2N-btnmEsK5wgKDQi3dLf1JVN_w84UkC-t6fBiESXBQ9NQAZGrE982x1fEhSavnzdf7kw-TMz22DwtYvB9I9u7lUJzynKOj2A2LruVqL-SG7xUlkzxdfC1x7V5W5rMem96qedzwhMlM8ZY0Xi_C9pm4NZBR1Q2PX0qbCTO37K6o0vBaIyPVBuyvBamI2nsd8jUWq20gS-w4UY67VBgx2b-CQowbrHgA8sXrP3GFxRl1LaGY5igDdqisKtSU22gQDtcXoQwyjbLjyKvQvr7aHCRAL-sewDwrNv7Y8As0vGttv6I0a_S4dv8Wdd1sYD08rd9Q5sow3WDflJ5X5bHcwn3-LkqOkwWyffNadv41ETf143weQGfRQyU6iJvnQp_kDcz-mXBcJbzgm-wQ-uKxKNShW9vtmGuzH6Ss3oEWNrKSC8M12-3xlGiR3DWgYRzorhFF4M7WrDaDFFUfxAPt-k_zBcwNmdOx_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://www.lottolore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_image_requests object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| click_track function| getClick object| wm_indiv_stats object| wiredminds string| wm_custnum string| wm_page_name string| wm_group_name string| wm_campaign_key string| wm_track_alt object| googletag object| google_llp object| GoogleGcLKhOms

8 Cookies

Domain/Path Name / Value
ic.aff-handler.com/ Name: uffiliate_impression_44990_866205_
Value: uffiliate_impression_44990_866205_
.lottolore.com/ Name: __gads
Value: ID=0a8d39483ff3c700-2291c182c1e300af:T=1693789884:RT=1693789884:S=ALNI_MbjH50RK4yTBzRLGMA3V-HId7RSAg
.lottolore.com/ Name: __gpi
Value: UID=00000d8fc057ad7c:T=1693789884:RT=1693789884:S=ALNI_MbBafPip6oq33JhBwq58orfmrpjPg
.doubleclick.net/ Name: IDE
Value: AHWqTUktWZadhZ7PotK1ECHp8eoyslk4n2QSwvCk3sqv2gDh_mG9EcYCOwmh0MMCKbc
.bidbrain.app/ Name: uid_cross
Value: f79dc032-4abf-11ee-bb1e-9a0927c945f6
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.googleadservices.com/ Name: ar_debug
Value: 1
.bidbrain.app/ Name: sid_cross
Value: f75fadbf-4abf-11ee-b52f-1e8555364af5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.rtbrain.app
count.carrierzone.com
fls-na.amazon-adsystem.com
g.bidbrain.app
googleads.g.doubleclick.net
ic.aff-handler.com
images-na.ssl-images-amazon.com
m.media-amazon.com
pagead2.googlesyndication.com
partner.googleadservices.com
rcm-na.amazon-adsystem.com
tpc.googlesyndication.com
wms-na.amazon-adsystem.com
ws-na.amazon-adsystem.com
ws-na.assoc-amazon.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.lottolore.com
104.26.3.190
142.250.65.161
172.217.13.130
172.217.13.162
172.217.13.195
172.217.13.196
172.217.13.98
18.165.3.209
216.251.32.98
217.147.127.42
23.46.156.47
34.149.135.28
44.215.118.203
52.46.135.132
52.94.237.66
66.175.41.113
081ac21be6e96b215ed8048da21bcf6949af932420dad9a3d17b7c1e901307ef
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
09773b164a8cbf0d6e76b0f93eb985539a1a2a7257600f05901c5ffe7942632f
0daff1f5463a19bc137fea655529bf74b3085efcf0d664d1261252ca37df2628
17dc716da30bd43d7d95ff5855b28fadf35cc3bf90ab6ec131ac316c7f0a51b3
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
1ea3efb551d7a0528dea083a6efb3e6c76c944180ae234ebda871d8d11f16415
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
2e77546c5285085a298278bf6e734a4eac14ef70d683868b8c7c83dd890f351e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b1f6cd975416e6c7822434d67be99cbfb72bbf2d6657168f0331858dad9641
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
402d827b85f487a06519910ca2de42f3be3636db4ab95cd3be59b875481c67f8
40315b18ee409516c2e78b29789a31c4b9a3c077815b64d65955eeb85a02601d
50aa45b57bdb172cb34866964496d6f2db7b379cf6e8001a7dd91d4992f89068
537c71e1c20a3fe495d0b462ce47b885ee02a07f5d5164cc1dcda29a5d7322e1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b27cb8a843da7b4f70f68d669798596541491654185df0bd45867d951a31947
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93
6b760506ae90a1d968a1977b1970849055e41d6a0a36bd9ac21d5b5a389536e6
8c88fd6d4fa548972cc8ca15773c65498a1656f5eac257bdd4fea020721de8ea
9993f2bfce99ae1034867e89fb19ee677f8761ff8969b361d1e959a2b74b0d79
a011990e765194136203d27da85782e816307dc0aad8cb3deb4518050ebf1866
a0541f284ee8346e2269a1c767cb101cb81777532c12175ac7ec64d5a9d0f6eb
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
a8dde9fe9739159f5f534b84f47713f793b6ba279cca3e95b14ddf97b48a9fa1
a9d6ce2aaaefefe615e648a6cb9649f10b638b0c0339c772cb263a77d352a46c
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
b09147ba1eb3395ddce0acdbf35f19476d71513b934b0e0e721f9e169d067bdd
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b5e1b0e091991620af7624bc47eef8b9bd8a134ad186b6fc62ba7aec28278780
b71c4907db3c2f5a1f932c7a4ff0f95fd08675820fe28f0e0abd2efd8e4b1d59
bdb14b4fa1ee72675b6cc19afe8411964ef2335a3b148c40d8d0b749a730f2cc
c2d0968f40bd1e6e4a5321415768c334c515e64e1333925fe5056060deb2e149
c531ffd8027bdd0cdc858258bb9c57bf1fb31d2035c88d5622c16895c3a75de3
d14a56dbdacb54a03a3e185b7f20c4d99e51bc514fdfae42767b6765e65418c0
d6abc39b762f85156dd40c9fe8d807fdd6a48916093813a647b81ce76f91a8e0
dbb0de79b67ce3f984e0a9cf14cb537cc0fd1045ebae86209e15ab18f628478d
dcab359d7c377567c78669764d840290a760bb4b83cd3cd37382f7f3043c8446
e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb4ee65ee66f9bcd1765d17d674979e794f3138ea6829baa51fd0801989fc6e4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54
f418e6b5416f03cbc22b24f481582e2d55ee0f7ca6989c562b59f12c9229214e