urlscan.io logo urlscan.io
SecurityTrails logo

www.wisewomenlottery.com Open in urlscan Pro
2a00:1450:4001:802::2013  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wisewomenlottery.com/
Effective URL: https://www.wisewomenlottery.com/
Submission: On November 14 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 53 IPs in 5 countries across 37 domains to perform 303 HTTP transactions. The main IP is 2a00:1450:4001:802::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.wisewomenlottery.com.
TLS certificate: Issued by GTS CA 1D4 on October 15th 2023. Valid for: 3 months.
This is the only time www.wisewomenlottery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2001:4860:480... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 52.34.62.240 16509 (AMAZON-02)
31 2a07:7800::137 48254 (TWENTYI)
1 1 54.68.182.192 16509 (AMAZON-02)
10 2606:4700:20:... 13335 (CLOUDFLAR...)
1 9 67.222.21.127 63410 (PRIVATESY...)
26 3.125.0.95 16509 (AMAZON-02)
8 2a04:4e42:400... 54113 (FASTLY)
1 216.58.212.162 15169 (GOOGLE)
1 54.72.193.170 16509 (AMAZON-02)
2 54.203.114.187 16509 (AMAZON-02)
2 2600:9000:211... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
9 18.239.82.27 16509 (AMAZON-02)
3 2600:9000:224... 16509 (AMAZON-02)
5 54.145.112.251 14618 (AMAZON-AES)
6 2600:9000:223... 16509 (AMAZON-02)
3 2600:9000:211... 16509 (AMAZON-02)
3 2600:1f18:243... 14618 (AMAZON-AES)
3 2600:9000:206... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
8 143.204.215.12 16509 (AMAZON-02)
1 212.82.100.181 34010 (YAHOO-IRD)
5 151.101.65.91 54113 (FASTLY)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a0b:4d07:101::1 44239 (PROINITY ...)
3 192.229.221.25 15133 (EDGECAST)
8 151.101.64.176 54113 (FASTLY)
1 2606:4700::68... ()
1 2600:9000:211... ()
1 18.245.86.127 ()
3 151.101.1.21 ()
2 54.186.23.98 ()
1 107.178.211.97 ()
2 35.190.27.197 ()
1 151.101.129.91 ()
1 2600:1901:0:d... ()
1 2a03:2880:f17... ()
1 2600:9000:206... ()
1 151.101.129.35 ()
303 53
1    2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)
wisewomenlottery.com
4    2a00:1450:4001:802::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.wisewomenlottery.com
7    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
17    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
27    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
14    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh4.googleusercontent.com
lh5.googleusercontent.com
lh3.googleusercontent.com
lh6.googleusercontent.com
138284849-atari-embeds.googleusercontent.com
11    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
1    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
drive.google.com
2    52.34.62.240 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-62-240.us-west-2.compute.amazonaws.com
a03299kehqtgveq6-dhpjs3udm.hop.clickbank.net
5e300elmhjyb1q-0w4heod7oco.hop.clickbank.net
31    2a07:7800::137 (United Kingdom)

ASN48254 (TWENTYI, GB)
www.3stepmethod.com
1    54.68.182.192 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-182-192.us-west-2.compute.amazonaws.com
63135adhcgmj5lzeqrv7zocyl6.hop.clickbank.net
10    2606:4700:20::681a:219 (United States)

ASN13335 (CLOUDFLARENET, US)
www.lottoannihilator.com
9    67.222.21.127 (United States)

ASN63410 (PRIVATESYSTEMS, US)
PTR: host.15minuteweightloss.com
godfrequency.co
cpv.godfrequency.co
26    3.125.0.95 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
app.ecwid.com
8    2a04:4e42:400::644 (United States)

ASN54113 (FASTLY, US)
fast.wistia.com
1    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
www.googleadservices.com
1    54.72.193.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-193-170.eu-west-1.compute.amazonaws.com
trends.revcontent.com
2    54.203.114.187 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-114-187.us-west-2.compute.amazonaws.com
cbtb.clickbank.net
2    2600:9000:211e:d400:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)
embed-ssl.wistia.com
embed-cloudfront.wistia.com
4    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
9    18.239.82.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-82-27.ams58.r.cloudfront.net
d3cy3u1txmkqs3.cloudfront.net
3    2600:9000:2240:ea00:1f:f560:8d00:21 (United States)

ASN16509 (AMAZON-02, US)
d3dq8sxcny4hg.cloudfront.net
5    54.145.112.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-112-251.compute-1.amazonaws.com
ecomm.events
6    2600:9000:223c:4400:1c:b536:2c40:21 (United States)

ASN16509 (AMAZON-02, US)
d1oxsl77a1kjht.cloudfront.net
3    2600:9000:211e:7600:13:2031:2340:21 (United States)

ASN16509 (AMAZON-02, US)
d11s7fcxy18ubx.cloudfront.net
3    2600:1f18:243f:2d01:5380:e1f8:c18:d856 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
analytics.sitewit.com
3    2600:9000:206f:1c00:19:4fd1:c1c0:21 (United States)

ASN16509 (AMAZON-02, US)
d20ubqycd8ynev.cloudfront.net
4    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.no
1    2606:4700:20::681a:e7e (United States)

ASN13335 (CLOUDFLARENET, US)
trk.cosmicmedia.io
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
5    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    143.204.215.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-12.fra53.r.cloudfront.net
prod.cbstatic.net
1    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
5    151.101.65.91 (United States)

ASN54113 (FASTLY, US)
quick.vidalytics.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
seal-boise.bbb.org
3    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
8    151.101.64.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
1    2606:4700::6812:d63b (None, )

ASN- ()
cdn.onesignal.com
1    2600:9000:2117:7600:3:471f:5240:93a1 (None, )

ASN- ()
pipedream.wistia.com
1    18.245.86.127 (None, )

ASN- ()
distillery.wistia.com
3    151.101.1.21 (None, )

ASN- ()
www.paypal.com
2    54.186.23.98 (None, )

ASN- ()
q.stripe.com
1    107.178.211.97 (None, )

ASN- ()
stats.vidalytics.com
2    35.190.27.197 (None, )

ASN- ()
analytics-ingress-global.bitmovin.com
1    151.101.129.91 (None, )

ASN- ()
forms.aweber.com
1    2600:1901:0:df23:: (None, )

ASN- ()
licensing.bitmovin.com
1    2a03:2880:f177:185:face:b00c:0:25de (None, )

ASN- ()
www.facebook.com
1    2600:9000:206f:ea00:19:7d10:bd80:93a1 (None, )

ASN- ()
m.stripe.network
1    151.101.129.35 (None, )

ASN- ()
t.paypal.com
Apex Domain
Subdomains		 Transfer
35 google.com
apis.google.com — Cisco Umbrella Rank: 112
play.google.com — Cisco Umbrella Rank: 28
drive.google.com — Cisco Umbrella Rank: 318
www.google.com — Cisco Umbrella Rank: 2
444 KB
31 3stepmethod.com
www.3stepmethod.com
290 KB
28 gstatic.com
www.gstatic.com
fonts.gstatic.com
1 MB
26 ecwid.com
app.ecwid.com — Cisco Umbrella Rank: 36058
88 KB
24 cloudfront.net
d3cy3u1txmkqs3.cloudfront.net
d3dq8sxcny4hg.cloudfront.net
d1oxsl77a1kjht.cloudfront.net
d11s7fcxy18ubx.cloudfront.net
d20ubqycd8ynev.cloudfront.net
d2j6dbq0eux0bg.cloudfront.net Failed
4 MB
14 googleusercontent.com
lh4.googleusercontent.com — Cisco Umbrella Rank: 520
lh5.googleusercontent.com — Cisco Umbrella Rank: 159
lh3.googleusercontent.com — Cisco Umbrella Rank: 49
lh6.googleusercontent.com — Cisco Umbrella Rank: 556
138284849-atari-embeds.googleusercontent.com
1 MB
12 wistia.com
fast.wistia.com — Cisco Umbrella Rank: 3892
embed-ssl.wistia.com — Cisco Umbrella Rank: 7431
pipedream.wistia.com
distillery.wistia.com
embed-cloudfront.wistia.com
365 KB
10 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1287
q.stripe.com
464 KB
10 lottoannihilator.com
www.lottoannihilator.com
591 KB
9 godfrequency.co
godfrequency.co
cpv.godfrequency.co
130 KB
8 cbstatic.net
prod.cbstatic.net — Cisco Umbrella Rank: 175968
131 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
ajax.googleapis.com — Cisco Umbrella Rank: 364
39 KB
6 vidalytics.com
quick.vidalytics.com — Cisco Umbrella Rank: 257707
stats.vidalytics.com
626 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
283 KB
5 ecomm.events
ecomm.events — Cisco Umbrella Rank: 45458
6 KB
5 clickbank.net
a03299kehqtgveq6-dhpjs3udm.hop.clickbank.net Failed
5e300elmhjyb1q-0w4heod7oco.hop.clickbank.net Failed
63135adhcgmj5lzeqrv7zocyl6.hop.clickbank.net Failed
cbtb.clickbank.net — Cisco Umbrella Rank: 163838
5 KB
5 wisewomenlottery.com
wisewomenlottery.com
www.wisewomenlottery.com
20 KB
4 paypal.com
www.paypal.com
t.paypal.com
15 KB
4 google.no
www.google.no — Cisco Umbrella Rank: 31694
779 B
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
6 KB
3 bitmovin.com
analytics-ingress-global.bitmovin.com
licensing.bitmovin.com
871 B
3 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2612
562 KB
3 sitewit.com
analytics.sitewit.com — Cisco Umbrella Rank: 55850
18 KB
2 bbb.org
seal-boise.bbb.org — Cisco Umbrella Rank: 162734
9 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
89 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2914
40 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 648
7 KB
1 stripe.network
m.stripe.network
2 KB
1 facebook.com
www.facebook.com
185 B
1 aweber.com
forms.aweber.com
4 KB
1 onesignal.com
cdn.onesignal.com
3 KB
1 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1417
633 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
8 KB
1 cosmicmedia.io
trk.cosmicmedia.io — Cisco Umbrella Rank: 339694
1016 B
1 revcontent.com
trends.revcontent.com — Cisco Umbrella Rank: 2528
148 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
19 KB
0 jaswertrk.com Failed
jaswertrk.com Failed
303 37
Domain Requested by
31 www.3stepmethod.com www.gstatic.com
www.3stepmethod.com
27 apis.google.com www.wisewomenlottery.com
apis.google.com
www.gstatic.com
138284849-atari-embeds.googleusercontent.com
26 app.ecwid.com 138284849-atari-embeds.googleusercontent.com
app.ecwid.com
17 www.gstatic.com www.wisewomenlottery.com
www.gstatic.com
11 fonts.gstatic.com fonts.googleapis.com
10 www.lottoannihilator.com www.gstatic.com
www.lottoannihilator.com
9 d3cy3u1txmkqs3.cloudfront.net app.ecwid.com
8 js.stripe.com js.stripe.com
8 prod.cbstatic.net cbtb.clickbank.net
prod.cbstatic.net
www.lottoannihilator.com
8 fast.wistia.com www.lottoannihilator.com
fast.wistia.com
8 godfrequency.co 1 redirects www.gstatic.com
godfrequency.co
7 fonts.googleapis.com www.wisewomenlottery.com
www.lottoannihilator.com
godfrequency.co
www.3stepmethod.com
6 d1oxsl77a1kjht.cloudfront.net app.ecwid.com
5 quick.vidalytics.com godfrequency.co
quick.vidalytics.com
www.wisewomenlottery.com
5 www.googletagmanager.com godfrequency.co
trk.cosmicmedia.io
www.googletagmanager.com
www.3stepmethod.com
5 ecomm.events app.ecwid.com
ecomm.events
5 lh5.googleusercontent.com www.wisewomenlottery.com
4 www.google.no www.lottoannihilator.com
www.3stepmethod.com
4 www.google.com www.lottoannihilator.com
www.3stepmethod.com
4 googleads.g.doubleclick.net www.googleadservices.com
www.googletagmanager.com
4 www.wisewomenlottery.com 1 redirects www.gstatic.com
3 www.paypal.com www.paypalobjects.com
3 www.paypalobjects.com
3 d20ubqycd8ynev.cloudfront.net app.ecwid.com
3 analytics.sitewit.com app.ecwid.com
3 d11s7fcxy18ubx.cloudfront.net app.ecwid.com
3 d3dq8sxcny4hg.cloudfront.net app.ecwid.com
3 138284849-atari-embeds.googleusercontent.com www.gstatic.com
3 play.google.com www.gstatic.com
3 lh3.googleusercontent.com www.wisewomenlottery.com
2 analytics-ingress-global.bitmovin.com www.wisewomenlottery.com
2 q.stripe.com www.wisewomenlottery.com
2 seal-boise.bbb.org www.lottoannihilator.com
prod.cbstatic.net
2 connect.facebook.net www.wisewomenlottery.com
connect.facebook.net
2 stackpath.bootstrapcdn.com godfrequency.co
2 s.yimg.com www.lottoannihilator.com
s.yimg.com
2 cbtb.clickbank.net www.lottoannihilator.com
godfrequency.co
2 lh4.googleusercontent.com www.wisewomenlottery.com
1 embed-cloudfront.wistia.com fast.wistia.com
1 t.paypal.com
1 m.stripe.network js.stripe.com
m.stripe.network
1 www.facebook.com godfrequency.co
1 licensing.bitmovin.com www.wisewomenlottery.com
1 forms.aweber.com www.3stepmethod.com
1 stats.vidalytics.com www.wisewomenlottery.com
1 distillery.wistia.com fast.wistia.com
1 pipedream.wistia.com fast.wistia.com
1 cdn.onesignal.com www.3stepmethod.com
1 sp.analytics.yahoo.com www.lottoannihilator.com
1 cpv.godfrequency.co godfrequency.co
1 cdn.jsdelivr.net godfrequency.co
1 ajax.googleapis.com godfrequency.co
1 trk.cosmicmedia.io godfrequency.co
1 embed-ssl.wistia.com www.lottoannihilator.com
1 trends.revcontent.com www.lottoannihilator.com
1 www.googleadservices.com www.lottoannihilator.com
1 63135adhcgmj5lzeqrv7zocyl6.hop.clickbank.net www.gstatic.com
1 5e300elmhjyb1q-0w4heod7oco.hop.clickbank.net www.gstatic.com
1 a03299kehqtgveq6-dhpjs3udm.hop.clickbank.net www.gstatic.com
1 drive.google.com www.gstatic.com
www.wisewomenlottery.com
1 lh6.googleusercontent.com www.wisewomenlottery.com
1 wisewomenlottery.com 1 redirects
0 d2j6dbq0eux0bg.cloudfront.net Failed
0 jaswertrk.com Failed www.lottoannihilator.com
303 64

This site contains links to these domains. Also see Links.

Domain
www.google.com
Subject Issuer Validity Valid
www.wisewomenlottery.com
GTS CA 1D4		 2023-10-15 -
2024-01-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.3stepmethod.com
R3		 2023-10-14 -
2024-01-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-10 -
2024-05-09		 a year crt.sh
godfrequency.co
cPanel, Inc. Certification Authority		 2023-09-03 -
2023-12-02		 3 months crt.sh
*.ecwid.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-04		 a year crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-07-02 -
2024-08-02		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
revcontent.com
Amazon RSA 2048 M02		 2023-05-18 -
2024-06-16		 a year crt.sh
*.clickbank.net
Amazon RSA 2048 M01		 2023-02-07 -
2024-03-08		 a year crt.sh
*.wistia.com
Amazon RSA 2048 M01		 2023-01-31 -
2024-02-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-11-06 -
2023-12-27		 2 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.ecomm.events
R3		 2023-11-04 -
2024-02-02		 3 months crt.sh
*.sitewit.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-20 -
2024-08-19		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.no
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
cosmicmedia.io
E1		 2023-10-28 -
2024-01-26		 3 months crt.sh
cpv.godfrequency.co
cPanel, Inc. Certification Authority		 2023-09-09 -
2023-12-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.cbstatic.net
Amazon RSA 2048 M02		 2023-07-19 -
2024-08-16		 a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-10-24 -
2024-04-17		 6 months crt.sh
*.vidalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-30 -
2023-12-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-24 -
2023-11-22		 3 months crt.sh
*.bbb.org
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-26 -
2024-04-25		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-12 -
2024-10-31		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-30 -
2024-01-25		 3 months crt.sh
pipedream-production-cloudfront-app-cname.wistia.com
Amazon RSA 2048 M03		 2023-09-11 -
2024-10-09		 a year crt.sh
stats-tap-production-cloudfront-app-cname.wistia.com
Amazon RSA 2048 M01		 2023-09-13 -
2024-10-11		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-10-09 -
2024-01-18		 3 months crt.sh
*.bitmovin.com
Go Daddy Secure Certificate Authority - G2		 2023-05-08 -
2024-06-08		 a year crt.sh
*.aweber.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-01-24 -
2024-01-23		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-09-21 -
2024-10-21		 a year crt.sh

This page contains 29 frames:

Primary Page: https://www.wisewomenlottery.com/
Frame ID: 77B3CE3E96AE6BD32147EDD6FFD023B5
Requests: 37 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__&r=984118782
Frame ID: 6777285490D7C86E25AFD398B73ACE5F
Requests: 6 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__&r=241214166
Frame ID: 54FFE76F50D330395588A1CB2C91B592
Requests: 6 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__&r=733762680
Frame ID: 14E1E750DC1FA36C4EC8AA873CA9A461
Requests: 6 HTTP requests in this frame

Frame: https://drive.google.com/auth_warmup?origin=https%3A%2F%2Fwww.wisewomenlottery.com
Frame ID: B95286665350490908F58E3B5BF3A76C
Requests: 2 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__&r=477568505
Frame ID: E4F1EBE3798C500459E27269BA7294C0
Requests: 3 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__&r=483476844
Frame ID: DE972EFBD63D5036D3D5E14209BE998D
Requests: 3 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__&r=347755950
Frame ID: 5A5309D234BEAB05E2B3AB0EFE5217DF
Requests: 3 HTTP requests in this frame

Frame: https://a03299kehqtgveq6-dhpjs3udm.hop.clickbank.net/
Frame ID: 46DCECF3AABFB5F9BE13DF725CF76890
Requests: 1 HTTP requests in this frame

Frame: https://5e300elmhjyb1q-0w4heod7oco.hop.clickbank.net/
Frame ID: 0F927D73432E7B3810F7314A3912963F
Requests: 1 HTTP requests in this frame

Frame: https://63135adhcgmj5lzeqrv7zocyl6.hop.clickbank.net/
Frame ID: 6309A63971A2ABCF87EA495DA80219BB
Requests: 1 HTTP requests in this frame

Frame: https://www.3stepmethod.com/?hop=nanaslotto
Frame ID: BFB5F55199EFF8CD0C568AFBF05BEF1B
Requests: 48 HTTP requests in this frame

Frame: https://www.lottoannihilator.com/video/
Frame ID: A2757EDB7CE9A0C0841DC94AACD0D2D8
Requests: 45 HTTP requests in this frame

Frame: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Frame ID: 20A315C17A4DF4AF711C6E54EB024BF5
Requests: 42 HTTP requests in this frame

Frame: https://138284849-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__
Frame ID: DEB20F20AC6D9A43890687474DBC6243
Requests: 3 HTTP requests in this frame

Frame: https://138284849-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__
Frame ID: 37FF00AE7D3983F6278E11D7308711EF
Requests: 3 HTTP requests in this frame

Frame: https://138284849-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__
Frame ID: D19B11487A69C9D667A476E5608E4145
Requests: 3 HTTP requests in this frame

Frame: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Frame ID: 7EB2F7EFF41A35DC418ACDFC3308F5CC
Requests: 21 HTTP requests in this frame

Frame: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Frame ID: 975349B64646D1DAD1FABF0D124AD03B
Requests: 21 HTTP requests in this frame

Frame: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Frame ID: 87823A1E95B5B2B87C071D82BD9A7A18
Requests: 19 HTTP requests in this frame

Frame: https://jaswertrk.com/scripts/retarlts.php
Frame ID: BBCECEFA2A956E98A956CEAF89DEA6E1
Requests: 1 HTTP requests in this frame

Frame: https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-54753-g89d4484ff212b0/ru.cdev.xnext.frontend.LegacyFrontend/C752656B8888219118BC47720D54C6BB.cache.js
Frame ID: 3E4B8CF224C14CE730E9DF679A9B2644
Requests: 1 HTTP requests in this frame

Frame: https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-54753-g89d4484ff212b0/ru.cdev.xnext.frontend.LegacyFrontend/C752656B8888219118BC47720D54C6BB.cache.js
Frame ID: 16EE00AD2E22D93DE9CDEBADED2D9AAD
Requests: 1 HTTP requests in this frame

Frame: https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-54753-g89d4484ff212b0/ru.cdev.xnext.frontend.LegacyFrontend/C752656B8888219118BC47720D54C6BB.cache.js
Frame ID: 460C7573E3E3AD6A9A7DC7A6651219FF
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: D3619910CC1EB30ED21097EECC874684
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 76592BB47A1FE5BD396F259DFBFE1898
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 6C1027C3C340DF806EE12A6CC10F5392
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: EF238A402B5BEEDB62771D8323715BD6
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 85E40917E3349F488EF21DB22AF45BD9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WISE WOMEN LOTTO

Page URL History Show full URLs

  1. http://wisewomenlottery.com/ HTTP 301
    http://www.wisewomenlottery.com/ HTTP 301
    https://www.wisewomenlottery.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • https://app\.ecwid\.com/script\.js
Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • \.aweber\.com/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

303
Requests

90 %
HTTPS

62 %
IPv6

37
Domains

64
Subdomains

53
IPs

5
Countries

10566 kB
Transfer

38415 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wisewomenlottery.com/ HTTP 301
    http://www.wisewomenlottery.com/ HTTP 301
    https://www.wisewomenlottery.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65
  • https://a03299kehqtgveq6-dhpjs3udm.hop.clickbank.net/ HTTP 307
  • https://www.3stepmethod.com/?hop=nanaslotto
Request Chain 66
  • https://63135adhcgmj5lzeqrv7zocyl6.hop.clickbank.net/ HTTP 307
  • https://www.lottoannihilator.com/video/
Request Chain 67
  • https://5e300elmhjyb1q-0w4heod7oco.hop.clickbank.net/ HTTP 307
  • https://godfrequency.co/vsl/index.php?hop=nanaslotto HTTP 302
  • https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto

303 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.wisewomenlottery.com/
Redirect Chain
  • http://wisewomenlottery.com/
  • http://www.wisewomenlottery.com/
  • https://www.wisewomenlottery.com/
116 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aea7c1b3daa920b1a100d2e403b89c52d0824578abe3be42f428f9125075bf01
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-_pKbNZXjOAatmC-Gyn7aEg' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-_pKbNZXjOAatmC-Gyn7aEg' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
content-type
text/html; charset=utf-8
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-site
date
Tue, 14 Nov 2023 23:01:10 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
0

Redirect headers

Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Content-Length
0
Content-Type
application/binary
Date
Tue, 14 Nov 2023 23:01:10 GMT
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Location
https://www.wisewomenlottery.com/
Pragma
no-cache
Server
ESF
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
0
css
fonts.googleapis.com/ 		5 KB
599 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&display=swap
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cfe790335dc4ff07f0f501fb361687f88edca78273d2424e0797457924462ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 23:01:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 21:05:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 23:01:11 GMT
css
fonts.googleapis.com/ 		28 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4a2e8f6c07744ff59534fab4d21430272beab3638bc74f724496b90d923d1468
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 23:01:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 22:14:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 23:01:11 GMT
css
fonts.googleapis.com/ 		1 KB
887 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Alfa%20Slab%20One%3Ai%2Cbi%2C700%2C400&display=swap
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
66f47868fdf31319a2f6587f17803aae751c78875ff5deb0a8f38686262f869a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 23:01:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 23:01:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 23:01:11 GMT
rs=AGEqA5kvSuuL0RLpqZLbJU8Y_1tdsPhMAg
www.gstatic.com/_/atari/_/ss/k=atari.vw.gVVE5azO38c.L.W.O/am=EAY/d=1/ 		1 MB
155 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/ss/k=atari.vw.gVVE5azO38c.L.W.O/am=EAY/d=1/rs=AGEqA5kvSuuL0RLpqZLbJU8Y_1tdsPhMAg
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85280aa9e7e8f5c47e3001989b2f3d384e4e870686a27dad087e848bcee53e2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:40:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
372064
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
158472
x-xss-protection
0
last-modified
Sat, 04 Nov 2023 03:31:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Sat, 09 Nov 2024 15:40:07 GMT
client.js
apis.google.com/js/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/client.js?onload=gapiLoaded
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e04c3f95f14b36b63e6ddb0dbbff7a159deadb238d9fe6bf0ce5180cb68025d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 23:01:11 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7118
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"c2fc0fdf8cd230d4"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 23:01:11 GMT
1ooy-IbU-M0SyMn0v97AMT6XT6yASV8hpT1M-ADpUFfhhY0n9AycWtITbE0ruBYBpoZzk0IjOBocNkEO7fw0iEs=w16383
lh4.googleusercontent.com/ 		205 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh4.googleusercontent.com/1ooy-IbU-M0SyMn0v97AMT6XT6yASV8hpT1M-ADpUFfhhY0n9AycWtITbE0ruBYBpoZzk0IjOBocNkEO7fw0iEs=w16383
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
447bdcdb824004592b67dd6a45a91ccef95e979b11f7236a9ac23ddaeaac359d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:11 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Untitled.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
209908
x-xss-protection
0
expires
Wed, 15 Nov 2023 23:01:11 GMT
oRASfMTelG07Wps3m0QmFQrU7N4CFgrzVEcA0xqXr1agKIPU8umqCgRQQxlRWiMbw4OQQdSPd898r4tLxTQQuLASWwjWusHFn0M0wQLh_qzfogfn1H5I9Q1hxQimoVgzlQ=w1280
lh4.googleusercontent.com/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh4.googleusercontent.com/oRASfMTelG07Wps3m0QmFQrU7N4CFgrzVEcA0xqXr1agKIPU8umqCgRQQxlRWiMbw4OQQdSPd898r4tLxTQQuLASWwjWusHFn0M0wQLh_qzfogfn1H5I9Q1hxQimoVgzlQ=w1280
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2741a98ce6c12d14511f57b4332648da345cd9826adc68bab7013ab89fbe632e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:11 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Untitled.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105453
x-xss-protection
0
expires
Wed, 15 Nov 2023 23:01:11 GMT
U_mm-BW7WAikIFj2F034DDjGjOYZ6jIY4VAoH9FZTDke3o5FFA6tmJ9ZUpPnkm7QU0A9lazsUP5iQThNKOicIUs2Nb0T5cs6eBmhTHS4sK6JjjNLIjWtpqBeE4IZBDV80A=w1280
lh5.googleusercontent.com/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/U_mm-BW7WAikIFj2F034DDjGjOYZ6jIY4VAoH9FZTDke3o5FFA6tmJ9ZUpPnkm7QU0A9lazsUP5iQThNKOicIUs2Nb0T5cs6eBmhTHS4sK6JjjNLIjWtpqBeE4IZBDV80A=w1280
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e79b9a5c41f27ccc04d48b2a997d13bcf3693ca52cb6ae60acca9673164f318e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:12 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Untitled.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62498
x-xss-protection
0
expires
Wed, 15 Nov 2023 23:01:12 GMT
H0WnJ9xoTffDGkimaDXVNu_GAHEfGaAfjRp-AN0F_IcjX53Ax8chkPjHpREN_0VdNPtMJgAp8DJKiOgr9Ld0aS1c-1VzDQFNKLTInyE0NNWPG1BnZVDF90VSejMh_BiOew=w1280
lh5.googleusercontent.com/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/H0WnJ9xoTffDGkimaDXVNu_GAHEfGaAfjRp-AN0F_IcjX53Ax8chkPjHpREN_0VdNPtMJgAp8DJKiOgr9Ld0aS1c-1VzDQFNKLTInyE0NNWPG1BnZVDF90VSejMh_BiOew=w1280
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a29853274b6ee4adc581f3815812f00a5509c90c2473cc2e88c3828a37a033f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:12 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Untitled.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90538
x-xss-protection
0
expires
Wed, 15 Nov 2023 23:01:12 GMT
OH-poEb9JQzCAw2GLKOCXPeVO1tFo4KAPb4G5QNuCOUoseuwuTGneESVeSeJxsHbqwQ2BxbxuUePOlnu5jgb3e7bkTxUPTOJUafzkNe_ujwej_E117mBSgpX08KtJtQz1g=w1280
lh3.googleusercontent.com/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/OH-poEb9JQzCAw2GLKOCXPeVO1tFo4KAPb4G5QNuCOUoseuwuTGneESVeSeJxsHbqwQ2BxbxuUePOlnu5jgb3e7bkTxUPTOJUafzkNe_ujwej_E117mBSgpX08KtJtQz1g=w1280
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
33d169ddf59845727706b8f35156f216570fa4db793f33ac852d2baf44199374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:12 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Untitled.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50808
x-xss-protection
0
expires
Wed, 15 Nov 2023 23:01:12 GMT
cChdK1dkCreyspIUEibzPqoR4Yw5AS7pnkyqmHj8W_mLrtzXYKmrSypKlr-fnms89MlO1UitpdDpUNOVAZAJXWxGRRNO5M5hgiQdnVn_14oHnxgXHTYsLjEcCBb3jVlI8g=w1280
lh5.googleusercontent.com/ 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/cChdK1dkCreyspIUEibzPqoR4Yw5AS7pnkyqmHj8W_mLrtzXYKmrSypKlr-fnms89MlO1UitpdDpUNOVAZAJXWxGRRNO5M5hgiQdnVn_14oHnxgXHTYsLjEcCBb3jVlI8g=w1280
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
013e84310d7ab057017b3fa16549a6d4c254fd82b6555ed23a2f1747532e3f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:12 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Untitled.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106943
x-xss-protection
0
expires
Wed, 15 Nov 2023 23:01:12 GMT
OA_Oy8VTRfOoVsDXZA7vkPx1LxaMzMFQiu1zRSSf0TCs20AFQkD4b273i5ii6BowEInwYo29TyICuY8ytWHcgsKBdxgkcR7YkEKXQyYoSMhwZNLjWTGm_76cuvVmewMuNQ=w1280
lh5.googleusercontent.com/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/OA_Oy8VTRfOoVsDXZA7vkPx1LxaMzMFQiu1zRSSf0TCs20AFQkD4b273i5ii6BowEInwYo29TyICuY8ytWHcgsKBdxgkcR7YkEKXQyYoSMhwZNLjWTGm_76cuvVmewMuNQ=w1280
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6bd204027ac589144e37b2bc2ba82ec176cfe793bbc697b10ddbbee2392cde2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:12 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Untitled.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
150072
x-xss-protection
0
expires
Wed, 15 Nov 2023 23:01:12 GMT
XBzCNZWieTIDJwN9h6M_R055ViqJhSRbAs9TlWnzF6Yei53t0t_8BYd3cCSTV1WptX5EFuon-KMXEwetJ7EKDtJ6c3LYq2C82rxBO5IJuaZ_YyXY3RaeLbHJ1pDSXkL_Kw=w1280
lh5.googleusercontent.com/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/XBzCNZWieTIDJwN9h6M_R055ViqJhSRbAs9TlWnzF6Yei53t0t_8BYd3cCSTV1WptX5EFuon-KMXEwetJ7EKDtJ6c3LYq2C82rxBO5IJuaZ_YyXY3RaeLbHJ1pDSXkL_Kw=w1280
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
47ea098a19f76499975eb245a69791db1ac913882aa2610caec2a9a8ac28a7a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:12 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Untitled.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101953
x-xss-protection
0
expires
Wed, 15 Nov 2023 23:01:12 GMT
tvi6j5mBeNdVCikSr-4i72O9v9zjVUoT1PcuwmDGP3gXF3jBjoeety90JZ25PQEh1Ea3a-KJ8_YGyfIrkz_9hS8zoIAfk4i2CmhM64oAZDYelAPhtI90WskOQ0npcOG-sKo49mUvsNVc7PCwcvDRTpaA0E-T
lh3.googleusercontent.com/proxy/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/proxy/tvi6j5mBeNdVCikSr-4i72O9v9zjVUoT1PcuwmDGP3gXF3jBjoeety90JZ25PQEh1Ea3a-KJ8_YGyfIrkz_9hS8zoIAfk4i2CmhM64oAZDYelAPhtI90WskOQ0npcOG-sKo49mUvsNVc7PCwcvDRTpaA0E-T
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
021decea59207b5b1dededd25bb1c6a69647aaa2f268689d9122d5bb2370bab9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:12 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31463
x-xss-protection
0
expires
Wed, 15 Nov 2023 23:01:12 GMT
AEwEb-pAeHY_yU848HI50KNvfjfz02SWjYDi8bz1MheGvKhsBH2a7gQJpWOAMfdHkwPvmaKJ_peaHAA7IWH4UGtAS5zZ00AJVkD1
lh3.googleusercontent.com/proxy/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/proxy/AEwEb-pAeHY_yU848HI50KNvfjfz02SWjYDi8bz1MheGvKhsBH2a7gQJpWOAMfdHkwPvmaKJ_peaHAA7IWH4UGtAS5zZ00AJVkD1
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
03cb92827a65fb48c0850d1ea243a139bf58614c4e85ca9b88def0ece910efdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:12 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21175
x-xss-protection
0
expires
Wed, 15 Nov 2023 23:01:12 GMT
m=view
www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=1/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/ 		585 KB
198 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=1/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/m=view
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b216a1038518406eca228e3420fbb58a4dfff0f96b589d77d0f98fcbecb99c8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 04:58:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64938
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
202551
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 13:33:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Wed, 13 Nov 2024 04:58:53 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/ 		316 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dfa3bceb249c735a7936c072cc3937fc8c8169c8f58c9f1fdcadf5f7d43d471
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 19:24:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
531415
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110385
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:22:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Nov 2024 19:24:16 GMT
Pp0ELLYFb7Fd3DH6DJTgixPCSES_64G1_euz6FfOzlYq6YRmYePZ76NMpuMAXJCifw50unFe_ztfojTnw905lTM=w16383
lh6.googleusercontent.com/ 		355 KB
356 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh6.googleusercontent.com/Pp0ELLYFb7Fd3DH6DJTgixPCSES_64G1_euz6FfOzlYq6YRmYePZ76NMpuMAXJCifw50unFe_ztfojTnw905lTM=w16383
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d09cfee5f21ed7285b77fa6ee68aac9186a8cbbac9aee5b62cbfb79b780030ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:12 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Background 8.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
363725
x-xss-protection
0
expires
Wed, 15 Nov 2023 23:01:12 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.wisewomenlottery.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 23:30:11 GMT
x-content-type-options
nosniff
age
84660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Nov 2024 23:30:11 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.wisewomenlottery.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 21:01:51 GMT
x-content-type-options
nosniff
age
525560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Nov 2024 21:01:51 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.wisewomenlottery.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:16:36 GMT
x-content-type-options
nosniff
age
6275
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Nov 2024 21:16:36 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.wisewomenlottery.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 07:52:55 GMT
x-content-type-options
nosniff
age
140896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Nov 2024 07:52:55 GMT
6NUQ8FmMKwSEKjnm5-4v-4Jh2dJhew.woff2
fonts.gstatic.com/s/alfaslabone/v19/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/alfaslabone/v19/6NUQ8FmMKwSEKjnm5-4v-4Jh2dJhew.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alfa%20Slab%20One%3Ai%2Cbi%2C700%2C400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f11176ec1e89f383eda7494955e5e92783c48dd138d0e4f3ace8c1314f9dc66f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.wisewomenlottery.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 15:26:49 GMT
x-content-type-options
nosniff
age
372862
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19072
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 17:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 15:26:49 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.wisewomenlottery.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 06:30:11 GMT
x-content-type-options
nosniff
age
232260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Nov 2024 06:30:11 GMT
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/ Frame 6777 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3691026b21b883801b6f0f4df2e35d5c862a4dc92445d48a00fc43147d1c70c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisewomenlottery.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
398183
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
944
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 08:24:48 GMT
expires
Sat, 09 Nov 2024 08:24:48 GMT
last-modified
Thu, 09 Nov 2023 14:38:32 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/ Frame 54FF 		2 KB
1005 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3691026b21b883801b6f0f4df2e35d5c862a4dc92445d48a00fc43147d1c70c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisewomenlottery.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
398183
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
944
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 08:24:48 GMT
expires
Sat, 09 Nov 2024 08:24:48 GMT
last-modified
Thu, 09 Nov 2023 14:38:32 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/ Frame 14E1 		2 KB
1005 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3691026b21b883801b6f0f4df2e35d5c862a4dc92445d48a00fc43147d1c70c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisewomenlottery.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
398183
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
944
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 08:24:48 GMT
expires
Sat, 09 Nov 2024 08:24:48 GMT
last-modified
Thu, 09 Nov 2023 14:38:32 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
m=sy1b,sy1c,sy1a,FoQBg
www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=0/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=0/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/m=sy1b,sy1c,sy1a,FoQBg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=1/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
408b16950e02ed70d04cfaf4abf35d2509aa699afe8b6db4282be0d9236c7b41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 04:58:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64937
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12714
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 13:33:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Wed, 13 Nov 2024 04:58:54 GMT
m=sy2w,TRvtze
www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=0/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/ 		855 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=0/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/m=sy2w,TRvtze
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=1/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d721a77cb472936a395e72fc02f8ef4e82fe2f949674074e7e494d84018e259f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 04:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64936
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
498
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 13:33:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Wed, 13 Nov 2024 04:58:55 GMT
api.js
apis.google.com/js/ Frame 6777 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea91f570d576025a94a12d0e501028492867d7e5f7e4507d2ed6152e4f615cf9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 23:01:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"e1b8b3c8135902f8"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 23:01:11 GMT
m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy10,X85Uvc,sy2x,abQiW,W26a5e,hJUyqe,sy14,sy15,TGYpv,sy12,sy18,sy13,sy16,sy17,fuVYe,KUM7Z,XDKZTc,sy11,qkPXAf,qEW1W,oNFsLb,sy3w,yxTchf,sy3x,sy3y,xQtZb,yf2Bs,sy2,sy8,yyx...
www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=0/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/ 		1 MB
423 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=0/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy10,X85Uvc,sy2x,abQiW,W26a5e,hJUyqe,sy14,sy15,TGYpv,sy12,sy18,sy13,sy16,sy17,fuVYe,KUM7Z,XDKZTc,sy11,qkPXAf,qEW1W,oNFsLb,sy3w,yxTchf,sy3x,sy3y,xQtZb,yf2Bs,sy2,sy8,yyxWAc,qddgKe,sy2z,SM1lmd,sy6,sy5,syx,RRzQxe,zZvHmd,sy7,sya,syk,sy9,fNFZH,sy2y,syl,RrXLpc,cgRV2c,syz,sy1p,o1L5Wb,X4BaPc,syf,Md9ENb,sy1g,sy1h,syp,sy1e,sy1f,Ko0sOe,syn,syw,syy,NlqxW,sy1j,sy1k,sy1m,sy1n,sy1o,sy1v,sy1i,sy1t,sy1s,syb,syr,sy1q,sy21,sy23,sy26,sy27,sy28,sy29,sy1x,sy22,sy2b,sy2k,sy1z,sy20,sy1l,sy1r,sy1u,sy1w,sy1y,sy25,syo,sy2a,sy2c,sy2d,sy2h,sy2i,sy2j,T807ad,sy24,sy2g,ZDEHrf,sy2l,sy2n,sy1d,a9i3ec,CmOog,qYIcH,zTt0Rb,sy2e,sy2f,rj51oe,zAU64c,jhxjge,xHmRee,oy3iwb,sy2m,dBhIIb,Yr1Pcb,LUQjOd,J9ssyb,SB123c,UubMM,LkQmJ,YoEZUb,JKfHhb,DJtOxf,pA2mAb,gypOCd,X4FC5,kYfebb,XMtvld,rrOIJc,ZdZQ6b,Euz7Lc,sAbmxd,heobjb,KlrXId,R4KMEc,sy2o,sy2p,sy2q,sy2r,UYjpC,vVEdxc,sy3,VYKRW,sy19,CG0Qwb,RZ9OZ,N0NZx,szRU7e
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=1/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fec01a1d87afa53f98cc18a461540c6aa2c3a939046eb03a417e10800be062b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 17:13:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20889
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
432916
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 13:33:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Wed, 13 Nov 2024 17:13:02 GMT
m=sy3n,IZT63,vfuNJf,sy3h,sy3l,sy3o,sy41,sy3z,sy40,siKnQd,sy3f,sy3m,sy3q,YNjGDd,sy3p,sy3r,PrPYRd,iFQyKf,hc6Ubd,sy42,SpsfSb,sy3i,sy3k,wR5FRb,pXdRYb,dIoSBb,zbML3c
www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=0/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=0/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/m=sy3n,IZT63,vfuNJf,sy3h,sy3l,sy3o,sy41,sy3z,sy40,siKnQd,sy3f,sy3m,sy3q,YNjGDd,sy3p,sy3r,PrPYRd,iFQyKf,hc6Ubd,sy42,SpsfSb,sy3i,sy3k,wR5FRb,pXdRYb,dIoSBb,zbML3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=1/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
432d29c25d55cdee78e0d7c267893746a418802929f78c52528b9e0569dd3f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 04:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64935
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10767
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 13:33:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Wed, 13 Nov 2024 04:58:56 GMT
api.js
apis.google.com/js/ Frame 54FF 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea91f570d576025a94a12d0e501028492867d7e5f7e4507d2ed6152e4f615cf9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 23:01:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"e1b8b3c8135902f8"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 23:01:11 GMT
api.js
apis.google.com/js/ Frame 14E1 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea91f570d576025a94a12d0e501028492867d7e5f7e4507d2ed6152e4f615cf9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 23:01:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"e1b8b3c8135902f8"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 23:01:11 GMT
m=m9oV,sye,eFZtfd,sy3s,NTMZac,mzzZzc,rCcCxc,RAnnUd,sy30,sy31,uu7UOe,nAFL3,sy2t,gJzDyc,sy32,soHxf,syu,syt,HYv29e,sy33,uY3Nvd
www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=0/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=0/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/m=m9oV,sye,eFZtfd,sy3s,NTMZac,mzzZzc,rCcCxc,RAnnUd,sy30,sy31,uu7UOe,nAFL3,sy2t,gJzDyc,sy32,soHxf,syu,syt,HYv29e,sy33,uY3Nvd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=1/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e55b7bec8c766b27b91ba4faefd33b4d85d3c5db69322febe6064212e0d07045
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 16:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24136
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12288
x-xss-protection
0
last-modified
Tue, 07 Nov 2023 13:33:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Wed, 13 Nov 2024 16:18:55 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/ Frame 6777 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4925be72da48ceaed81cdefd7060d276a622dad113bc4dbe44c66477a5e347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 05:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
494675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20593
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:22:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 05:36:36 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://www.wisewomenlottery.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
http://play.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 14 Nov 2023 23:01:12 GMT
expires
Tue, 14 Nov 2023 23:01:12 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ 		0
0
logImpressions
www.wisewomenlottery.com/_/view/ 		16 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wisewomenlottery.com/_/view/logImpressions?authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=1/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/m=view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.wisewomenlottery.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 23:01:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/ Frame 54FF 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4925be72da48ceaed81cdefd7060d276a622dad113bc4dbe44c66477a5e347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 05:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
494676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20593
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:22:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 05:36:36 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/ Frame 14E1 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4925be72da48ceaed81cdefd7060d276a622dad113bc4dbe44c66477a5e347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 05:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
494676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20593
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:22:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 05:36:36 GMT
lazy.min.js
www.gstatic.com/feedback/js/help/prod/service/ 		101 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=0/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy10,X85Uvc,sy2x,abQiW,W26a5e,hJUyqe,sy14,sy15,TGYpv,sy12,sy18,sy13,sy16,sy17,fuVYe,KUM7Z,XDKZTc,sy11,qkPXAf,qEW1W,oNFsLb,sy3w,yxTchf,sy3x,sy3y,xQtZb,yf2Bs,sy2,sy8,yyxWAc,qddgKe,sy2z,SM1lmd,sy6,sy5,syx,RRzQxe,zZvHmd,sy7,sya,syk,sy9,fNFZH,sy2y,syl,RrXLpc,cgRV2c,syz,sy1p,o1L5Wb,X4BaPc,syf,Md9ENb,sy1g,sy1h,syp,sy1e,sy1f,Ko0sOe,syn,syw,syy,NlqxW,sy1j,sy1k,sy1m,sy1n,sy1o,sy1v,sy1i,sy1t,sy1s,syb,syr,sy1q,sy21,sy23,sy26,sy27,sy28,sy29,sy1x,sy22,sy2b,sy2k,sy1z,sy20,sy1l,sy1r,sy1u,sy1w,sy1y,sy25,syo,sy2a,sy2c,sy2d,sy2h,sy2i,sy2j,T807ad,sy24,sy2g,ZDEHrf,sy2l,sy2n,sy1d,a9i3ec,CmOog,qYIcH,zTt0Rb,sy2e,sy2f,rj51oe,zAU64c,jhxjge,xHmRee,oy3iwb,sy2m,dBhIIb,Yr1Pcb,LUQjOd,J9ssyb,SB123c,UubMM,LkQmJ,YoEZUb,JKfHhb,DJtOxf,pA2mAb,gypOCd,X4FC5,kYfebb,XMtvld,rrOIJc,ZdZQ6b,Euz7Lc,sAbmxd,heobjb,KlrXId,R4KMEc,sy2o,sy2p,sy2q,sy2r,UYjpC,vVEdxc,sy3,VYKRW,sy19,CG0Qwb,RZ9OZ,N0NZx,szRU7e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e901ebb09fa9903e237ef74d0578bede0331fb3ef264ea7dabf79f894dd9556
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 22:56:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36058
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 17:41:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="product-feedback-gathering"
vary
Accept-Encoding, Origin
report-to
{"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Nov 2023 23:46:10 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/ 		261 B
210 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4de02f4d3d995221d554f93fb5398b6db8c7ebd64ff1a1ffdd69aadb74b82f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 08:19:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
484921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
183
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:22:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 08:19:11 GMT
auth_warmup
drive.google.com/ Frame B952 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://drive.google.com/auth_warmup?origin=https%3A%2F%2Fwww.wisewomenlottery.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=0/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy10,X85Uvc,sy2x,abQiW,W26a5e,hJUyqe,sy14,sy15,TGYpv,sy12,sy18,sy13,sy16,sy17,fuVYe,KUM7Z,XDKZTc,sy11,qkPXAf,qEW1W,oNFsLb,sy3w,yxTchf,sy3x,sy3y,xQtZb,yf2Bs,sy2,sy8,yyxWAc,qddgKe,sy2z,SM1lmd,sy6,sy5,syx,RRzQxe,zZvHmd,sy7,sya,syk,sy9,fNFZH,sy2y,syl,RrXLpc,cgRV2c,syz,sy1p,o1L5Wb,X4BaPc,syf,Md9ENb,sy1g,sy1h,syp,sy1e,sy1f,Ko0sOe,syn,syw,syy,NlqxW,sy1j,sy1k,sy1m,sy1n,sy1o,sy1v,sy1i,sy1t,sy1s,syb,syr,sy1q,sy21,sy23,sy26,sy27,sy28,sy29,sy1x,sy22,sy2b,sy2k,sy1z,sy20,sy1l,sy1r,sy1u,sy1w,sy1y,sy25,syo,sy2a,sy2c,sy2d,sy2h,sy2i,sy2j,T807ad,sy24,sy2g,ZDEHrf,sy2l,sy2n,sy1d,a9i3ec,CmOog,qYIcH,zTt0Rb,sy2e,sy2f,rj51oe,zAU64c,jhxjge,xHmRee,oy3iwb,sy2m,dBhIIb,Yr1Pcb,LUQjOd,J9ssyb,SB123c,UubMM,LkQmJ,YoEZUb,JKfHhb,DJtOxf,pA2mAb,gypOCd,X4FC5,kYfebb,XMtvld,rrOIJc,ZdZQ6b,Euz7Lc,sAbmxd,heobjb,KlrXId,R4KMEc,sy2o,sy2p,sy2q,sy2r,UYjpC,vVEdxc,sy3,VYKRW,sy19,CG0Qwb,RZ9OZ,N0NZx,szRU7e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7477842f3c2650dff5e40b62366b0114dde38952471793eba4de0c99d789d1ff
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport script-src 'report-sample' 'nonce-ZDfCmhsin4CbgQvi7kzwmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisewomenlottery.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/DriveOsidBootstrap/cspreport script-src 'report-sample' 'nonce-ZDfCmhsin4CbgQvi7kzwmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveOsidBootstrap/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveOsidBootstrap/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Tue, 14 Nov 2023 23:01:12 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
0
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/ Frame 6777 		2 KB
969 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__&r=984118782
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=1/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3691026b21b883801b6f0f4df2e35d5c862a4dc92445d48a00fc43147d1c70c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisewomenlottery.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
944
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 23:01:12 GMT
expires
Wed, 13 Nov 2024 23:01:12 GMT
last-modified
Fri, 10 Nov 2023 13:54:37 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/ Frame 54FF 		2 KB
969 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__&r=241214166
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=1/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3691026b21b883801b6f0f4df2e35d5c862a4dc92445d48a00fc43147d1c70c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisewomenlottery.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
944
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 23:01:12 GMT
expires
Wed, 13 Nov 2024 23:01:12 GMT
last-modified
Tue, 14 Nov 2023 13:38:09 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/ Frame 14E1 		2 KB
969 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__&r=733762680
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=1/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3691026b21b883801b6f0f4df2e35d5c862a4dc92445d48a00fc43147d1c70c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisewomenlottery.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
944
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 23:01:12 GMT
expires
Wed, 13 Nov 2024 23:01:12 GMT
last-modified
Fri, 10 Nov 2023 13:54:37 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/ Frame E4F1 		2 KB
969 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__&r=477568505
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=1/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3691026b21b883801b6f0f4df2e35d5c862a4dc92445d48a00fc43147d1c70c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisewomenlottery.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
944
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 23:01:12 GMT
expires
Wed, 13 Nov 2024 23:01:12 GMT
last-modified
Tue, 14 Nov 2023 13:38:09 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/ Frame DE97 		2 KB
969 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__&r=483476844
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=1/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3691026b21b883801b6f0f4df2e35d5c862a4dc92445d48a00fc43147d1c70c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisewomenlottery.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
944
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 23:01:12 GMT
expires
Wed, 13 Nov 2024 23:01:12 GMT
last-modified
Tue, 14 Nov 2023 13:38:09 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/ Frame 5A53 		2 KB
969 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__&r=347755950
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=1/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3691026b21b883801b6f0f4df2e35d5c862a4dc92445d48a00fc43147d1c70c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisewomenlottery.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
944
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 23:01:12 GMT
expires
Wed, 13 Nov 2024 23:01:12 GMT
last-modified
Tue, 14 Nov 2023 13:38:09 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
a03299kehqtgveq6-dhpjs3udm.hop.clickbank.net/ Frame 46DC 		0
0
/
5e300elmhjyb1q-0w4heod7oco.hop.clickbank.net/ Frame 0F92 		0
0
/
63135adhcgmj5lzeqrv7zocyl6.hop.clickbank.net/ Frame 6309 		0
0
api.js
apis.google.com/js/ Frame 6777 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__&r=984118782
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea91f570d576025a94a12d0e501028492867d7e5f7e4507d2ed6152e4f615cf9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 23:01:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"e1b8b3c8135902f8"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 23:01:12 GMT
api.js
apis.google.com/js/ Frame 14E1 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__&r=733762680
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea91f570d576025a94a12d0e501028492867d7e5f7e4507d2ed6152e4f615cf9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 23:01:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"e1b8b3c8135902f8"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 23:01:12 GMT
api.js
apis.google.com/js/ Frame 54FF 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__&r=241214166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea91f570d576025a94a12d0e501028492867d7e5f7e4507d2ed6152e4f615cf9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 23:01:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"e1b8b3c8135902f8"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 23:01:12 GMT
api.js
apis.google.com/js/ Frame E4F1 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__&r=477568505
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea91f570d576025a94a12d0e501028492867d7e5f7e4507d2ed6152e4f615cf9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 23:01:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"e1b8b3c8135902f8"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 23:01:12 GMT
api.js
apis.google.com/js/ Frame DE97 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__&r=483476844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea91f570d576025a94a12d0e501028492867d7e5f7e4507d2ed6152e4f615cf9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 23:01:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"e1b8b3c8135902f8"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 23:01:12 GMT
api.js
apis.google.com/js/ Frame 5A53 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__&r=347755950
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea91f570d576025a94a12d0e501028492867d7e5f7e4507d2ed6152e4f615cf9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 23:01:12 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"e1b8b3c8135902f8"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 23:01:12 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/ Frame 6777 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4925be72da48ceaed81cdefd7060d276a622dad113bc4dbe44c66477a5e347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 05:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
494676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20593
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:22:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 05:36:36 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/ Frame 14E1 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4925be72da48ceaed81cdefd7060d276a622dad113bc4dbe44c66477a5e347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 05:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
494676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20593
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:22:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 05:36:36 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/ Frame 54FF 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4925be72da48ceaed81cdefd7060d276a622dad113bc4dbe44c66477a5e347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 05:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
494676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20593
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:22:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 05:36:36 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/ Frame E4F1 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4925be72da48ceaed81cdefd7060d276a622dad113bc4dbe44c66477a5e347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 05:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
494676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20593
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:22:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 05:36:36 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/ Frame 5A53 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4925be72da48ceaed81cdefd7060d276a622dad113bc4dbe44c66477a5e347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 05:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
494676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20593
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:22:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 05:36:36 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/ Frame DE97 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4925be72da48ceaed81cdefd7060d276a622dad113bc4dbe44c66477a5e347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 05:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
494676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20593
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:22:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 05:36:36 GMT
/
www.3stepmethod.com/ Frame BFB5
Redirect Chain
  • https://a03299kehqtgveq6-dhpjs3udm.hop.clickbank.net/
  • https://www.3stepmethod.com/?hop=nanaslotto
37 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/?hop=nanaslotto
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__&r=984118782
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache / PHP/5.6.40
Resource Hash
f1161374c4af2e9055c7f22b2f52e1b34f7c65cc84d3d74da7fccac1771fe9c3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 14 Nov 2023 23:01:11 GMT
link
<https://www.3stepmethod.com/wp-json/>; rel="https://api.w.org/", <https://www.3stepmethod.com/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <https://www.3stepmethod.com/>; rel=shortlink
server
Apache
vary
Accept-Encoding Accept-Encoding
x-cdn-cache-status
MISS
x-origin-cache-status
MISS
x-powered-by
PHP/5.6.40
x-provided-by
StackCDN
x-via
FRA1

Redirect headers

accept-ch
Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Platform-Version, Sec-Ch-Ua-Arch, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Model
access-control-expose-headers
Server-Timing
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Tue, 14 Nov 2023 23:01:13 GMT
expires
0
location
https://www.3stepmethod.com?hop=nanaslotto
pragma
no-cache
referrer-policy
no-referrer
server-timing
traceparent;desc="00-6b043dffe9713f85518147059950985a-2aa89dfff4253510-01"
strict-transport-security
max-age=0 ; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1 ; mode=block
/
www.lottoannihilator.com/video/ Frame A275
Redirect Chain
  • https://63135adhcgmj5lzeqrv7zocyl6.hop.clickbank.net/
  • https://www.lottoannihilator.com/video/
15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lottoannihilator.com/video/
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__&r=733762680
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c37d2d1bc47597799bbe117c6d432b5b13197e760866fdada9b7a92c8db1b05e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8262e00669b2d933-HEL
content-encoding
br
content-type
text/html
date
Tue, 14 Nov 2023 23:01:13 GMT
last-modified
Tue, 17 Mar 2020 21:30:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyMrfF6fX1kxf8o5HM%2FwPZuW1e7JSXNxspwzTlMlPtMzSaa9f90yh0SGlzSejB2liL1QuvI2J41l%2FQ%2F5qD%2FEkdne88xO37wRh%2Bgf3uJdjZLzx5NUuwZKVOwkK2qV1upr6FTG5%2FWjN%2ByLXCYTuHqXDQJVP0wwVA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

accept-ch
Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform-Version
access-control-expose-headers
Server-Timing
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Tue, 14 Nov 2023 23:01:13 GMT
expires
0
location
https://www.lottoannihilator.com/video/
pragma
no-cache
referrer-policy
no-referrer
server-timing
traceparent;desc="00-d9ccf07d272bfbe6f68a4c1af58b0c42-63ac87d62ee382dd-01"
strict-transport-security
max-age=0 ; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1 ; mode=block
index_ctrl.php
godfrequency.co/vsl/ Frame 20A3
Redirect Chain
  • https://5e300elmhjyb1q-0w4heod7oco.hop.clickbank.net/
  • https://godfrequency.co/vsl/index.php?hop=nanaslotto
  • https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
31 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__&r=241214166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.222.21.127 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
host.15minuteweightloss.com
Software
LiteSpeed /
Resource Hash
fb8c6e1a25ff615023bc8260df0e2e803bab9f5990138c8300809e74209514ce
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
br
content-length
8302
content-security-policy
frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;
content-type
text/html; charset=UTF-8
date
Tue, 14 Nov 2023 23:01:14 GMT
server
LiteSpeed
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-security-policy
frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;
content-type
text/html; charset=UTF-8
date
Tue, 14 Nov 2023 23:01:13 GMT
location
https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
server
LiteSpeed
inner-frame-minified.html
138284849-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/ Frame DEB2 		2 KB
940 B 		Document
General
Check archive.org
Download Go to
Full URL
https://138284849-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__&r=477568505
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80e142904c9feeca9d8c64af55dabfda8032b2ac29fc26ca11d59aa1abddc6ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
915
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 23:01:13 GMT
expires
Wed, 13 Nov 2024 23:01:13 GMT
last-modified
Fri, 10 Nov 2023 13:54:37 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
inner-frame-minified.html
138284849-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/ Frame 37FF 		2 KB
941 B 		Document
General
Check archive.org
Download Go to
Full URL
https://138284849-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__&r=347755950
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80e142904c9feeca9d8c64af55dabfda8032b2ac29fc26ca11d59aa1abddc6ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
915
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 23:01:13 GMT
expires
Wed, 13 Nov 2024 23:01:13 GMT
last-modified
Fri, 10 Nov 2023 13:54:37 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
inner-frame-minified.html
138284849-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/ Frame D19B 		2 KB
941 B 		Document
General
Check archive.org
Download Go to
Full URL
https://138284849-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/83a60601c213b72fb19c1855fb0c5f26/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__&r=483476844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80e142904c9feeca9d8c64af55dabfda8032b2ac29fc26ca11d59aa1abddc6ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
915
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 23:01:13 GMT
expires
Wed, 13 Nov 2024 23:01:13 GMT
last-modified
Fri, 10 Nov 2023 13:54:37 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
api.js
apis.google.com/js/ Frame DEB2 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: 138284849-atari-embeds.googleusercontent.com
URL: https://138284849-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea91f570d576025a94a12d0e501028492867d7e5f7e4507d2ed6152e4f615cf9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 23:01:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"e1b8b3c8135902f8"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 23:01:13 GMT
api.js
apis.google.com/js/ Frame 37FF 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: 138284849-atari-embeds.googleusercontent.com
URL: https://138284849-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea91f570d576025a94a12d0e501028492867d7e5f7e4507d2ed6152e4f615cf9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 23:01:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"e1b8b3c8135902f8"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 23:01:13 GMT
api.js
apis.google.com/js/ Frame D19B 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: 138284849-atari-embeds.googleusercontent.com
URL: https://138284849-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea91f570d576025a94a12d0e501028492867d7e5f7e4507d2ed6152e4f615cf9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 23:01:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"e1b8b3c8135902f8"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 23:01:13 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/ Frame DEB2 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4925be72da48ceaed81cdefd7060d276a622dad113bc4dbe44c66477a5e347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 05:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
494677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20593
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:22:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 05:36:36 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/ Frame 37FF 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4925be72da48ceaed81cdefd7060d276a622dad113bc4dbe44c66477a5e347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 05:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
494677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20593
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:22:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 05:36:36 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/ Frame D19B 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.Y1oMGnmmXvY.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4925be72da48ceaed81cdefd7060d276a622dad113bc4dbe44c66477a5e347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 05:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
494677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20593
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:22:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 05:36:36 GMT
script.js
app.ecwid.com/ Frame 7EB2 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Requested by
Host: 138284849-atari-embeds.googleusercontent.com
URL: https://138284849-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aaa39c55a7b7af43718e80335e86bf71ae4a63f15a3b22da2dc46a3948d109f4

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 23:01:13 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"-2085552377"
Transfer-Encoding
chunked
Access-Control-Max-Age
600
Content-Type
text/javascript;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private,must-revalidate,max-age:3
Vary
Accept-Encoding
Connection
keep-alive
Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
script.js
app.ecwid.com/ Frame 9753 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Requested by
Host: 138284849-atari-embeds.googleusercontent.com
URL: https://138284849-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aaa39c55a7b7af43718e80335e86bf71ae4a63f15a3b22da2dc46a3948d109f4

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 23:01:13 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"-2085552377"
Transfer-Encoding
chunked
Access-Control-Max-Age
600
Content-Type
text/javascript;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private,must-revalidate,max-age:3
Vary
Accept-Encoding
Connection
keep-alive
Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
script.js
app.ecwid.com/ Frame 8782 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Requested by
Host: 138284849-atari-embeds.googleusercontent.com
URL: https://138284849-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.Y1oMGnmmXvY.O%2Fd%3D1%2Frs%3DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%2Fm%3D__features__
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aaa39c55a7b7af43718e80335e86bf71ae4a63f15a3b22da2dc46a3948d109f4

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 23:01:13 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"-2085552377"
Transfer-Encoding
chunked
Access-Control-Max-Age
600
Content-Type
text/javascript;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private,must-revalidate,max-age:3
Vary
Accept-Encoding
Connection
keep-alive
Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
css
fonts.googleapis.com/ Frame A275 		13 KB
1010 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|Open+Sans+Condensed:300,700
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f4f9825d24a7764f6e2d4ba91718ab744a73f5fb4c879c319515d62d8f81ec9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 23:01:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 23:01:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 23:01:13 GMT
layout.css
www.lottoannihilator.com/css/ Frame A275 		40 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lottoannihilator.com/css/layout.css
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75c72e3ce633d28f29eb8cb7f35d46a81db681ede1f59fbaaa149f1964a9e4a1

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 15 May 2018 13:37:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4zXfq2Lh0HBIFyQSXf3ou3y%2BoI5t%2FmAtCDoNd0HnK4xSn3jZR%2BfiJCgIKkfJG%2BlpfwqIomQPDh6I7ATt8CknNTt8addPyY68ikabZFFuqHdyh33cJyxgSzzM7F5k1Z0M2DbbRrh3bR%2FxwrXZ2ex0qqGJQjWyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8262e0073b0bd933-HEL
jquery.min.js
www.lottoannihilator.com/js/ Frame A275 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lottoannihilator.com/js/jquery.min.js
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 15 May 2018 13:40:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAY3ZCtnIdoIgU6JEu3iknq1ucNt55tCBz3MRiE5oi%2FfBzKK%2BAbdAgrW0yaviTDO3hd6lKnol4QKUNHmgg5cWmfy4NmDwMHf%2FpoCu%2BN8xdebCZmNzircGrgqqBzR10NUtwBC2mXQDM%2F9%2BJnwenQagGdat2CgFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8262e0073b0cd933-HEL
tldrk4hdlb.jsonp
fast.wistia.com/embed/medias/ Frame A275 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/embed/medias/tldrk4hdlb.jsonp
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
ea65746fc8d098492a98a2cc7346ce3902f128c43fcfeb2e3dd5aadf01256310
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:13 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=0
via
1.1 a4cae74c829bc214e4183c38164a2c0a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies
none
x-amz-cf-pop
IAD89-C3
age
13090
x-cache
Miss from cloudfront, HIT, MISS
x-envoy-upstream-service-time
70
content-length
1333
x-request-id
3a2dd7e3-1680-46d1-900f-35ae79395989
x-served-by
cache-iad-kcgs7200123-IAD, cache-hel1410032-HEL
x-runtime
0.067248
x-browser-version
119
server
envoy
x-timer
S1700002874.723290,VS0,VE107
etag
W/"ea65746fc8d098492a98a2cc7346ce39"
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
lrS_RLaH3QtK00rmw8B4AnTk0Mi-xyDrnsJ-Bdf-2qsmRi6vp_LwHw==
x-cache-hits
6, 0
E-v1.js
fast.wistia.com/assets/external/ Frame A275 		741 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1acf7a8579eb4f9060576db7c7805cf639520e08bc5331dd047fc10f276ac9a1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:13 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
808
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
128821
x-served-by
cache-iad-kjyo7100052-IAD, cache-hel1410032-HEL
x-browser-version
119
last-modified
Tue, 14 Nov 2023 20:46:56 GMT
server
AmazonS3
x-timer
S1700002874.723359,VS0,VE0
etag
"d6de7ee1070965b9feecf52cff2eec46"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
b0bc9e83f13d6dd166d8e93f439d43f8cf50f5cc
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
72, 250
swatch
fast.wistia.com/embed/medias/tldrk4hdlb/ Frame A275 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fast.wistia.com/embed/medias/tldrk4hdlb/swatch
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
5ffef9a3fefbd95b22b8b3d27581cb27aeed5d1d8d252139104334e9a62672a2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:13 GMT
access-control-request-method
*
via
1.1 3a60765023a93f6346539d2ca40f0b12.cloudfront.net (CloudFront), 1.1 fb41e17254dfd781519e95cedd257826.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
x-cdn
cloudfront
x-amz-cf-pop
IAD61-P2, IAD89-C3
age
13090
edge-cache-tag
8f29fdb1b5752c5a8ae136981240a231
x-cache
Miss from cloudfront, HIT, MISS
x-envoy-upstream-service-time
37
content-disposition
inline
content-length
4571
x-served-by
cache-iad-kiad7000130-IAD, cache-hel1410032-HEL
x-browser-version
119
last-modified
Thu, 17 Jan 2019 21:10:46 UTC
server
envoy
x-timer
S1700002874.617876,VS0,VE102
etag
yWLxJF0s_mP8WrIGRshN1DDa9dI=
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, no-cache,max-age=31536000
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
igYgMkGnY193KheGFQG5SP0fllbUyb7HhOWv2m1v--ZGgj3J-GmlWg==
x-cache-hits
16, 0
addcart.png
www.lottoannihilator.com/images/ Frame A275 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lottoannihilator.com/images/addcart.png
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c71c726a8befcb1efdb4ba2862f9528d5582ceeb1bac426fb642f82b9b4e46e7

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:13 GMT
cf-cache-status
MISS
last-modified
Tue, 15 May 2018 13:40:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYXCU9PA%2FJO48ydG1%2BZA96UwDoayOoMWwbAJ41%2BXR4fC5I0Vk62ZAiEaDoupeGmjjKZH5k2It8ioTpxRQXlUm9Xu27M24nbBfdKwd2Qd77zCAotr1NUJ2FUPLImzb%2B%2Fa0emztOlqjdKRPXwVu5K5Bf1sLOEDsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8262e0073b0ed933-HEL
content-length
52493
pres_img1.jpg
www.lottoannihilator.com/images/ Frame A275 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lottoannihilator.com/images/pres_img1.jpg
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba8d24c717892abdadfefebcebc9f050279a6f2087e19709b6b7a049e9627c2b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:13 GMT
cf-cache-status
MISS
last-modified
Tue, 15 May 2018 13:40:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6C4mDvU%2FqBj22rDY03DCBzhUtN%2B0Kdt37sSsd6jnHGPZpbIP5gLXyBcJeCevjrUCpepwLkC%2FmF3sxWB972IHYLBOKK1jS7UbrqjO7SlWX5jBLxP%2B8iuHU%2BjQZG89oRZOgM38jsw%2Bx22FVNNmmemoKRjy4cB9nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8262e0086d21d933-HEL
content-length
28526
pres_img2.jpg
www.lottoannihilator.com/images/ Frame A275 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lottoannihilator.com/images/pres_img2.jpg
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
343c96034205ea01bf921b896e3ef1fe434b907b53a9a9850135f9617c07b03b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:13 GMT
cf-cache-status
MISS
last-modified
Tue, 15 May 2018 13:40:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4re7EbcwITsdTGCcoAS8hqwXfkZ4nrz6lVHTo9M4Ppl%2Fz4LCVZN7t0HMs3l0y%2BPhZHx%2BRze%2BsXyG9e0IApo7h7Azq2LiO5CrzQiifLqsPiUtYdtT4SOZs1W6CmjMpb4IWajilg1R14uSSweSkeOAVyxq%2BzuZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8262e008cdacd933-HEL
content-length
22913
pres_img3.jpg
www.lottoannihilator.com/images/ Frame A275 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lottoannihilator.com/images/pres_img3.jpg
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9137e657209c0ae29f0af3183bc0d30708244470eb59393123ed9e0743694932

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:13 GMT
cf-cache-status
MISS
last-modified
Tue, 15 May 2018 13:40:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BNmDcNZoPvcDSc4pc85YMqNvP2FVt1Nr2MIOMe6UOxcaq283JlYjay3ZUTRExYChsUPS%2FK4gueUoPMYKKZrlLgEYjK3xFBDeGXhsaY5SZl%2FAg2EVvOkv992y28i8JZpiLU20SGy9LbO1eP16arn7fpvjRbnVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8262e008cdaed933-HEL
content-length
29120
pres_img4.jpg
www.lottoannihilator.com/images/ Frame A275 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lottoannihilator.com/images/pres_img4.jpg
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b6e874e09fd450a979bf4a9dce3590d03e1e3d645995ae94f52530b20222c6c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:13 GMT
cf-cache-status
MISS
last-modified
Tue, 15 May 2018 13:40:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gv69SVdqZmiPgEsgRr7RQ45LfU1gDGbILdlSHw2ZGAQy08eK3aNYT5LQOEEDK4uB66qWXuboMJBMBKCwDn8jtk2nhHlmgnSIlNwMAK5ZPgEwf70Vt6wPC66wovMpCEDE3a5JENhTZddiv6e64nK9ugPQ4AGH%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8262e008cdafd933-HEL
content-length
21288
conversion.js
www.googleadservices.com/pagead/ Frame A275 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
34eace17373618f0ef6ad0052c607c2b3a6c02af6a6e0a1d16fa15efb97c139d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18823
x-xss-protection
0
server
cafe
etag
4145344891725561964
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 14 Nov 2023 23:01:13 GMT
seg.js.php
trends.revcontent.com/ Frame A275 		0
148 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/seg.js.php?data-rc=rc-seg-pix
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.72.193.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-193-170.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-rc-region
eu-west-1c
date
Tue, 14 Nov 2023 23:01:13 GMT
strict-transport-security
max-age=931536000; includeSubDomains
x-envoy-upstream-service-time
3
server
envoy
vary
Origin
/
cbtb.clickbank.net/ Frame A275 		937 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cbtb.clickbank.net/?vendor=lottery10k
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.114.187 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-114-187.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
1da8a039927042c95ebeacd909fd930acb03ef41568f91eee60a17c4e5eb5b15

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:14 GMT
cache-control
max-age=900
server
Apache
content-length
937
content-type
text/javascript;charset=UTF-8
news_bg2.jpg
www.lottoannihilator.com/images/ Frame A275 		308 KB
309 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lottoannihilator.com/images/news_bg2.jpg
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/css/layout.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b484b3de3ea96eaf5bfe09afe35252f386b70013d95dedb588be7afac5ba975d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/css/layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:13 GMT
cf-cache-status
MISS
last-modified
Tue, 15 May 2018 13:40:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjbxXNVvoDO8A3WgRJ3%2BasbqM8ygSC0mRiOAcpH6noeTOJQVMVZTT9Vq3y4v%2BUwEwBmsRdMor79nWAt5GZzCKuEsjMmP82iQRLwhnUowakxQh4cLdRIJg%2B1eX8ceqDkerpfSMiCW5rDe6a6G79bTmyErBPnC%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8262e008ddced933-HEL
content-length
315368
innr_bg.png
www.lottoannihilator.com/images/ Frame A275 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lottoannihilator.com/images/innr_bg.png
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/css/layout.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40a4d9ee587150c67bb0405f36b37d3600bbd91ecf7cfc221921b21e3e15f5aa

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/css/layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:13 GMT
cf-cache-status
MISS
last-modified
Tue, 15 May 2018 13:40:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpiXgohdauVyX8b%2F5aJJkc1tgY68YkItUVF94o1RvaMlXqNlmFsKAI6TP5v0GJEfvW3uGaS8WL3XnNjCB9hvfbuucz4FFL5IUqCIOv%2FMaRJJZKa7zUuA8l4XptsXSrQXQqrb1F6j6461TnVrI9UceqOOUretgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8262e008ddcfd933-HEL
content-length
87495
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ Frame A275 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|Open+Sans+Condensed:300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.lottoannihilator.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:29:28 GMT
x-content-type-options
nosniff
age
376305
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 14:29:28 GMT
8f29fdb1b5752c5a8ae136981240a231.webp
embed-ssl.wistia.com/deliveries/ Frame A275 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed-ssl.wistia.com/deliveries/8f29fdb1b5752c5a8ae136981240a231.webp?image_crop_resized=640x360
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
170953154253d30323f7cb92e5b3f0c300787043952039a806800105bd4a9c6a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 12 Nov 2023 20:04:54 GMT
access-control-request-method
*
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
FRA56-C2
age
183380
edge-cache-tag
8f29fdb1b5752c5a8ae136981240a231
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
72
content-disposition
inline
surrogate-key
8f29fdb1b5752c5a8ae136981240a231 thumbnail-delivery
last-modified
Thu, 17 Jan 2019 21:10:46 UTC
server
envoy
etag
IXppVfBz0sFn7MVrw-CJ2oN6Us0=
vary
Origin
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
none
x-amz-cf-id
XoF_BJs6kgc9K8V1h2lpMibJgeM6qwJ0OeQycFZPCnBp6AAX9F-F7w==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/848545785/ Frame A275 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/848545785/?random=1700002874047&cv=9&fst=1700002874047&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=5&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.lottoannihilator.com%2Fvideo%2F&tiba=Lotto%20Annihilator&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6dbc18a17c7f6300694c0e18190cfab292e801b1b103e2e92bd6060da2672fa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 23:01:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ytc.js
s.yimg.com/wi/ Frame A275 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 22:58:26 GMT
x-amz-version-id
xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
E2R2VW4C0VS4H5HX
age
169
x-amz-server-side-encryption
AES256
x-amz-id-2
9qJO36x2PBEvUv8q7RyUM6/hHXoPuKL/+INn3vyo/h2aketNCCFAgrDsW0Xuf0FIETcPlNPzh0I+XUo3Wpu8cw==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 26 Jun 2023 09:26:35 GMT
server
ATS
etag
"5c6ed25dce803fd84288922b8928409e-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/848498044/ Frame A275 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/848498044/?random=1700002874052&cv=9&fst=1700002874047&num=2&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=5&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.lottoannihilator.com%2Fvideo%2F&top=https%3A%2F%2Fwww.wisewomenlottery.com&tiba=Lotto%20Annihilator&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42aa6d1f7e84fd965691bc489f4a302cca56fa99657a633c7208109941c38dd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 23:01:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
retarlts.php
jaswertrk.com/scripts/ Frame BBCE 		0
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/848440851/ Frame A275 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/848440851/?random=1700002874062&cv=9&fst=1700002874047&num=3&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=5&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.lottoannihilator.com%2Fvideo%2F&tiba=Lotto%20Annihilator&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c708273f96067efb288482121e781753a903c3f2fbf00cae65fafe23b6d68533
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 23:01:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
new-frontend.en.-1528271646.js
d3cy3u1txmkqs3.cloudfront.net/rosetta/translations2022/new-frontend/files/ Frame 7EB2 		262 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/rosetta/translations2022/new-frontend/files/new-frontend.en.-1528271646.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.82.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-82-27.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6ad6dbf2dff0f084263f77d8fbcfd193470f22647a84fb04fdd4840efef6de0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 12:59:19 GMT
x-amz-version-id
mHrZQgSwLSDrIT1Bw5Cd67liCGJ7xLYx
content-encoding
gzip
last-modified
Tue, 14 Nov 2023 12:55:29 GMT
server
AmazonS3
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P5
etag
W/"2fc31e617baf89765d4c910dd6584946"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=31536000
age
36116
x-amz-cf-id
kqQH9VtYUc-uK7DWt3LxlTSE_jrZ6I6BOOiDhpVQSxEKJf4CbykFGw==
ecwid-storefront.9e22ec856c3aace9c8f01e611db25633.min.js
d3cy3u1txmkqs3.cloudfront.net/venera/static/ Frame 7EB2 		1 MB
242 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/venera/static/ecwid-storefront.9e22ec856c3aace9c8f01e611db25633.min.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.82.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-82-27.ams58.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
65335d511559dcc30873958444455eeffe80fe369891d328b53f3597e83980bf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 04:36:38 GMT
content-encoding
gzip
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800
server
nginx/1.19.0
x-amz-cf-pop
AMS58-P5
age
152676
etag
9e22ec856c3aace9c8f01e611db25633
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
9okeOUa2B2hfaV_x5H8ZSw7VDB1CzJEGGR2aUEYXsSseLlB2FZkppw==
states.js
d3dq8sxcny4hg.cloudfront.net/ Frame 7EB2 		72 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dq8sxcny4hg.cloudfront.net/states.js?version=2023-54753-g89d4484ff212b0&callback=window.ecwid_states_data.loaded
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:ea00:1f:f560:8d00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f71e2cee6934851a889e5c9fada78139940a7d583a1510afe087dd033f43e6a0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 09:43:23 GMT
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P1
age
47871
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=2592000
content-length
22929
x-amz-cf-id
UedgqDCwzQL9gJNZDWmY8fZAJloIAVISxxxTWUOdcV3sevbjPa_DlA==
data.js
app.ecwid.com/ Frame 7EB2 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/data.js?ownerid=73784560&lang=en&token=a7884e03ff4ffdc1f722e0e0a3e2a444ab6f0deb&callback=window.ecwid_initial_data.data.doInit
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c804e51818d2ea556fae98bd5417e9407947690dcfa191a2d9a26ce1ea6c172d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 23:01:14 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Content-Length
7896
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
i.js
ecomm.events/ Frame 7EB2 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecomm.events/i.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.145.112.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-112-251.compute-1.amazonaws.com
Software
nginx/1.19.0 /
Resource Hash
018f897df5ec50c53fba81270a9eb456e897ae789af33f9a7d2666fd2da09878
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:14 GMT
strict-transport-security
max-age=15724800
content-encoding
gzip
server
nginx/1.19.0
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
new-frontend.en.-1528271646.js
d3cy3u1txmkqs3.cloudfront.net/rosetta/translations2022/new-frontend/files/ Frame 8782 		262 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/rosetta/translations2022/new-frontend/files/new-frontend.en.-1528271646.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.82.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-82-27.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6ad6dbf2dff0f084263f77d8fbcfd193470f22647a84fb04fdd4840efef6de0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 12:59:19 GMT
x-amz-version-id
mHrZQgSwLSDrIT1Bw5Cd67liCGJ7xLYx
content-encoding
gzip
last-modified
Tue, 14 Nov 2023 12:55:29 GMT
server
AmazonS3
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P5
etag
W/"2fc31e617baf89765d4c910dd6584946"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=31536000
age
36116
x-amz-cf-id
Ntw-_mBvHrSUMdvJ1TFXc_ct_xgGgzD9Ym9yhzNGCzSleCpffMsAEA==
ecwid-storefront.9e22ec856c3aace9c8f01e611db25633.min.js
d3cy3u1txmkqs3.cloudfront.net/venera/static/ Frame 8782 		1 MB
242 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/venera/static/ecwid-storefront.9e22ec856c3aace9c8f01e611db25633.min.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.82.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-82-27.ams58.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
65335d511559dcc30873958444455eeffe80fe369891d328b53f3597e83980bf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 04:36:38 GMT
content-encoding
gzip
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800
server
nginx/1.19.0
x-amz-cf-pop
AMS58-P5
age
152676
etag
9e22ec856c3aace9c8f01e611db25633
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
5a1lxdVP5QZc_nLjzM-Uh3YUHD308T_ewAUDhyD4SD7ixMSaIxFASw==
states.js
d3dq8sxcny4hg.cloudfront.net/ Frame 8782 		72 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dq8sxcny4hg.cloudfront.net/states.js?version=2023-54753-g89d4484ff212b0&callback=window.ecwid_states_data.loaded
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:ea00:1f:f560:8d00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f71e2cee6934851a889e5c9fada78139940a7d583a1510afe087dd033f43e6a0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 09:43:23 GMT
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P1
age
47871
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=2592000
content-length
22929
x-amz-cf-id
nzUIS_eaWT-zHPwArXjxxB7aQBL-_4JBZknhNYm7YdcS6GSkuBOLLg==
data.js
app.ecwid.com/ Frame 8782 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/data.js?ownerid=73784560&lang=en&token=a7884e03ff4ffdc1f722e0e0a3e2a444ab6f0deb&callback=window.ecwid_initial_data.data.doInit
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c804e51818d2ea556fae98bd5417e9407947690dcfa191a2d9a26ce1ea6c172d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 23:01:14 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Content-Length
7896
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
i.js
ecomm.events/ Frame 8782 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecomm.events/i.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.145.112.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-112-251.compute-1.amazonaws.com
Software
nginx/1.19.0 /
Resource Hash
018f897df5ec50c53fba81270a9eb456e897ae789af33f9a7d2666fd2da09878
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:14 GMT
strict-transport-security
max-age=15724800
content-encoding
gzip
server
nginx/1.19.0
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
new-frontend.en.-1528271646.js
d3cy3u1txmkqs3.cloudfront.net/rosetta/translations2022/new-frontend/files/ Frame 9753 		262 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/rosetta/translations2022/new-frontend/files/new-frontend.en.-1528271646.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.82.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-82-27.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6ad6dbf2dff0f084263f77d8fbcfd193470f22647a84fb04fdd4840efef6de0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 12:59:19 GMT
x-amz-version-id
mHrZQgSwLSDrIT1Bw5Cd67liCGJ7xLYx
content-encoding
gzip
last-modified
Tue, 14 Nov 2023 12:55:29 GMT
server
AmazonS3
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P5
etag
W/"2fc31e617baf89765d4c910dd6584946"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=31536000
age
36116
x-amz-cf-id
Nsf_7JF0E8mcFWhH1YVgtIxppUcs5PkarI9WU1-dwFc9oQRz9VPV9w==
ecwid-storefront.9e22ec856c3aace9c8f01e611db25633.min.js
d3cy3u1txmkqs3.cloudfront.net/venera/static/ Frame 9753 		1 MB
242 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/venera/static/ecwid-storefront.9e22ec856c3aace9c8f01e611db25633.min.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.82.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-82-27.ams58.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
65335d511559dcc30873958444455eeffe80fe369891d328b53f3597e83980bf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 04:36:38 GMT
content-encoding
gzip
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800
server
nginx/1.19.0
x-amz-cf-pop
AMS58-P5
age
152676
etag
9e22ec856c3aace9c8f01e611db25633
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
vWhMdMtXCWcqmYg7plv-NI-ZOAqtW_urF44BY7IMNzUoZe-4BoimVw==
states.js
d3dq8sxcny4hg.cloudfront.net/ Frame 9753 		72 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dq8sxcny4hg.cloudfront.net/states.js?version=2023-54753-g89d4484ff212b0&callback=window.ecwid_states_data.loaded
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:ea00:1f:f560:8d00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f71e2cee6934851a889e5c9fada78139940a7d583a1510afe087dd033f43e6a0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 09:43:23 GMT
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P1
age
47871
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=2592000
content-length
22929
x-amz-cf-id
sAVvd75RYLmaUec1-1kXcZUfWL-ehFGWZJb16HqSkG5k9zybFf-20Q==
data.js
app.ecwid.com/ Frame 9753 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/data.js?ownerid=73784560&lang=en&token=a7884e03ff4ffdc1f722e0e0a3e2a444ab6f0deb&callback=window.ecwid_initial_data.data.doInit
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c804e51818d2ea556fae98bd5417e9407947690dcfa191a2d9a26ce1ea6c172d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Tue, 14 Nov 2023 23:01:14 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Content-Length
7896
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
i.js
ecomm.events/ Frame 9753 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecomm.events/i.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.145.112.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-112-251.compute-1.amazonaws.com
Software
nginx/1.19.0 /
Resource Hash
018f897df5ec50c53fba81270a9eb456e897ae789af33f9a7d2666fd2da09878
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:14 GMT
strict-transport-security
max-age=15724800
content-encoding
gzip
server
nginx/1.19.0
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
new
d1oxsl77a1kjht.cloudfront.net/css/ Frame 7EB2 		1022 KB
99 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=-2003029856&ownerid=73784560&id-selector=html%23ecwid_html%20body%23ecwid_body&frontendV2
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:1c:b536:2c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
308e8903dc7ea9bca1cc7df9c5e3beeb9d3dbd4eee8ee3c051b6398cd2efaf1e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:14 GMT
content-encoding
gzip
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
"-2003029856"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css;charset=utf-8
cache-control
no-cache
x-amz-cf-id
ADUjGkFPwxIvkGtOeZg8w5xGCDVFK1gRu3D7hWicznkH8-Jk7vQMEg==
C752656B8888219118BC47720D54C6BB.cache.js
d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-54753-g89d4484ff212b0/ru.cdev.xnext.frontend.LegacyFrontend/ Frame 3E4B 		2 MB
578 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-54753-g89d4484ff212b0/ru.cdev.xnext.frontend.LegacyFrontend/C752656B8888219118BC47720D54C6BB.cache.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:7600:13:2031:2340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d8655975c032afe9cb56452ffac62e5930a5a7a4382cafaaf14ab08e6d453523

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 09:43:26 GMT
content-encoding
br
via
1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
x-amz-version-id
0XisI1fTtWjbzeEE9_b.Kw1ccwqpqOk_
x-amz-cf-pop
FRA56-C2
age
47869
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
0111d12c63dfb1e3ff1ce6d9376c4c7b
last-modified
Tue, 14 Nov 2023 09:39:06 GMT
server
AmazonS3
etag
W/"0111d12c63dfb1e3ff1ce6d9376c4c7b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
BBhupL8A_mauUuXb40Y86fk6yWzMrv3j_DAPu4B-P-R-3TVuG9KV7g==
new
d1oxsl77a1kjht.cloudfront.net/css/ Frame 8782 		1022 KB
99 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=-2003029856&ownerid=73784560&id-selector=html%23ecwid_html%20body%23ecwid_body&frontendV2
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:1c:b536:2c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
308e8903dc7ea9bca1cc7df9c5e3beeb9d3dbd4eee8ee3c051b6398cd2efaf1e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:15 GMT
content-encoding
gzip
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
"-2003029856"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css;charset=utf-8
cache-control
no-cache
x-amz-cf-id
JdBqYF15HKgm8jElr2Fd5PrQ5C-G1QXO13vXBUYi7-LmCtHvvhgLJQ==
C752656B8888219118BC47720D54C6BB.cache.js
d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-54753-g89d4484ff212b0/ru.cdev.xnext.frontend.LegacyFrontend/ Frame 16EE 		2 MB
578 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-54753-g89d4484ff212b0/ru.cdev.xnext.frontend.LegacyFrontend/C752656B8888219118BC47720D54C6BB.cache.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:7600:13:2031:2340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d8655975c032afe9cb56452ffac62e5930a5a7a4382cafaaf14ab08e6d453523

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 09:43:26 GMT
content-encoding
br
via
1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
x-amz-version-id
0XisI1fTtWjbzeEE9_b.Kw1ccwqpqOk_
x-amz-cf-pop
FRA56-C2
age
47869
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
0111d12c63dfb1e3ff1ce6d9376c4c7b
last-modified
Tue, 14 Nov 2023 09:39:06 GMT
server
AmazonS3
etag
W/"0111d12c63dfb1e3ff1ce6d9376c4c7b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
Wf-2pmpr8DROxvWeqmHE04TPV2qB4QdhgH3FeJ6Ao44DokmcyVkXUQ==
ecwid.plugin.js
analytics.sitewit.com/ Frame 7EB2 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.sitewit.com/ecwid.plugin.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:243f:2d01:5380:e1f8:c18:d856 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
03fa053e131169cda3771731b32b02cb04980446818a213304449e02cd5a0947

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
text/javascript; charset=utf-8
date
Tue, 14 Nov 2023 23:01:14 GMT
cache-control
private,no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-length
5642
p3p
CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
storefront-app.js
d20ubqycd8ynev.cloudfront.net/ Frame 7EB2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d20ubqycd8ynev.cloudfront.net/storefront-app.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1c00:19:4fd1:c1c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
7460e7bfe27ba69692cd72452646130bf8f0e91177c867d7360297029228ff6c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:14 GMT
strict-transport-security
max-age=15724800
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
server
nginx/1.19.0
x-amz-cf-pop
FRA56-C1
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=utf-8
x-amz-cf-id
y0zZbU4VadWW2d8EJjuk0EAj66pNL2SbkQPUV-hYtTC4CRnL2If4YQ==
new
d1oxsl77a1kjht.cloudfront.net/css/ Frame 9753 		1022 KB
99 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=-2003029856&ownerid=73784560&id-selector=html%23ecwid_html%20body%23ecwid_body&frontendV2
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:1c:b536:2c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
308e8903dc7ea9bca1cc7df9c5e3beeb9d3dbd4eee8ee3c051b6398cd2efaf1e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:15 GMT
content-encoding
gzip
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
"-2003029856"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css;charset=utf-8
cache-control
no-cache
x-amz-cf-id
g_kGhdctRqzfbAXX4MuC9LmDZ8AK2Bhgxd4zBmyxVcqqRVuLLbLbwQ==
C752656B8888219118BC47720D54C6BB.cache.js
d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-54753-g89d4484ff212b0/ru.cdev.xnext.frontend.LegacyFrontend/ Frame 460C 		2 MB
578 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-54753-g89d4484ff212b0/ru.cdev.xnext.frontend.LegacyFrontend/C752656B8888219118BC47720D54C6BB.cache.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:7600:13:2031:2340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d8655975c032afe9cb56452ffac62e5930a5a7a4382cafaaf14ab08e6d453523

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 09:43:26 GMT
content-encoding
br
via
1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
x-amz-version-id
0XisI1fTtWjbzeEE9_b.Kw1ccwqpqOk_
x-amz-cf-pop
FRA56-C2
age
47869
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
0111d12c63dfb1e3ff1ce6d9376c4c7b
last-modified
Tue, 14 Nov 2023 09:39:06 GMT
server
AmazonS3
etag
W/"0111d12c63dfb1e3ff1ce6d9376c4c7b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
RX1dpfiiearMyXPC9819740vla01WPQvzoPPMek7j-dUWfQDmm2dsA==
ecwid.plugin.js
analytics.sitewit.com/ Frame 8782 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.sitewit.com/ecwid.plugin.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:243f:2d01:5380:e1f8:c18:d856 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
03fa053e131169cda3771731b32b02cb04980446818a213304449e02cd5a0947

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
text/javascript; charset=utf-8
date
Tue, 14 Nov 2023 23:01:14 GMT
cache-control
private,no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-length
5642
p3p
CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
storefront-app.js
d20ubqycd8ynev.cloudfront.net/ Frame 8782 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d20ubqycd8ynev.cloudfront.net/storefront-app.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1c00:19:4fd1:c1c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
7460e7bfe27ba69692cd72452646130bf8f0e91177c867d7360297029228ff6c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:14 GMT
strict-transport-security
max-age=15724800
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
server
nginx/1.19.0
x-amz-cf-pop
FRA56-C1
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=utf-8
x-amz-cf-id
h86E3bjrdXb1big1TdzcXkeTc4Tl-fHLa6k49hlZmv-tFCl8VEWVxw==
ecwid.plugin.js
analytics.sitewit.com/ Frame 9753 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.sitewit.com/ecwid.plugin.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:243f:2d01:5380:e1f8:c18:d856 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
03fa053e131169cda3771731b32b02cb04980446818a213304449e02cd5a0947

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type
text/javascript; charset=utf-8
date
Tue, 14 Nov 2023 23:01:14 GMT
cache-control
private,no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-length
5642
p3p
CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
storefront-app.js
d20ubqycd8ynev.cloudfront.net/ Frame 9753 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d20ubqycd8ynev.cloudfront.net/storefront-app.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1c00:19:4fd1:c1c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
7460e7bfe27ba69692cd72452646130bf8f0e91177c867d7360297029228ff6c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:14 GMT
strict-transport-security
max-age=15724800
content-encoding
gzip
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
server
nginx/1.19.0
x-amz-cf-pop
FRA56-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript;charset=utf-8
x-amz-cf-id
xiT2mn50N4e_czd8EEMhIpBwy_SPKnCgOx2dTcWTaz49v_mE1x2FCQ==
/
www.google.com/pagead/1p-user-list/848498044/ Frame A275 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/848498044/?random=1700002874052&cv=9&fst=1700002800000&num=2&guid=ON&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=5&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=2&url=https%3A%2F%2Fwww.lottoannihilator.com%2Fvideo%2F&tiba=Lotto%20Annihilator&fmt=3&is_vtc=1&cid=CAQSGwDICaaNsJakrd_pugfDacfy3CSgGMVuIYnHBg&random=1994834889&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 23:01:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.no/pagead/1p-user-list/848498044/ Frame A275 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.no/pagead/1p-user-list/848498044/?random=1700002874052&cv=9&fst=1700002800000&num=2&guid=ON&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=5&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=2&url=https%3A%2F%2Fwww.lottoannihilator.com%2Fvideo%2F&tiba=Lotto%20Annihilator&fmt=3&is_vtc=1&cid=CAQSGwDICaaNsJakrd_pugfDacfy3CSgGMVuIYnHBg&random=1994834889&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 23:01:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/848545785/ Frame A275 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/848545785/?random=1700002874047&cv=9&fst=1700002800000&num=1&guid=ON&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=5&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=2&url=https%3A%2F%2Fwww.lottoannihilator.com%2Fvideo%2F&tiba=Lotto%20Annihilator&fmt=3&is_vtc=1&cid=CAQSGwDICaaN5900pcQrf55pWB8uL0ciqRIxSXI2jA&random=2237231915&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 23:01:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.no/pagead/1p-user-list/848545785/ Frame A275 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.no/pagead/1p-user-list/848545785/?random=1700002874047&cv=9&fst=1700002800000&num=1&guid=ON&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=5&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=2&url=https%3A%2F%2Fwww.lottoannihilator.com%2Fvideo%2F&tiba=Lotto%20Annihilator&fmt=3&is_vtc=1&cid=CAQSGwDICaaN5900pcQrf55pWB8uL0ciqRIxSXI2jA&random=2237231915&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 23:01:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/848440851/ Frame A275 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/848440851/?random=1700002874062&cv=9&fst=1700002800000&num=3&guid=ON&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=5&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=2&url=https%3A%2F%2Fwww.lottoannihilator.com%2Fvideo%2F&tiba=Lotto%20Annihilator&fmt=3&is_vtc=1&cid=CAQSGwDICaaNmgIVJ2cpvjYaFMUFejOtj4eLXn48Hg&random=1581387237&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 23:01:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.no/pagead/1p-user-list/848440851/ Frame A275 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.no/pagead/1p-user-list/848440851/?random=1700002874062&cv=9&fst=1700002800000&num=3&guid=ON&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=5&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=2&url=https%3A%2F%2Fwww.lottoannihilator.com%2Fvideo%2F&tiba=Lotto%20Annihilator&fmt=3&is_vtc=1&cid=CAQSGwDICaaNmgIVJ2cpvjYaFMUFejOtj4eLXn48Hg&random=1581387237&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 23:01:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
10031497.json
s.yimg.com/wi/config/ Frame A275 		2 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10031497.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
09CQZJ9MYY60ZR6G
age
1
content-length
22
x-amz-id-2
rNHNXVQXtLUieDK+0+FQbKc2RwoHgNtjCPC0xgiilz6+xDpvShbefm0VYyGtj5PnJFdoIMlv0wg=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
gtm.js
trk.cosmicmedia.io/ Frame 20A3 		342 B
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trk.cosmicmedia.io/gtm.js
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8143c1639f0a257f2ba1e17c04137c194cf4c87e4561ecf1f5a3e5dff63bbf7a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
910
x-guploader-uploadid
ABPtcPocVHA48rGp3XmDdWfLJv3yS-_y3ZjGxMQGGHC_T86vM2lqSCZ6ml2Fu3ZWwfSvR6w3nrYNtLynMA-dIzSRoc1MDg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 29 Dec 2022 19:00:01 GMT
server
cloudflare
etag
W/"44e991877797c7b98b08e411138435a8"
vary
Accept-Encoding
x-goog-hash
crc32c=HgheOw==, md5=ROmRh3eXx7mLCOQRE4Q1qA==
x-goog-generation
1672340401519594
content-type
text/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6joZUeT2rUo8b7r2aMsY9YTsUcSgJCG1vvfvcU3e8ULerDdlj5mEKzsgT1ZaFChoN01TojJPr3kH%2FfoBUeIBPFbqtJwqKVm98S8ZEI18KSX0PCvkdAY3APkI6W6n96V%2F3hVHxDXjHd3qnasfo%2BgMA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
x-goog-stored-content-length
342
cf-ray
8262e00e78fe4e10-HEL
expires
Tue, 14 Nov 2023 23:46:04 GMT
css2
fonts.googleapis.com/ Frame 20A3 		31 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2869d8a2bd0b52da8584c48985b845ef95e24c4b5e98b42d16d3bdccf8eac7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 23:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 23:01:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 23:01:14 GMT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/ Frame 20A3 		157 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://godfrequency.co/
Origin
https://godfrequency.co
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
565, 617, 617
age
1485192
cdn-cachedat
2021-06-08 14:20:02
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:10 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
e46253b54846ba22d60ba837eea6f62e
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8262e00e9c1c7130-OSL
cdn-requestpullsuccess
True
animate.min.css
godfrequency.co/css/ Frame 20A3 		70 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://godfrequency.co/css/animate.min.css
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.222.21.127 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
host.15minuteweightloss.com
Software
LiteSpeed /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:14 GMT
content-encoding
br
content-security-policy
frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;
last-modified
Tue, 18 Jul 2023 06:46:21 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4828
expires
Tue, 21 Nov 2023 23:01:14 GMT
style-vsl.css
godfrequency.co/css/ Frame 20A3 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://godfrequency.co/css/style-vsl.css
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.222.21.127 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
host.15minuteweightloss.com
Software
LiteSpeed /
Resource Hash
a5c55ed2115af67fceb3487697bf863e1941a1ebd7b21514f09c4707b53a7255
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:14 GMT
content-encoding
br
content-security-policy
frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;
last-modified
Tue, 18 Jul 2023 06:46:21 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2700
expires
Tue, 21 Nov 2023 23:01:14 GMT
stay-on-page.png
godfrequency.co/img/ Frame 20A3 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://godfrequency.co/img/stay-on-page.png
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.222.21.127 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
host.15minuteweightloss.com
Software
LiteSpeed /
Resource Hash
c841fc7dbc4d2c138865ff729bfeac6d9e972dc1bf742490d283d4d2f32be918
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:14 GMT
content-security-policy
frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;
last-modified
Tue, 18 Jul 2023 06:46:21 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
109231
expires
Tue, 21 Nov 2023 23:01:14 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame 20A3 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 15:10:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
287420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Nov 2024 15:10:54 GMT
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/ Frame 20A3 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://godfrequency.co/
Origin
https://godfrequency.co
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1541690
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230104-FRA, cache-yyz4571-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h77PrLgatJmvPyYcaCbDx5pWFDmuYs0gRdiwFyXMpqS4ubZcsy52TqTJoOpI4tG1pwDQ6HR2XEejOagq0r6NEg5TivhGrcrfQQpl0z40s5Px2DtohpcHzZpRwhcDOEQB2%2BsMT7jbLqznuK23GuY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8262e00fbed9b50f-OSL
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/ Frame 20A3 		59 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.min.js
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://godfrequency.co/
Origin
https://godfrequency.co
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
601, 718, 718
age
394640
cdn-cachedat
2021-08-03 11:18:10
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:10 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
120f10eda772ead1638f7a925dcce94a
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8262e00eec4c7130-OSL
cdn-requestpullsuccess
True
lazysizes.min.js
godfrequency.co/js/ Frame 20A3 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://godfrequency.co/js/lazysizes.min.js
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.222.21.127 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
host.15minuteweightloss.com
Software
LiteSpeed /
Resource Hash
e2b128a72c6e2c5bc7c526c24799ae8b83a2c32ad25f71c3acc14c7c6e2e1469
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:14 GMT
content-encoding
br
content-security-policy
frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;
last-modified
Tue, 18 Jul 2023 06:46:21 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3250
expires
Tue, 21 Nov 2023 23:01:14 GMT
js.cookie.min.js
godfrequency.co/js/ Frame 20A3 		2 KB
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://godfrequency.co/js/js.cookie.min.js
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.222.21.127 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
host.15minuteweightloss.com
Software
LiteSpeed /
Resource Hash
f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:14 GMT
content-encoding
br
content-security-policy
frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;
last-modified
Tue, 18 Jul 2023 06:46:21 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
791
expires
Tue, 21 Nov 2023 23:01:14 GMT
bounceback.min.js
godfrequency.co/js/ Frame 20A3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://godfrequency.co/js/bounceback.min.js
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.222.21.127 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
host.15minuteweightloss.com
Software
LiteSpeed /
Resource Hash
7b0315eabc2a7646ba2bfbe779a72ac2b8dc02d083c547479909eef884de5c80
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:14 GMT
content-encoding
br
content-security-policy
frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;
last-modified
Tue, 18 Jul 2023 06:46:21 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1214
expires
Tue, 21 Nov 2023 23:01:14 GMT
/
cbtb.clickbank.net/ Frame 20A3 		936 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cbtb.clickbank.net/?vendor=godfreq
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.114.187 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-114-187.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
a3ba10e614083832f41494e71b4c53bd738a88a9ffd6f9a0c785348ec389527c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:14 GMT
cache-control
max-age=900
server
Apache
content-length
936
content-type
text/javascript;charset=UTF-8
landing.js
cpv.godfrequency.co/ Frame 20A3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpv.godfrequency.co/landing.js
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.222.21.127 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
host.15minuteweightloss.com
Software
LiteSpeed /
Resource Hash
b39aea8dc2deb42a2c652fc5fb90e300ba9deebf5fc259e2313d4f16cdc9cb9b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:15 GMT
content-encoding
br
last-modified
Fri, 18 Feb 2022 06:56:26 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1201
expires
Tue, 21 Nov 2023 23:01:15 GMT
gtm.js
www.googletagmanager.com/ Frame 20A3 		169 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KL728P7
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
742323fc8b75911dd5587acc15557d0844633853c2e99c6c454b110bd2c0acf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62375
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Nov 2023 23:01:14 GMT
injectable.js
prod.cbstatic.net/dist/ Frame A275 		187 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.cbstatic.net/dist/injectable.js
Requested by
Host: cbtb.clickbank.net
URL: https://cbtb.clickbank.net/?vendor=lottery10k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-12.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f752e24e380963973c86376422b0618658de851a8b2011c69e394b787a1c593f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:15 GMT
x-amz-version-id
RdcimFzJWwtinCAQ.f3F8OeQrj2.m2uJ
content-encoding
gzip
last-modified
Mon, 21 Dec 2020 21:57:37 GMT
server
AmazonS3
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
etag
W/"af651c30e1a69f6f2124e9c1d094a300"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
MiphMXz4I4xi2FVXwHlh5-Pc2fJLyGOXqtO2G2wd6SL2LXaRTR4kAw==
gtm.js
www.googletagmanager.com/ Frame 20A3 		189 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5WBFS28
Requested by
Host: trk.cosmicmedia.io
URL: https://trk.cosmicmedia.io/gtm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
058e27e22f0f56bf4b40590009c0f314458fbeeb7c8c5795b63f0bb19c8ab2ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66948
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Nov 2023 23:01:14 GMT
sp.pl
sp.analytics.yahoo.com/ Frame A275 		43 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2014%20Nov%202023%2023%3A01%3A14%20GMT&n=-2&b=Lotto%20Annihilator&.yp=10031497&f=https%3A%2F%2Fwww.lottoannihilator.com%2Fvideo%2F&enc=UTF-8&yv=1.15.1&isIframe=1
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 23:01:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Tue, 14 Nov 2023 23:01:15 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://www.wisewomenlottery.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
http://play.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 14 Nov 2023 23:01:15 GMT
expires
Tue, 14 Nov 2023 23:01:15 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ 		0
0
logImpressions
www.wisewomenlottery.com/_/view/ 		16 B
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wisewomenlottery.com/_/view/logImpressions?authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.t1py5owyu6o.O/am=EAY/d=1/rs=AGEqA5kklLH44r1RKsMCY4vA8vpEd_cCRA/m=view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.wisewomenlottery.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 23:01:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ Frame 20A3 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://godfrequency.co
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 04:49:30 GMT
x-content-type-options
nosniff
age
65505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33116
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:52:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Nov 2024 04:49:30 GMT
EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v18/ Frame 20A3 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://godfrequency.co
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 20:46:00 GMT
x-content-type-options
nosniff
age
526515
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29588
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:28:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Nov 2024 20:46:00 GMT
loader.min.js
quick.vidalytics.com/embeds/1GmmqL0C/Q_SVGNsrosZDKlPJ/ Frame 20A3 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/embeds/1GmmqL0C/Q_SVGNsrosZDKlPJ/loader.min.js
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
3b2cc6c2c699328f5dd0dbe97cdcc76a86ef6decc7a88ebe02b27cfe02ddb9c1

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:15 GMT
x-envoy-decorator-operation
vidalytics-player-api.vidalytics-player-api.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-cdn
5
age
0
x-cache
MISS, MISS
x-envoy-upstream-service-time
44
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10597
x-served-by
cache-dfw-kdal2120132-DFW, cache-hel1410027-HEL
server
istio-envoy
x-timer
S1700002875.287392,VS0,VE207
vary
Accept-Encoding
x-cdn-site
c5-prod
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=60, s-maxage=600
x-lb-backend
api-prod
x-lb-cache
disabled
accept-ranges
bytes
x-cache-hits
0, 0
js
www.googletagmanager.com/gtag/ Frame 20A3 		240 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SGLBV00EV0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KL728P7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f6f62c83cb3e39f84015885535db03e17ea285d3da7d179b8695ad93e5e8e09f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85265
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 Nov 2023 23:01:15 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 20A3 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 14 Nov 2023 23:01:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
SJCyjEEDFQOiJd7Bd+BX0L7Fb//u0doexjqZxEC3bty7doMymNZ/vNv2oRNaekmsHGAMsj1roRwkeoe6b2LLEg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
rpc
app.ecwid.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-54753-g89d4484ff212b0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://138284849-atari-embeds.googleusercontent.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Tue, 14 Nov 2023 23:01:15 GMT
Server
nginx
rpc
app.ecwid.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-54753-g89d4484ff212b0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://138284849-atari-embeds.googleusercontent.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Tue, 14 Nov 2023 23:01:15 GMT
Server
nginx
rpc
app.ecwid.com/ Frame 7EB2 		12 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-54753-g89d4484ff212b0
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-54753-g89d4484ff212b0/ru.cdev.xnext.frontend.LegacyFrontend/
X-GWT-Permutation
C752656B8888219118BC47720D54C6BB
Referer
https://138284849-atari-embeds.googleusercontent.com/
X-Ecwid-Device-Measurement
WEB_MOBILE;1600;1200;96;562;500
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Nov 2023 23:01:16 GMT
Server
nginx
Connection
keep-alive
Content-Disposition
attachment
Content-Length
12
Content-Type
application/json;charset=utf-8
rpc
app.ecwid.com/ Frame 7EB2 		12 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-54753-g89d4484ff212b0
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-54753-g89d4484ff212b0/ru.cdev.xnext.frontend.LegacyFrontend/
X-GWT-Permutation
C752656B8888219118BC47720D54C6BB
Referer
https://138284849-atari-embeds.googleusercontent.com/
X-Ecwid-Device-Measurement
WEB_MOBILE;1600;1200;96;562;500
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Nov 2023 23:01:16 GMT
Server
nginx
Connection
keep-alive
Content-Disposition
attachment
Content-Length
12
Content-Type
application/json;charset=utf-8
app-strings-en.json
prod.cbstatic.net/dist/i18n/ Frame A275 		9 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.cbstatic.net/dist/i18n/app-strings-en.json
Requested by
Host: prod.cbstatic.net
URL: https://prod.cbstatic.net/dist/injectable.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-12.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c

Request headers

Accept
application/json
Referer
https://www.lottoannihilator.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:16 GMT
x-amz-version-id
ZlnvsWVay.azLO76UGrGFfzKmZRJT9PH
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
last-modified
Mon, 21 Dec 2020 21:57:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"cdfca8b09e61ae7324e48f01984c9b34"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
vary
Origin
content-length
9
x-amz-cf-id
B1R283sgwi9pTc1e51hbNhMMVtbziXGOfmfNMTe9XYh0hGl5getbDA==
logo-header-two-tone-en.png
prod.cbstatic.net/dist/assets/ Frame A275 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod.cbstatic.net/dist/assets/logo-header-two-tone-en.png
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-12.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84986c117f6f9418eff2f7ce5e55940671f178542c58092c05ef539ebd4da308

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:16 GMT
x-amz-version-id
rgVoO.sKTwEpJN65bYI.UT4E8UVMZSpC
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
last-modified
Mon, 21 Dec 2020 21:57:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"47cdefc96f75be3d978d4b444737b00e"
x-cache
Miss from cloudfront
content-type
image/png
content-length
3472
x-amz-cf-id
7AKCck89-uOpBH-qsc0gaEDi-mM4e8rE1CAUOGWJH7KBVAWbCYDMIQ==
logo-tab-two-tone-en.png
prod.cbstatic.net/dist/assets/ Frame A275 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod.cbstatic.net/dist/assets/logo-tab-two-tone-en.png
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-12.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f4d0823359307bdc2fbcc62d1004b361b02cc8ae5d6cb75f314658827ee1eeb

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:16 GMT
x-amz-version-id
65GBUS1AcRJNN3GRB3Nf3yY51OsdERt0
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
last-modified
Mon, 21 Dec 2020 21:57:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"c06ae1ecaaf7e0610c68af117658a7e0"
x-cache
Miss from cloudfront
content-type
image/png
content-length
4341
x-amz-cf-id
02spneIN2J8wGdqrXI73Gv_AnArrjBtIe42EHtuEd_J27PUi8WNTmQ==
blue-seal-153-100-clickbank-5004291.png
seal-boise.bbb.org/seals/ Frame A275 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn / ASP.NET
Resource Hash
f8e7bf03701efd2aee505e7ac8e7b6e9efbae155d18b8940197b44c4b09ee92a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:15 GMT
last-modified
Thu, 09 Nov 2023 12:54:27 GMT
server
keycdn
x-aspnet-version
4.0.30319
x-edge-location
defr
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
x-robots-tag
noindex
x-shield
active
content-length
4373
expires
Wed, 15 Nov 2023 03:01:15 GMT
injectable.js
prod.cbstatic.net/dist/ Frame 20A3 		187 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.cbstatic.net/dist/injectable.js
Requested by
Host: cbtb.clickbank.net
URL: https://cbtb.clickbank.net/?vendor=godfreq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-12.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f752e24e380963973c86376422b0618658de851a8b2011c69e394b787a1c593f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:16 GMT
x-amz-version-id
RdcimFzJWwtinCAQ.f3F8OeQrj2.m2uJ
content-encoding
gzip
last-modified
Mon, 21 Dec 2020 21:57:37 GMT
server
AmazonS3
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
etag
W/"af651c30e1a69f6f2124e9c1d094a300"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
feLJwYewe4n8FAv-um7AtMl34K8cHxhTweAl0TQzUH58CMpfTfNWDQ==
checkout.min.js
www.paypalobjects.com/api/ Frame 7EB2 		863 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/checkout.min.js
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F7B0) /
Resource Hash
f7d9c8184937ff854afd6da2a3de3fc970ef1c2820795e44e932499540fe5832
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
67ebaeca2b99d
dc
ccg11-origin-www-1.paypal.com
content-length
191373
last-modified
Wed, 24 May 2023 16:43:28 GMT
server
ECAcc (ska/F7B0)
traceparent
00-000000000000000000067ebaeca2b99d-08dce8f875e25217-01
etag
"646e3eb0-d7ad2+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Wed, 15 Nov 2023 23:01:15 GMT
new
d1oxsl77a1kjht.cloudfront.net/css/ Frame 7EB2 		1022 KB
99 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=-2003029856&ownerid=73784560&id-selector=html%23ecwid_html%20body%23ecwid_body&frontendV2
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:1c:b536:2c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
308e8903dc7ea9bca1cc7df9c5e3beeb9d3dbd4eee8ee3c051b6398cd2efaf1e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:15 GMT
content-encoding
gzip
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
"-2003029856"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css;charset=utf-8
cache-control
no-cache
x-amz-cf-id
vmkLTYIJJG7WVn_Jqm--l3K7li5a5dIktHtNbUxTBL_RN1krbMjOfA==
/
js.stripe.com/v3/ Frame 7EB2 		553 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ad554a89ac5a217395a61851928b9c8499a4becd2d607a0d358393fbb42ed765
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 23:01:15 GMT
via
1.1 varnish
age
15
x-cache
HIT
content-length
156589
x-request-id
815a9208-ea6f-4190-a69f-245e9436641f
x-served-by
cache-hel1410034-HEL
last-modified
Tue, 14 Nov 2023 21:12:22 GMT
server
Fastly
etag
"7037269a126d13cc06f33ce890411b1b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
5
ecwid-checkout.2fa3cc4d228c6634bfde834f055cde01.min.js
d3cy3u1txmkqs3.cloudfront.net/venera/static/ Frame 7EB2 		765 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/venera/static/ecwid-checkout.2fa3cc4d228c6634bfde834f055cde01.min.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.82.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-82-27.ams58.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
aeffed18ac9cdfbca5bcf2bb0f3a91c06aec0040253d7880eabae02f6458a79c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 04:36:39 GMT
content-encoding
gzip
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800
server
nginx/1.19.0
x-amz-cf-pop
AMS58-P5
age
152676
etag
2fa3cc4d228c6634bfde834f055cde01
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
1aWRgVkjk4PH0Wqt_6W7R1x80nRKRUvkMEFFDFXuBZf6cRtEmc8n9g==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ Frame 20A3 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://godfrequency.co
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:29:28 GMT
x-content-type-options
nosniff
age
376307
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 14:29:28 GMT
rpc
app.ecwid.com/ Frame 7EB2 		1 KB
894 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-54753-g89d4484ff212b0
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cdd54ba9bf4842a1abee9a0b0a2e5616ca47a7f90adb828e3773bc1ba89b6170

Request headers

X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-54753-g89d4484ff212b0/ru.cdev.xnext.frontend.LegacyFrontend/
X-GWT-Permutation
C752656B8888219118BC47720D54C6BB
Referer
https://138284849-atari-embeds.googleusercontent.com/
X-Ecwid-Device-Measurement
WEB_MOBILE;1600;1200;96;562;500
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

Date
Tue, 14 Nov 2023 23:01:16 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
*
Content-Disposition
attachment
Connection
keep-alive
Content-Length
643
rpc
app.ecwid.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-54753-g89d4484ff212b0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://138284849-atari-embeds.googleusercontent.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Tue, 14 Nov 2023 23:01:15 GMT
Server
nginx
js
www.googletagmanager.com/gtag/ Frame BFB5 		199 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-971986711
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b63adecbbf5e006d111da1289657f6eaebfc1fd9ab3faf7181f465e8acff1a6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74189
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Nov 2023 23:01:15 GMT
bootstrap.min.css
www.3stepmethod.com/wp-content/themes/sydney/css/bootstrap/ Frame BFB5 		16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-content/themes/sydney/css/bootstrap/bootstrap.min.css?ver=1
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
cb30bdec55a5ce7a0f11b4d105128fbf152bc018220651f906affd4882e55bd3

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:11 GMT
content-encoding
gzip
last-modified
Sun, 03 Jan 2021 13:11:42 GMT
server
Apache
etag
W/"40f4-5b7feb6ed1c52"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
style.min.css
www.3stepmethod.com/wp-includes/css/dist/block-library/ Frame BFB5 		57 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.10
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:11 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 21:43:42 GMT
server
Apache
etag
W/"e33b-5c009c1cae2b4"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
css
fonts.googleapis.com/ Frame BFB5 		3 KB
590 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway%3A400%2C600&subset=latin&display=swap
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
acc86c4886ca5b8a51887ad2942d6756d6c15be95f82da9be827df1222903279
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 23:01:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 22:42:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 23:01:15 GMT
style.css
www.3stepmethod.com/wp-content/themes/sydney/ Frame BFB5 		89 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-content/themes/sydney/style.css?ver=20200129
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
743920a6df53feb02c6a74581a04aa982408375542de4e2924b3c8b493a5e242

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:11 GMT
content-encoding
gzip
last-modified
Sun, 03 Jan 2021 13:11:42 GMT
server
Apache
etag
W/"1644b-5b7feb6ebd047"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
default.min.css
www.3stepmethod.com/wp-content/plugins/tablepress/css/ Frame BFB5 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-content/plugins/tablepress/css/default.min.css?ver=1.13
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:15 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:39:04 GMT
server
Apache
etag
W/"13e4-5c121a5e66d8e"
x-cdn-cache-status
MISS
vary
Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
elementor-icons.min.css
www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/eicons/css/ Frame BFB5 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.11.0
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
e36eaa6e7cebbd4138dfb008ee3d53ab8195f45953b0f4f27d0d8156ab059021

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:11 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:41 GMT
server
Apache
etag
W/"4350-5c121a486ce6d"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
animations.min.css
www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/animations/ Frame BFB5 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.2.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:15 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:41 GMT
server
Apache
etag
W/"4824-5c121a48693d5"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
frontend-legacy.min.css
www.3stepmethod.com/wp-content/plugins/elementor/assets/css/ Frame BFB5 		4 KB
792 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.2.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
f1f487a441b78d59cf250619c1d421ae8f3645b3640d47b94f550820b3804fc9

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:11 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
W/"f0e-5c121a48c48d3"
x-cdn-cache-status
EXPIRED
vary
Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
frontend.min.css
www.3stepmethod.com/wp-content/plugins/elementor/assets/css/ Frame BFB5 		115 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.2.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
4d3d44f6ec54680e837763f2fdc2d5f2ab8811717cd585942c064eec31ddf6c8

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:11 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
W/"1cdf9-5c121a48bdf5a"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
post-839.css
www.3stepmethod.com/wp-content/uploads/elementor/css/ Frame BFB5 		1022 B
606 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-content/uploads/elementor/css/post-839.css?ver=1619725245
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
78981e8c1ec7b658060824a9f12782f9c1b08cdf90b8fed84f1dedf0bca55102

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:11 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:40:49 GMT
server
Apache
etag
W/"3fe-5c121ac27de32"
x-cdn-cache-status
EXPIRED
vary
Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
EXPIRED
x-provided-by
StackCDN
all.min.css
www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ Frame BFB5 		58 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.2.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:11 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
W/"e7d0-5c121a4892803"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
v4-shims.min.css
www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ Frame BFB5 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.2.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:11 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
W/"684e-5c121a48956e4"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
post-5.css
www.3stepmethod.com/wp-content/uploads/elementor/css/ Frame BFB5 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-content/uploads/elementor/css/post-5.css?ver=1619725397
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
7da9b72002f3f70d3b297e9bee7665b7edcb311d1b0bf13c06a9c34c9353e22d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:15 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:43:21 GMT
server
Apache
etag
W/"1464-5c121b5362998"
x-cdn-cache-status
EXPIRED
vary
Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
EXPIRED
x-provided-by
StackCDN
ytprefs.min.css
www.3stepmethod.com/wp-content/plugins/youtube-embed-plus/styles/ Frame BFB5 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=13.4.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
54b16a534f27d39f8edb7dd908ecf182b4be466f86f28ac0f01f415f2ba9d1cf

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:11 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:45 GMT
server
Apache
etag
W/"178c-5c121a4c4a327"
x-cdn-cache-status
MISS
vary
Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
css
fonts.googleapis.com/ Frame BFB5 		44 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.7.10
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f82a66d3e478235d29587378aab1eaccdf3513f5ba34f8196dfdcb2f0b75436d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Nov 2023 23:01:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 21:38:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Nov 2023 23:01:15 GMT
fontawesome.min.css
www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ Frame BFB5 		57 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.1
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:11 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
W/"e238-5c121a489723c"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
solid.min.css
www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ Frame BFB5 		669 B
553 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
1ada5259a5ac61a7d68315f7efa6b98d61d2d0478df0545869c880afeaa67dcd

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:11 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
W/"29d-5c121a489629c"
x-cdn-cache-status
MISS
vary
Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
jquery.min.js
www.3stepmethod.com/wp-includes/js/jquery/ Frame BFB5 		87 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:11 GMT
content-encoding
gzip
last-modified
Wed, 09 Dec 2020 10:42:19 GMT
server
Apache
etag
W/"15d98-5b605b6a7b812"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
jquery-migrate.min.js
www.3stepmethod.com/wp-includes/js/jquery/ Frame BFB5 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:15 GMT
content-encoding
gzip
last-modified
Wed, 09 Dec 2020 10:42:15 GMT
server
Apache
etag
W/"2bd8-5b605b669f2f9"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
v4-shims.min.js
www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/ Frame BFB5 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.2.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:11 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
W/"3acf-5c121a489ef3d"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
ytprefs.min.js
www.3stepmethod.com/wp-content/plugins/youtube-embed-plus/scripts/ Frame BFB5 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.4.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
ddda47b049ec774960fe39b5c0fca40c15abf80158daec17c8e29146d1d1c31e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:11 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:45 GMT
server
Apache
etag
W/"268d-5c121a4c05d5c"
x-cdn-cache-status
MISS
vary
Accept-Encoding
content-type
text/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
3step.png
www.3stepmethod.com/wp-content/uploads/2018/08/ Frame BFB5 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.3stepmethod.com/wp-content/uploads/2018/08/3step.png
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
b20c80b98442db393baf2f4a7a27d11ccd8eccb5ef656796bcb20f5480b2f94e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:11 GMT
last-modified
Thu, 30 Aug 2018 12:35:00 GMT
server
Apache
etag
"4cab-574a64dab0500"
x-cdn-cache-status
EXPIRED
content-type
image/png
x-via
FRA1
accept-ranges
bytes
content-length
19627
x-origin-cache-status
EXPIRED
x-provided-by
StackCDN
elementor.js
www.3stepmethod.com/wp-content/themes/sydney/js/ Frame BFB5 		3 KB
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-content/themes/sydney/js/elementor.js?ver=20200504
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
76c7f09fc77a0bc67fba1b2fe14bd4a567020892ad26c1312fb76c4735ed689f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:11 GMT
content-encoding
gzip
last-modified
Sun, 03 Jan 2021 13:11:42 GMT
server
Apache
etag
W/"a43-5b7feb6efb081"
x-cdn-cache-status
MISS
vary
Accept-Encoding
content-type
text/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
functions.min.js
www.3stepmethod.com/wp-content/themes/sydney/js/ Frame BFB5 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-content/themes/sydney/js/functions.min.js?ver=20201221
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
90b0bc71a3f3712d834523c9709a5304b4f19f1702c9db3e094e83dcbeabfcd3

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:16 GMT
content-encoding
gzip
last-modified
Sun, 03 Jan 2021 13:11:42 GMT
server
Apache
etag
W/"10bc-5b7feb6f0028a"
x-cdn-cache-status
MISS
vary
Accept-Encoding
content-type
text/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
scripts.js
www.3stepmethod.com/wp-content/themes/sydney/js/ Frame BFB5 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-content/themes/sydney/js/scripts.js?ver=5.7.10
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
e389b8cb9b17900d72c25f6ab99b0054b4726317c258ebbf3bc7c8fec4a1e2b3

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:16 GMT
content-encoding
gzip
last-modified
Sun, 03 Jan 2021 13:11:42 GMT
server
Apache
etag
W/"fd0b-5b7feb6f021ca"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
fitvids.min.js
www.3stepmethod.com/wp-content/plugins/youtube-embed-plus/scripts/ Frame BFB5 		0
0
wp-embed.min.js
www.3stepmethod.com/wp-includes/js/ Frame BFB5 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-includes/js/wp-embed.min.js?ver=5.7.10
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:11 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 19:53:13 GMT
server
Apache
etag
W/"5c6-5fbd4ebe7d49f"
x-cdn-cache-status
MISS
vary
Accept-Encoding
content-type
text/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
OneSignalSDK.js
cdn.onesignal.com/sdks/ Frame BFB5 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.7.10
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:17 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1966
etag
W/"2a3bbde818bef34d53a0df862ead5d5f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8262e01f3ac2b4fd-OSL
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 17 Nov 2023 23:01:17 GMT
webpack.runtime.min.js
www.3stepmethod.com/wp-content/plugins/elementor/assets/js/ Frame BFB5 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.2.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:11 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
W/"12a1-5c121a48d8d0e"
x-cdn-cache-status
MISS
vary
Accept-Encoding
content-type
text/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
frontend-modules.min.js
www.3stepmethod.com/wp-content/plugins/elementor/assets/js/ Frame BFB5 		0
0
waypoints.min.js
www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/waypoints/ Frame BFB5 		0
0
core.min.js
www.3stepmethod.com/wp-includes/js/jquery/ui/ Frame BFB5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:11 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 21:43:42 GMT
server
Apache
etag
W/"5133-5c009c1cd8e53"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
swiper.min.js
www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/swiper/ Frame BFB5 		136 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:11 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
W/"21f91-5c121a48a3d5e"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
share-link.min.js
www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/share-link/ Frame BFB5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.2.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:17 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
W/"a12-5c121a48a58b6"
x-cdn-cache-status
MISS
vary
Accept-Encoding
content-type
text/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
dialog.min.js
www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/dialog/ Frame BFB5 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:11 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:41 GMT
server
Apache
etag
W/"2a6f-5c121a4866cc5"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
frontend.min.js
www.3stepmethod.com/wp-content/plugins/elementor/assets/js/ Frame BFB5 		0
0
preloaded-modules.min.js
www.3stepmethod.com/wp-content/plugins/elementor/assets/js/ Frame BFB5 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.2.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:17 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
W/"e2b2-5c121a48d8156"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
wp-emoji-release.min.js
www.3stepmethod.com/wp-includes/js/ Frame BFB5 		0
0
playPauseLoadingControl.js
fast.wistia.com/assets/external/ Frame A275 		79 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/playPauseLoadingControl.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f1edabdf06f806086c2f67b54c9aeee634d06b666e2dcd6acd8a1d221c377a88
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Origin
https://www.lottoannihilator.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:15 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
810
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
21095
x-served-by
cache-iad-kcgs7200166-IAD, cache-hel1410031-HEL
x-browser-version
119
last-modified
Tue, 14 Nov 2023 20:46:56 GMT
server
AmazonS3
x-timer
S1700002876.900245,VS0,VE0
etag
"0ab35c8065a60c3a27c2253ba9d2c08a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
b0bc9e83f13d6dd166d8e93f439d43f8cf50f5cc
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
69, 22
hls_video.js
fast.wistia.com/assets/external/engines/ Frame A275 		473 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/engines/hls_video.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc00f3f8c780754c992c1cae9bfe25f2545b52cbbc1ab2f2e159051b02ea830d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Origin
https://www.lottoannihilator.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:15 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
810
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
117714
x-served-by
cache-iad-kjyo7100061-IAD, cache-hel1410031-HEL
x-browser-version
119
last-modified
Tue, 14 Nov 2023 20:46:56 GMT
server
AmazonS3
x-timer
S1700002876.900271,VS0,VE0
etag
"d26d3ede8d00bd47656f7eee6d8c5beb"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
b0bc9e83f13d6dd166d8e93f439d43f8cf50f5cc
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
69, 16
mput
pipedream.wistia.com/ Frame A275 		2 B
328 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2117:7600:3:471f:5240:93a1 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.lottoannihilator.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 14 Nov 2023 23:01:16 GMT
via
1.1 b78cc6d01d4e7856002e813febd954e2.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
CDG50-C1
x-cache
Miss from cloudfront
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
content-type
text/plain; charset=utf-8
x-envoy-upstream-service-time
3
content-length
2
x-amz-cf-id
0zw0yzOyibXAogs3errtIMeHnd6LleWEOgoai5vtEJPluLLJZZK_4w==
x
distillery.wistia.com/ Frame A275 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://distillery.wistia.com/x
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.127 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.lottoannihilator.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 23:01:16 GMT
via
1.1 b17826d683a2d96e59e274ca2b79697e.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
FRA60-P6
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
x-amz-cf-id
EA4UO1Hp8JlBSkYluXOgxunlYuIoesiZ8IbH67bzBWB5ar-KjIk29w==
player-dash-mse.min.js
quick.vidalytics.com/embeds/1GmmqL0C/Q_SVGNsrosZDKlPJ/ Frame 20A3 		2 MB
605 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/embeds/1GmmqL0C/Q_SVGNsrosZDKlPJ/player-dash-mse.min.js?hash=hrmtokkafh
Requested by
Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/1GmmqL0C/Q_SVGNsrosZDKlPJ/loader.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ea487ae2bd5fe6dd87ebf37deea1d024f4df7909a08ea89bf3b31c3f0363e9f3

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Sat, 11 Nov 2023 01:24:35 GMT
date
Tue, 14 Nov 2023 23:01:15 GMT
content-encoding
gzip
via
1.1 google, 1.1 varnish, 1.1 varnish
x-cdn
5
age
1764704
x-guploader-uploadid
ADPycdtMtoSlMtjEDD7yBv7EW-FDZWc-7Ew913Q5dgK8Ntyro9E77g-mnMGwbVrVxU1rBp3pw9tD49IgIRzUOOSxe7-k9U4Y1BrT
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
618616
x-served-by
cache-dfw-kdfw8210120-DFW, cache-hel1410031-HEL
last-modified
Thu, 12 Oct 2023 01:23:14 GMT
server
UploadServer
x-timer
S1700002876.907755,VS0,VE4
etag
"5f9daa11e50597f08c3196a6b5049c32"
vary
Accept-Encoding
x-goog-generation
1697073794848928
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-goog-hash
crc32c=k/n5hg==, md5=X52qEeUFl/CMMZamtQScMg==
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=300, s-maxage=2592000
x-cdn-site
c5-prod
x-goog-stored-content-length
618616
x-lb-backend
gcs-prod
x-lb-cache
miss
accept-ranges
bytes
x-cache-hits
288, 1
log
play.google.com/ 		0
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://www.wisewomenlottery.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
http://play.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 14 Nov 2023 23:01:15 GMT
expires
Tue, 14 Nov 2023 23:01:15 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
643915572950510
connect.facebook.net/signals/config/ Frame 20A3 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/643915572950510?v=2.9.138&r=stable&domain=godfrequency.co
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e27cbe253fdfc3a37ac72eca8ba4ecfbc690909c02bb2fc2e005a83b3e51b4ad
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 14 Nov 2023 23:01:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
b7fXDXGYKBBRU1dTMzLjHAI88Y2diiwOyGdQTNwhj3NvmOpJetSUpy2CcbNGU36bksm2GhtNuGxhBTRW4fSCjg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
rpc
app.ecwid.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-54753-g89d4484ff212b0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://138284849-atari-embeds.googleusercontent.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Tue, 14 Nov 2023 23:01:16 GMT
Server
nginx
rpc
app.ecwid.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-54753-g89d4484ff212b0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://138284849-atari-embeds.googleusercontent.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Tue, 14 Nov 2023 23:01:16 GMT
Server
nginx
rpc
app.ecwid.com/ Frame 8782 		12 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-54753-g89d4484ff212b0
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-54753-g89d4484ff212b0/ru.cdev.xnext.frontend.LegacyFrontend/
X-GWT-Permutation
C752656B8888219118BC47720D54C6BB
Referer
https://138284849-atari-embeds.googleusercontent.com/
X-Ecwid-Device-Measurement
WEB_DESKTOP;1600;1200;96;1154;400
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Nov 2023 23:01:16 GMT
Server
nginx
Connection
keep-alive
Content-Disposition
attachment
Content-Length
12
Content-Type
application/json;charset=utf-8
rpc
app.ecwid.com/ Frame 8782 		12 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-54753-g89d4484ff212b0
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-54753-g89d4484ff212b0/ru.cdev.xnext.frontend.LegacyFrontend/
X-GWT-Permutation
C752656B8888219118BC47720D54C6BB
Referer
https://138284849-atari-embeds.googleusercontent.com/
X-Ecwid-Device-Measurement
WEB_DESKTOP;1600;1200;96;1154;400
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Nov 2023 23:01:16 GMT
Server
nginx
Connection
keep-alive
Content-Disposition
attachment
Content-Length
12
Content-Type
application/json;charset=utf-8
rpc
app.ecwid.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-54753-g89d4484ff212b0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://138284849-atari-embeds.googleusercontent.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Tue, 14 Nov 2023 23:01:16 GMT
Server
nginx
rpc
app.ecwid.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-54753-g89d4484ff212b0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://138284849-atari-embeds.googleusercontent.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Tue, 14 Nov 2023 23:01:16 GMT
Server
nginx
rpc
app.ecwid.com/ Frame 9753 		12 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-54753-g89d4484ff212b0
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-54753-g89d4484ff212b0/ru.cdev.xnext.frontend.LegacyFrontend/
X-GWT-Permutation
C752656B8888219118BC47720D54C6BB
Referer
https://138284849-atari-embeds.googleusercontent.com/
X-Ecwid-Device-Measurement
WEB_DESKTOP;1600;1200;96;1154;1026
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Nov 2023 23:01:16 GMT
Server
nginx
Connection
keep-alive
Content-Disposition
attachment
Content-Length
12
Content-Type
application/json;charset=utf-8
rpc
app.ecwid.com/ Frame 9753 		12 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-54753-g89d4484ff212b0
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-54753-g89d4484ff212b0/ru.cdev.xnext.frontend.LegacyFrontend/
X-GWT-Permutation
C752656B8888219118BC47720D54C6BB
Referer
https://138284849-atari-embeds.googleusercontent.com/
X-Ecwid-Device-Measurement
WEB_DESKTOP;1600;1200;96;1154;1026
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 14 Nov 2023 23:01:16 GMT
Server
nginx
Connection
keep-alive
Content-Disposition
attachment
Content-Length
12
Content-Type
application/json;charset=utf-8
pptm.js
www.paypal.com/tagmanager/ Frame 7EB2 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=138284849-atari-embeds.googleusercontent.com&source=checkoutjs&t=xo&v=4.0.338
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
82ef74ca1712f76d79b9fc0d08e6449b2beccddf05a343dcdbb0a153fad8b885
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-JFA0Ye1M+Vvx0me/EYHm5b84QF46wsr87kijvSiMTJXqqKcG' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-JFA0Ye1M+Vvx0me/EYHm5b84QF46wsr87kijvSiMTJXqqKcG' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 23:01:16 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
0
x-cache
MISS, MISS, MISS
paypal-debug-id
f278716136e73
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4333
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220098-FRA, cache-hel1410024-HEL, cache-hel1410024-HEL
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f278716136e73-78fabc3bddea815b-01
x-timer
S1700002876.084709,VS0,VE267
etag
W/"2f77-fIq9qnCon8TdoZhLWsbuxT4um1A"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame D361 		200 B
840 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://138284849-atari-embeds.googleusercontent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
5794432
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 14 Nov 2023 23:01:16 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Fri, 08 Sep 2023 21:23:50 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
101975
x-content-type-options
nosniff
x-request-id
c5c0a276-1a61-43c2-ac0c-eb57a3468e81
x-served-by
cache-hel1410034-HEL
checkout.min.js
www.paypalobjects.com/api/ Frame 8782 		863 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/checkout.min.js
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F7B0) /
Resource Hash
f7d9c8184937ff854afd6da2a3de3fc970ef1c2820795e44e932499540fe5832
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
67ebaeca2b99d
dc
ccg11-origin-www-1.paypal.com
content-length
191373
last-modified
Wed, 24 May 2023 16:43:28 GMT
server
ECAcc (ska/F7B0)
traceparent
00-000000000000000000067ebaeca2b99d-08dce8f875e25217-01
etag
"646e3eb0-d7ad2+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Wed, 15 Nov 2023 23:01:16 GMT
new
d1oxsl77a1kjht.cloudfront.net/css/ Frame 8782 		1022 KB
99 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=-2003029856&ownerid=73784560&id-selector=html%23ecwid_html%20body%23ecwid_body&frontendV2
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:1c:b536:2c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
308e8903dc7ea9bca1cc7df9c5e3beeb9d3dbd4eee8ee3c051b6398cd2efaf1e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:16 GMT
content-encoding
gzip
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
"-2003029856"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css;charset=utf-8
cache-control
no-cache
x-amz-cf-id
SGik6gc4uOqLDdiFLRH-I2tLThM5AsMtVDlVvr_3aepO2nsrxDbpKg==
/
js.stripe.com/v3/ Frame 8782 		553 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ad554a89ac5a217395a61851928b9c8499a4becd2d607a0d358393fbb42ed765
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 23:01:16 GMT
via
1.1 varnish
age
15
x-cache
HIT
content-length
156589
x-request-id
ef07bb3e-a762-48c6-9dd3-ae897964f32f
x-served-by
cache-hel1410034-HEL
last-modified
Tue, 14 Nov 2023 21:32:02 GMT
server
Fastly
etag
"7037269a126d13cc06f33ce890411b1b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
8
ecwid-checkout.2fa3cc4d228c6634bfde834f055cde01.min.js
d3cy3u1txmkqs3.cloudfront.net/venera/static/ Frame 8782 		765 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/venera/static/ecwid-checkout.2fa3cc4d228c6634bfde834f055cde01.min.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.82.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-82-27.ams58.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
aeffed18ac9cdfbca5bcf2bb0f3a91c06aec0040253d7880eabae02f6458a79c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 04:36:39 GMT
content-encoding
gzip
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800
server
nginx/1.19.0
x-amz-cf-pop
AMS58-P5
age
152677
etag
2fa3cc4d228c6634bfde834f055cde01
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
X7xBtKfvq_YxnQmjqJ9Jeu080hSpF_b5SzFBV4cihSg5g6WYnPwl6A==
rpc
app.ecwid.com/ Frame 8782 		20 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-54753-g89d4484ff212b0
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9922a5981b422da601817238d06f288a3b8048689c9bb753b42ae5b21e7e163a

Request headers

X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-54753-g89d4484ff212b0/ru.cdev.xnext.frontend.LegacyFrontend/
X-GWT-Permutation
C752656B8888219118BC47720D54C6BB
Referer
https://138284849-atari-embeds.googleusercontent.com/
X-Ecwid-Device-Measurement
WEB_DESKTOP;1600;1200;96;1154;400
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

Date
Tue, 14 Nov 2023 23:01:16 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
*
Content-Disposition
attachment
Connection
keep-alive
rpc
app.ecwid.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-54753-g89d4484ff212b0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://138284849-atari-embeds.googleusercontent.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Tue, 14 Nov 2023 23:01:16 GMT
Server
nginx
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/971986711/ Frame BFB5 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/971986711/?random=1700002876354&cv=11&fst=1700002876354&bg=ffffff&guid=ON&async=1&gtm=45be3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.3stepmethod.com%2F%3Fhop%3Dnanaslotto&top=https%3A%2F%2Fwww.wisewomenlottery.com&hn=www.googleadservices.com&frm=2&tiba=3%20Step%20Method%C2%AE%20%E2%80%93%20Official%20Site%20%E2%80%93%20Earn%20Online%20%7C%20Make%20Money%20Online&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-971986711
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 23:01:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1323
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
checkout.min.js
www.paypalobjects.com/api/ Frame 9753 		863 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/checkout.min.js
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F7B0) /
Resource Hash
f7d9c8184937ff854afd6da2a3de3fc970ef1c2820795e44e932499540fe5832
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
67ebaeca2b99d
dc
ccg11-origin-www-1.paypal.com
content-length
191373
last-modified
Wed, 24 May 2023 16:43:28 GMT
server
ECAcc (ska/F7B0)
traceparent
00-000000000000000000067ebaeca2b99d-08dce8f875e25217-01
etag
"646e3eb0-d7ad2+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Wed, 15 Nov 2023 23:01:16 GMT
new
d1oxsl77a1kjht.cloudfront.net/css/ Frame 9753 		1022 KB
99 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=-2003029856&ownerid=73784560&id-selector=html%23ecwid_html%20body%23ecwid_body&frontendV2
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:4400:1c:b536:2c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
308e8903dc7ea9bca1cc7df9c5e3beeb9d3dbd4eee8ee3c051b6398cd2efaf1e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:16 GMT
content-encoding
gzip
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
"-2003029856"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css;charset=utf-8
cache-control
no-cache
content-length
100638
x-amz-cf-id
oVrt3S-tWntavY2rE-n-sFMJGhqnkGX0dAfR5foI60ViWjOKHI3fbw==
/
js.stripe.com/v3/ Frame 9753 		553 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ad554a89ac5a217395a61851928b9c8499a4becd2d607a0d358393fbb42ed765
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 23:01:16 GMT
via
1.1 varnish
age
15
x-cache
HIT
content-length
156589
x-request-id
96ea6ef5-5620-4207-9973-37bac9fe4db2
x-served-by
cache-hel1410034-HEL
last-modified
Tue, 14 Nov 2023 21:32:02 GMT
server
Fastly
etag
"7037269a126d13cc06f33ce890411b1b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
9
ecwid-checkout.2fa3cc4d228c6634bfde834f055cde01.min.js
d3cy3u1txmkqs3.cloudfront.net/venera/static/ Frame 9753 		765 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/venera/static/ecwid-checkout.2fa3cc4d228c6634bfde834f055cde01.min.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.82.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-82-27.ams58.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 04:36:39 GMT
content-encoding
gzip
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800
server
nginx/1.19.0
x-amz-cf-pop
AMS58-P5
age
152677
etag
2fa3cc4d228c6634bfde834f055cde01
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
57zjOzo8g-rsAEq8gy5mLQcypVtuWJ2UFyhRNcv7AUPk6jB1m9X1cA==
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame D361 		631 B
621 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 23:01:16 GMT
via
1.1 varnish
age
5794432
x-cache
HIT
content-length
399
x-request-id
f1449aba-8efd-4c2e-9208-a5a49353eec0
x-served-by
cache-hel1410034-HEL
last-modified
Fri, 08 Sep 2023 21:23:49 GMT
server
Fastly
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
93632
rpc
app.ecwid.com/ Frame 9753 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-54753-g89d4484ff212b0
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1c7b5ea6f72f32f3b68bb249613f81c4a7b92495dfbaef1a8dd581a0f40e7235

Request headers

X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-54753-g89d4484ff212b0/ru.cdev.xnext.frontend.LegacyFrontend/
X-GWT-Permutation
C752656B8888219118BC47720D54C6BB
Referer
https://138284849-atari-embeds.googleusercontent.com/
X-Ecwid-Device-Measurement
WEB_DESKTOP;1600;1200;96;1154;1026
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

Date
Tue, 14 Nov 2023 23:01:17 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
*
Content-Disposition
attachment
Connection
keep-alive
Content-Length
2330
rpc
app.ecwid.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-54753-g89d4484ff212b0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://138284849-atari-embeds.googleusercontent.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Tue, 14 Nov 2023 23:01:16 GMT
Server
nginx
cspreport
drive.google.com/_/DriveOsidBootstrap/ Frame B952 		0
0
csp-report
q.stripe.com/ Frame D361 		0
718 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 14 Nov 2023 23:01:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1700002877354952
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1700002877354457
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame D361 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 14 Nov 2023 23:01:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1700002877355287
x-envoy-upstream-service-time
5
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1700002877354403
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
awesome-log
stats.vidalytics.com/ Frame 20A3 		43 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.vidalytics.com/awesome-log?cid=1GmmqL0C
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.211.97 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:17 GMT
server
istio-envoy
etag
"1GmmqL0C/WO30xs3LLbXJZy8Q"
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://godfrequency.co
access-control-expose-headers
Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
cache-control
no-cache, public, max-age=2592000
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Origin, Range, X-Requested-With
content-length
43
licensing
analytics-ingress-global.bitmovin.com/ Frame 20A3 		117 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/licensing
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 -, , ASN (),
Reverse DNS
Software
v1.59.2 /
Resource Hash

Request headers

Referer
https://godfrequency.co/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 23:01:16 GMT
via
1.1 google
server
v1.59.2
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
117
alt-svc
clear
logo-header-two-tone-en.png
prod.cbstatic.net/dist/assets/ Frame 20A3 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod.cbstatic.net/dist/assets/logo-header-two-tone-en.png
Requested by
Host: prod.cbstatic.net
URL: https://prod.cbstatic.net/dist/injectable.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-12.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84986c117f6f9418eff2f7ce5e55940671f178542c58092c05ef539ebd4da308

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:18 GMT
x-amz-version-id
rgVoO.sKTwEpJN65bYI.UT4E8UVMZSpC
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
last-modified
Mon, 21 Dec 2020 21:57:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"47cdefc96f75be3d978d4b444737b00e"
x-cache
Miss from cloudfront
content-type
image/png
content-length
3472
x-amz-cf-id
MSXGO0MZkB_VEz8As7GWBP4U9cZg-VlyOaZKQoX9DZJEgr6Cdx0HtA==
logo-tab-two-tone-en.png
prod.cbstatic.net/dist/assets/ Frame 20A3 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod.cbstatic.net/dist/assets/logo-tab-two-tone-en.png
Requested by
Host: prod.cbstatic.net
URL: https://prod.cbstatic.net/dist/injectable.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-12.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f4d0823359307bdc2fbcc62d1004b361b02cc8ae5d6cb75f314658827ee1eeb

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:18 GMT
x-amz-version-id
65GBUS1AcRJNN3GRB3Nf3yY51OsdERt0
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
last-modified
Mon, 21 Dec 2020 21:57:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"c06ae1ecaaf7e0610c68af117658a7e0"
x-cache
Miss from cloudfront
content-type
image/png
content-length
4341
x-amz-cf-id
sxRxDinLRuwMDgiSV_oFy7eerR3AtimJYesZkN6RuCei48vC5rmqDQ==
blue-seal-153-100-clickbank-5004291.png
seal-boise.bbb.org/seals/ Frame 20A3 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png
Requested by
Host: prod.cbstatic.net
URL: https://prod.cbstatic.net/dist/injectable.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn / ASP.NET
Resource Hash
f8e7bf03701efd2aee505e7ac8e7b6e9efbae155d18b8940197b44c4b09ee92a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:17 GMT
last-modified
Thu, 09 Nov 2023 12:54:27 GMT
server
keycdn
x-aspnet-version
4.0.30319
x-edge-location
defr
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
x-robots-tag
noindex
x-shield
active
content-length
4373
expires
Wed, 15 Nov 2023 03:01:17 GMT
app-strings-en.json
prod.cbstatic.net/dist/i18n/ Frame 20A3 		9 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.cbstatic.net/dist/i18n/app-strings-en.json
Requested by
Host: prod.cbstatic.net
URL: https://prod.cbstatic.net/dist/injectable.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-12.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c

Request headers

Accept
application/json
Referer
https://godfrequency.co/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:18 GMT
x-amz-version-id
ZlnvsWVay.azLO76UGrGFfzKmZRJT9PH
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
last-modified
Mon, 21 Dec 2020 21:57:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"cdfca8b09e61ae7324e48f01984c9b34"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
vary
Origin
content-length
9
x-amz-cf-id
8hPC85cjq-3u8OeskMKcCn3gdL94r-S5sLuJQy3OaMWTrm2WGzfMdg==
tldrk4hdlb.m3u8
fast.wistia.com/embed/medias/ Frame A275 		385 B
930 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/embed/medias/tldrk4hdlb.m3u8
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
77dde14211368f448d6d974bfb2b9a47300125b4fb7d1d2501981b80114c4370
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:17 GMT
via
1.1 d4b41c13595dcfd327649d8cdea72ce8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=0
x-permitted-cross-domain-policies
none
x-amz-cf-pop
IAD89-C3
age
8126
x-cache
Miss from cloudfront, HIT, MISS
x-envoy-upstream-service-time
37
content-length
385
x-request-id
1cfb5ad0-76c6-41f0-9e6c-542545b9ef5a
x-served-by
cache-iad-kiad7000083-IAD, cache-hel1410031-HEL
x-runtime
0.035348
x-browser-version
119
server
envoy
x-timer
S1700002877.162777,VS0,VE98
etag
W/"77dde14211368f448d6d974bfb2b9a47"
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type
application/x-mpegURL
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
2ZNWbXi_gTjYmdaNBI4Y77sqp-ClOmC_C1mjTv66ystt5aMvnzSFyQ==
x-cache-hits
3, 0
blank.gif
fast.wistia.com/assets/images/ Frame A275 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fast.wistia.com/assets/images/blank.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.lottoannihilator.com/
Origin
https://www.lottoannihilator.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:17 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
1127
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
1214
x-served-by
cache-iad-kcgs7200077-IAD, cache-hel1410031-HEL
x-browser-version
119
last-modified
Wed, 10 May 2023 19:48:54 GMT
server
AmazonS3
x-timer
S1700002877.165224,VS0,VE0
etag
"fbdc4ed9a1e2ee4917a265306927bcf1"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
25, 19
1063404105.js
forms.aweber.com/form/05/ Frame BFB5 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.aweber.com/form/05/1063404105.js
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 -, , ASN (),
Reverse DNS
Software
webform/1.4.3 /
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:17 GMT
content-encoding
br
via
1.1 varnish
age
145220
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3530
x-served-by
cache-hel1410023-HEL
correlation-id
69a7a640-4827-49ca-b3f4-5ccd263c90cc
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 13 Nov 2023 06:40:57 +0000
server
webform/1.4.3
x-timer
S1700002877.294718,VS0,VE1
etag
"9ff4a3e3016952bd17c31ea5853d519061c14811"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
x-cache-hits
1
register
ecomm.events/ Frame 7EB2 		0
80 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ecomm.events/register
Requested by
Host: ecomm.events
URL: https://ecomm.events/i.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.145.112.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-112-251.compute-1.amazonaws.com
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

Referer
https://138284849-atari-embeds.googleusercontent.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 14 Nov 2023 23:01:17 GMT
strict-transport-security
max-age=15724800
server
nginx/1.19.0
content-length
0
cropped-header.jpg
www.3stepmethod.com/wp-content/uploads/2018/08/ Frame BFB5 		0
0
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ Frame BFB5 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A400%2C600&subset=latin&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.3stepmethod.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 21:01:37 GMT
x-content-type-options
nosniff
age
525580
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48208
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Nov 2024 21:01:37 GMT
fa-solid-900.woff2
www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ Frame BFB5 		0
0
allIntegrations.js
fast.wistia.com/assets/external/ Frame A275 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/allIntegrations.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Origin
https://www.lottoannihilator.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:17 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
812
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
5796
x-served-by
cache-iad-kiad7000147-IAD, cache-hel1410031-HEL
x-browser-version
119
last-modified
Tue, 14 Nov 2023 20:46:56 GMT
server
AmazonS3
x-timer
S1700002877.242208,VS0,VE0
etag
"b05dd4d5960780180fe8c2f156d89d97"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
b0bc9e83f13d6dd166d8e93f439d43f8cf50f5cc
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
68, 12
rpc
app.ecwid.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-54753-g89d4484ff212b0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://138284849-atari-embeds.googleusercontent.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Tue, 14 Nov 2023 23:01:17 GMT
Server
nginx
rpc
app.ecwid.com/ Frame 8782 		68 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-54753-g89d4484ff212b0
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.0.95 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-0-95.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-54753-g89d4484ff212b0/ru.cdev.xnext.frontend.LegacyFrontend/
X-GWT-Permutation
C752656B8888219118BC47720D54C6BB
Referer
https://138284849-atari-embeds.googleusercontent.com/
X-Ecwid-Device-Measurement
WEB_DESKTOP;1600;1200;96;1154;400
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

Date
Tue, 14 Nov 2023 23:01:17 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
*
Content-Disposition
attachment
Connection
keep-alive
licensing
licensing.bitmovin.com/ Frame 20A3 		165 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://licensing.bitmovin.com/licensing
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:df23:: -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://godfrequency.co/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 14 Nov 2023 23:01:17 GMT
via
1.1 google
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
165
/
www.facebook.com/tr/ Frame 20A3 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=643915572950510&ev=PageView&dl=https%3A%2F%2Fgodfrequency.co%2Fvsl%2Findex_ctrl.php&rl=&if=true&ts=1700002877293&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&ler=empty&it=1700002875856&coo=false&rqm=GET
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 14 Nov 2023 23:01:17 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
register
ecomm.events/ Frame 9753 		0
80 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ecomm.events/register
Requested by
Host: ecomm.events
URL: https://ecomm.events/i.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.145.112.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-112-251.compute-1.amazonaws.com
Software
nginx/1.19.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

Referer
https://138284849-atari-embeds.googleusercontent.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 14 Nov 2023 23:01:17 GMT
strict-transport-security
max-age=15724800
server
nginx/1.19.0
content-length
0
3889560390.jpg
d2j6dbq0eux0bg.cloudfront.net/images/73784560/ Frame 7EB2 		0
0
pptm.js
www.paypal.com/tagmanager/ Frame 8782 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=138284849-atari-embeds.googleusercontent.com&source=checkoutjs&t=xo&v=4.0.338
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-JFA0Ye1M+Vvx0me/EYHm5b84QF46wsr87kijvSiMTJXqqKcG' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-JFA0Ye1M+Vvx0me/EYHm5b84QF46wsr87kijvSiMTJXqqKcG' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 23:01:17 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
1
x-cache
MISS, HIT, MISS
paypal-debug-id
f278716136e73
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4333
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220098-FRA, cache-hel1410024-HEL, cache-hel1410024-HEL
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f278716136e73-78fabc3bddea815b-01
x-timer
S1700002877.428543,VS0,VE3
etag
W/"2f77-fIq9qnCon8TdoZhLWsbuxT4um1A"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 1, 0
inner.html
m.stripe.network/ Frame 7659 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ea00:19:7d10:bd80:93a1 -, , ASN (),
Reverse DNS
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
age
22
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 14 Nov 2023 23:00:56 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
x-amz-cf-id
GeEJDSCnrtqR1xVRPzKUdKJRsL8Y-GUHApAZTkVERkziazrdHh6_1w==
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
truncated
/ Frame 7EB2 		294 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc672038fba5fd227ee60750fe0f43e21e312ce230ea198bc96e11136cf200d4

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
ts
t.paypal.com/ Frame 7EB2 		42 B
833 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&dh=1200&dw=1600&bh=500&bw=562&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1700002877421&g=-120&completeurl=https%3A%2F%2F138284849-atari-embeds.googleusercontent.com%2Fembeds%2F16cb204cf3a9d4d223a0a3fd8b0eec5d%2Finner-frame-minified.html%3Fjsh%3Dm%253B%252F_%252Fscs%252Fabc-static%252F_%252Fjs%252Fk%253Dgapi.lb.fi.Y1oMGnmmXvY.O%252Fd%253D1%252Frs%253DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%252Fm%253D__features__&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Tue, 14 Nov 2023 23:01:17 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
dd7ac972a1eca
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220103-FRA, cache-hel1410023-HEL
pragma
no-cache
correlation-id
dd7ac972a1eca
traceparent
00-0000000000000000000dd7ac972a1eca-3a5c5556b757c2eb-01
x-timer
S1700002878.563348,VS0,VE174
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 23:01:17 GMT
pptm.js
www.paypal.com/tagmanager/ Frame 9753 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=138284849-atari-embeds.googleusercontent.com&source=checkoutjs&t=xo&v=4.0.338
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-JFA0Ye1M+Vvx0me/EYHm5b84QF46wsr87kijvSiMTJXqqKcG' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://138284849-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-JFA0Ye1M+Vvx0me/EYHm5b84QF46wsr87kijvSiMTJXqqKcG' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 23:01:17 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
1
x-cache
MISS, HIT, MISS
paypal-debug-id
f278716136e73
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4333
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220098-FRA, cache-hel1410024-HEL, cache-hel1410024-HEL
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f278716136e73-78fabc3bddea815b-01
x-timer
S1700002877.449488,VS0,VE3
etag
W/"2f77-fIq9qnCon8TdoZhLWsbuxT4um1A"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 2, 0
e57288287b8696dae13630f98564b5bdd365a9a3.m3u8
embed-cloudfront.wistia.com/deliveries/ Frame A275 		65 KB
66 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-cloudfront.wistia.com/deliveries/e57288287b8696dae13630f98564b5bdd365a9a3.m3u8
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 01:56:22 GMT
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
FRA56-C2
age
75895
edge-cache-tag
e57288287b8696dae13630f98564b5bdd365a9a3-hls-segment
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
339
content-length
66808
surrogate-key
e57288287b8696dae13630f98564b5bdd365a9a3-hls-segment
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
server
envoy
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_crHe7xtlwt8ww3V5brVx8ECMAbv3APMIuSTAutyXm_6zd7lwn1J0w==
expires
Wed, 13 Nov 2024 01:56:22 GMT
3495531136.jpg
d2j6dbq0eux0bg.cloudfront.net/images/73784560/ Frame 9753 		0
0
stream.mpd
quick.vidalytics.com/video/1GmmqL0C/u3Biy1nFFvkd6Vd8/60747/51819/ Frame 20A3 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/1GmmqL0C/u3Biy1nFFvkd6Vd8/60747/51819/stream.mpd
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Sat, 26 Oct 2024 08:32:55 GMT
date
Tue, 14 Nov 2023 23:01:17 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
x-cdn
5
age
1175302
x-guploader-uploadid
ABPtcPqAJ1slqX5qfppWpNS24fohMeP0-7PZW6egx1qqPvX0NVToXUQRonjW-1xzNape74NIjXnZ7lm2UWZ9GPM9yMTo
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-custom-time
2022-03-22T02:09:17.727Z
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-meta-x-goog-reserved-source-generation
1647914957625851
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
5842
x-served-by
cache-dfw-kdal2120045-DFW, cache-hel1410031-HEL
last-modified
Thu, 13 Jul 2023 19:55:15 GMT
server
UploadServer
x-timer
S1700002878.590274,VS0,VE1
etag
"be544f159606f734360e1286d5e3c567"
x-goog-generation
1689278115402118
content-type
application/dash+xml
access-control-allow-origin
*
x-goog-hash
crc32c=J0w5RA==, md5=vlRPFZYG9zQ2DhKG1ePFZw==
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-cdn-site
c5-prod
x-goog-stored-content-length
5842
x-lb-backend
gcs-prod
x-lb-cache
miss
accept-ranges
bytes
x-cache-hits
187, 1
analytics
analytics-ingress-global.bitmovin.com/ Frame 20A3 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 -, , ASN (),
Reverse DNS
Software
v1.59.2 /
Resource Hash

Request headers

Referer
https://godfrequency.co/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Nov 2023 23:01:17 GMT
via
1.1 google
server
v1.59.2
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame 6C10 		200 B
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://138284849-atari-embeds.googleusercontent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
5794434
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 14 Nov 2023 23:01:17 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Fri, 08 Sep 2023 21:23:50 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
101979
x-content-type-options
nosniff
x-request-id
10df92f7-2955-46e8-afb5-03ec3949d14e
x-served-by
cache-hel1410034-HEL
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame EF23 		200 B
810 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://138284849-atari-embeds.googleusercontent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
5794434
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 14 Nov 2023 23:01:17 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Fri, 08 Sep 2023 21:23:50 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
101980
x-content-type-options
nosniff
x-request-id
d422b801-b50f-483d-a747-56072ff01e37
x-served-by
cache-hel1410034-HEL
truncated
/ Frame 9753 		294 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
scribe
stats.vidalytics.com/ Frame 20A3 		0
0
truncated
/ Frame 20A3 		688 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 20A3 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/svg+xml
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame 6C10 		631 B
484 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 23:01:17 GMT
via
1.1 varnish
age
5794433
x-cache
HIT
content-length
399
x-request-id
cdeac86e-9ca8-4b01-9385-4d74341ea5d3
x-served-by
cache-hel1410034-HEL
last-modified
Fri, 08 Sep 2023 21:23:49 GMT
server
Fastly
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
93634
displays.htm
forms.aweber.com/form/ Frame BFB5 		0
0
js
www.googletagmanager.com/gtag/ Frame 20A3 		252 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-678PDF7261&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WBFS28
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 23:01:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90392
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 Nov 2023 23:01:17 GMT
ts
t.paypal.com/ Frame 9753 		0
0
/
www.google.com/pagead/1p-user-list/971986711/ Frame BFB5 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/971986711/?random=1700002876354&cv=11&fst=1700002800000&bg=ffffff&guid=ON&async=1&gtm=45be3b81&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.3stepmethod.com%2F%3Fhop%3Dnanaslotto&frm=2&tiba=3%20Step%20Method%C2%AE%20%E2%80%93%20Official%20Site%20%E2%80%93%20Earn%20Online%20%7C%20Make%20Money%20Online&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNpp2-dQNJhEB4LqVfWSNIhhgxk0I7m3lIvCmj2D_5_g-OiRqj&random=2505645698&rmt_tld=0&ipr=y
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 23:01:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.no/pagead/1p-user-list/971986711/ Frame BFB5 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.no/pagead/1p-user-list/971986711/?random=1700002876354&cv=11&fst=1700002800000&bg=ffffff&guid=ON&async=1&gtm=45be3b81&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.3stepmethod.com%2F%3Fhop%3Dnanaslotto&frm=2&tiba=3%20Step%20Method%C2%AE%20%E2%80%93%20Official%20Site%20%E2%80%93%20Earn%20Online%20%7C%20Make%20Money%20Online&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNpp2-dQNJhEB4LqVfWSNIhhgxk0I7m3lIvCmj2D_5_g-OiRqj&random=2505645698&rmt_tld=1&ipr=y
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Nov 2023 23:01:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
init.mp4
quick.vidalytics.com/video/1GmmqL0C/u3Biy1nFFvkd6Vd8/60747/51819/fmp4/video/640x360_h264_420624/ Frame 20A3 		674 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/1GmmqL0C/u3Biy1nFFvkd6Vd8/60747/51819/fmp4/video/640x360_h264_420624/init.mp4
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Fri, 20 Sep 2024 10:45:52 GMT
date
Tue, 14 Nov 2023 23:01:17 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
x-cdn
5
age
4277725
x-guploader-uploadid
ADPycdsl1GFHu_h-jx0UOaho1ZyEgX_3ejYJMsH2r6Ex2SGK5bZwfj0tK809jkSqUW0KEg-MFiqtILE0p6KIOjJbNstFvugZKqyv
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-custom-time
2022-03-22T01:57:55.419Z
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-meta-x-goog-reserved-source-generation
1647914275322374
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
674
x-served-by
cache-dfw-kdal2120140-DFW, cache-hel1410031-HEL
last-modified
Thu, 13 Jul 2023 19:55:37 GMT
server
UploadServer
x-timer
S1700002878.897919,VS0,VE1
etag
"fe53cacc325ce137e6a953716ce723fb"
x-goog-generation
1689278137022602
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=qPOxvA==, md5=/lPKzDJc4TfmqVNxbOcj+w==
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-cdn-site
c5-prod
x-goog-stored-content-length
674
x-lb-backend
gcs-prod
x-lb-cache
miss
accept-ranges
bytes
x-cache-hits
133, 1
init.mp4
quick.vidalytics.com/video/1GmmqL0C/u3Biy1nFFvkd6Vd8/60747/51819/fmp4/audio/h265_96000/ Frame 20A3 		606 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quick.vidalytics.com/video/1GmmqL0C/u3Biy1nFFvkd6Vd8/60747/51819/fmp4/audio/h265_96000/init.mp4
Requested by
Host: www.wisewomenlottery.com
URL: https://www.wisewomenlottery.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Mon, 02 Sep 2024 14:14:51 GMT
date
Tue, 14 Nov 2023 23:01:17 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
x-cdn
5
age
1762303
x-guploader-uploadid
ADPycdttPE6PgHxShAomZK9u7E_rU6RHA-A63puAVPcbgtlf3oHQ_SrT3HDwVTbb71meruatP-KBTdFxDCctFY0Ua1eUKg
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-custom-time
2022-03-22T01:58:04.597Z
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-meta-x-goog-reserved-source-generation
1647914284496659
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
606
x-served-by
cache-dfw-kdfw8210120-DFW, cache-hel1410031-HEL
last-modified
Thu, 13 Jul 2023 19:56:04 GMT
server
UploadServer
x-timer
S1700002878.897980,VS0,VE1
etag
"af3d86596c83ba8ac236796a59f6d6dc"
x-goog-generation
1689278164397191
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=SpArIQ==, md5=rz2GWWyDuorCNnlqWfbW3A==
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-cdn-site
c5-prod
x-goog-stored-content-length
606
x-lb-backend
gcs-prod
x-lb-cache
miss
accept-ranges
bytes
x-cache-hits
299, 1
seg-1-v1-a1.ts
embed-cloudfront.wistia.com/deliveries/e57288287b8696dae13630f98564b5bdd365a9a3.m3u8/ Frame A275 		0
0
csp-report
q.stripe.com/ Frame 6C10 		0
0
csp-report
q.stripe.com/ Frame 6C10 		0
0
csp-report
q.stripe.com/ Frame 7659 		0
0
out-4.5.43.js
m.stripe.network/ Frame 7659 		0
0
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame EF23 		0
0
ts
t.paypal.com/ Frame 8782 		0
0
csp-report
q.stripe.com/ Frame EF23 		0
0
csp-report
q.stripe.com/ Frame EF23 		0
0
inner.html
m.stripe.network/ Frame 85E4 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Domain
a03299kehqtgveq6-dhpjs3udm.hop.clickbank.net
URL
https://a03299kehqtgveq6-dhpjs3udm.hop.clickbank.net/
Domain
5e300elmhjyb1q-0w4heod7oco.hop.clickbank.net
URL
https://5e300elmhjyb1q-0w4heod7oco.hop.clickbank.net/
Domain
63135adhcgmj5lzeqrv7zocyl6.hop.clickbank.net
URL
https://63135adhcgmj5lzeqrv7zocyl6.hop.clickbank.net/
Domain
jaswertrk.com
URL
https://jaswertrk.com/scripts/retarlts.php
Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Domain
www.3stepmethod.com
URL
https://www.3stepmethod.com/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=13.4.2
Domain
www.3stepmethod.com
URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.2.2
Domain
www.3stepmethod.com
URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Domain
www.3stepmethod.com
URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.2.2
Domain
www.3stepmethod.com
URL
https://www.3stepmethod.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.10
Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Domain
drive.google.com
URL
https://drive.google.com/_/DriveOsidBootstrap/cspreport
Domain
www.3stepmethod.com
URL
https://www.3stepmethod.com/wp-content/uploads/2018/08/cropped-header.jpg
Domain
www.3stepmethod.com
URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Domain
d2j6dbq0eux0bg.cloudfront.net
URL
https://d2j6dbq0eux0bg.cloudfront.net/images/73784560/3889560390.jpg
Domain
d2j6dbq0eux0bg.cloudfront.net
URL
https://d2j6dbq0eux0bg.cloudfront.net/images/73784560/3495531136.jpg
Domain
stats.vidalytics.com
URL
https://stats.vidalytics.com/scribe
Domain
forms.aweber.com
URL
https://forms.aweber.com/form/displays.htm?id=jAxszCwMLIwMrA==
Domain
t.paypal.com
URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&dh=1200&dw=1600&bh=1026&bw=1154&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1700002877859&g=-120&completeurl=https%3A%2F%2F138284849-atari-embeds.googleusercontent.com%2Fembeds%2F16cb204cf3a9d4d223a0a3fd8b0eec5d%2Finner-frame-minified.html%3Fjsh%3Dm%253B%252F_%252Fscs%252Fabc-static%252F_%252Fjs%252Fk%253Dgapi.lb.fi.Y1oMGnmmXvY.O%252Fd%253D1%252Frs%253DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%252Fm%253D__features__&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Domain
embed-cloudfront.wistia.com
URL
https://embed-cloudfront.wistia.com/deliveries/e57288287b8696dae13630f98564b5bdd365a9a3.m3u8/seg-1-v1-a1.ts
Domain
q.stripe.com
URL
https://q.stripe.com/csp-report
Domain
q.stripe.com
URL
https://q.stripe.com/csp-report
Domain
q.stripe.com
URL
https://q.stripe.com/csp-report
Domain
m.stripe.network
URL
https://m.stripe.network/out-4.5.43.js
Domain
js.stripe.com
URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Domain
t.paypal.com
URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&dh=1200&dw=1600&bh=400&bw=1154&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1700002877911&g=-120&completeurl=https%3A%2F%2F138284849-atari-embeds.googleusercontent.com%2Fembeds%2F16cb204cf3a9d4d223a0a3fd8b0eec5d%2Finner-frame-minified.html%3Fjsh%3Dm%253B%252F_%252Fscs%252Fabc-static%252F_%252Fjs%252Fk%253Dgapi.lb.fi.Y1oMGnmmXvY.O%252Fd%253D1%252Frs%253DAHpOoo_BBKgRRfEhBI3-ORz3vOgglLXq0w%252Fm%253D__features__&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Domain
q.stripe.com
URL
https://q.stripe.com/csp-report
Domain
q.stripe.com
URL
https://q.stripe.com/csp-report
Domain
m.stripe.network
URL
https://m.stripe.network/inner.html

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| documentPictureInPicture object| DOCS_timing function| _DumpException object| _docs_flag_initialData object| _docs_flag_cek function| gapiLoaded object| _at_config object| globals object| messages object| gapi object| ___jsl function| bgImgLoaded object| default_vw object| _F_toggles function| _F_installCss object| _bind object| closure_lm_256574 object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis function| _getTimingInstance function| _docsTiming function| MicroscopeImageMetadata object| MicroscopeMaximizeMode object| MicroscopeBackgroundStyle function| MicroscopeState function| MicroscopeSize object| MicroscopeResizeMode object| MicroscopeZoomWidgetMode function| Microscope object| userfeedback object| help

5 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=HdlVfI68khVLEsPbx9ZDL0mjeqRR3ugzP3Dp-9RH_vrWkU4hPO3i0tfDIKKsjwWlCGUagsntiIR0M496c_iV0Eigg_ysdjUojEW9NlHbh-WrhazXTq7MHkI2eQCx3e9V_HRbfOxbknquD0xIrerIIVbIOqaUgQxMHuH9zxH045E
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
cbtb.clickbank.net/ Name: AWSALBCORS
Value: 9SEt5FmZoSIFa/NF/fpDT0p7TSO9MOblK60ZFb4eZcOUJyMCfZTBSESbqScXGn3/U8Tu4ENltJsmUfVoUNom1EA2gGe1x4IStA4+j5ePPpBAY18vLPI6P9XgRlWk
analytics.sitewit.com/ Name: AWSALBCORS
Value: zDripkaKU8U/NTboTmt+tsYb17NJZSBZqXHDgL/7qJv1WG9sG4kbeHmk6BeYViLI5g6c3zxCUak9+/PrysYsZFoRds/3qdMcGR5VvF1Hq7r63E8fB5XKN++EgEiN
.yahoo.com/ Name: A3
Value: d=AQABBDv8U2UCEC8bDGeyg97fGkyYJav_EG8FEgEBAQFNVWVdZfS_ccAB_eMAAA&S=AQAAAtDjrP0S99E1yO9hEGRngzc

31 Console Messages

Source Level URL
Text
security warning URL: about:blank
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: about:blank
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: about:blank
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript error URL: https://www.wisewomenlottery.com/
Message:
Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin 'https://www.wisewomenlottery.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network error URL: https://play.google.com/log?format=json&hasfast=true&authuser=0
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://drive.google.com/auth_warmup?origin=https%3A%2F%2Fwww.wisewomenlottery.com
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://www.wisewomenlottery.com/
Message:
Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin 'https://www.wisewomenlottery.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network error URL: https://play.google.com/log?format=json&hasfast=true&authuser=0
Message:
Failed to load resource: net::ERR_FAILED
security error URL: https://www.lottoannihilator.com/video/(Line 339)
Message:
Mixed Content: The page at 'https://www.wisewomenlottery.com/' was loaded over HTTPS, but requested an insecure frame 'http://ww25.jaswertrk.com/scripts/retarlts.php?subid1=20231115-1001-15fe-b852-bcf9476947af'. This request has been blocked; the content must be served over HTTPS.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
javascript error URL: https://www.wisewomenlottery.com/
Message:
Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin 'https://www.wisewomenlottery.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network error URL: https://play.google.com/log?format=json&hasfast=true&authuser=0
Message:
Failed to load resource: net::ERR_FAILED
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network error URL: https://drive.google.com/start
Message:
Failed to load resource: net::ERR_FAILED
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-_pKbNZXjOAatmC-Gyn7aEg' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

138284849-atari-embeds.googleusercontent.com
5e300elmhjyb1q-0w4heod7oco.hop.clickbank.net
63135adhcgmj5lzeqrv7zocyl6.hop.clickbank.net
a03299kehqtgveq6-dhpjs3udm.hop.clickbank.net
ajax.googleapis.com
analytics-ingress-global.bitmovin.com
analytics.sitewit.com
apis.google.com
app.ecwid.com
cbtb.clickbank.net
cdn.jsdelivr.net
cdn.onesignal.com
connect.facebook.net
cpv.godfrequency.co
d11s7fcxy18ubx.cloudfront.net
d1oxsl77a1kjht.cloudfront.net
d20ubqycd8ynev.cloudfront.net
d2j6dbq0eux0bg.cloudfront.net
d3cy3u1txmkqs3.cloudfront.net
d3dq8sxcny4hg.cloudfront.net
distillery.wistia.com
drive.google.com
ecomm.events
embed-cloudfront.wistia.com
embed-ssl.wistia.com
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
forms.aweber.com
godfrequency.co
googleads.g.doubleclick.net
jaswertrk.com
js.stripe.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
licensing.bitmovin.com
m.stripe.network
pipedream.wistia.com
play.google.com
prod.cbstatic.net
q.stripe.com
quick.vidalytics.com
s.yimg.com
seal-boise.bbb.org
sp.analytics.yahoo.com
stackpath.bootstrapcdn.com
stats.vidalytics.com
t.paypal.com
trends.revcontent.com
trk.cosmicmedia.io
wisewomenlottery.com
www.3stepmethod.com
www.facebook.com
www.google.com
www.google.no
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.lottoannihilator.com
www.paypal.com
www.paypalobjects.com
www.wisewomenlottery.com
5e300elmhjyb1q-0w4heod7oco.hop.clickbank.net
63135adhcgmj5lzeqrv7zocyl6.hop.clickbank.net
a03299kehqtgveq6-dhpjs3udm.hop.clickbank.net
d2j6dbq0eux0bg.cloudfront.net
drive.google.com
embed-cloudfront.wistia.com
forms.aweber.com
jaswertrk.com
js.stripe.com
m.stripe.network
play.google.com
q.stripe.com
stats.vidalytics.com
t.paypal.com
www.3stepmethod.com
107.178.211.97
143.204.215.12
151.101.1.21
151.101.129.35
151.101.129.91
151.101.64.176
151.101.65.91
18.239.82.27
18.245.86.127
192.229.221.25
2001:4860:4802:36::15
212.82.100.181
216.58.212.162
2600:1901:0:df23::
2600:1f18:243f:2d01:5380:e1f8:c18:d856
2600:9000:206f:1c00:19:4fd1:c1c0:21
2600:9000:206f:ea00:19:7d10:bd80:93a1
2600:9000:2117:7600:3:471f:5240:93a1
2600:9000:211e:7600:13:2031:2340:21
2600:9000:211e:d400:1e:c86:4140:93a1
2600:9000:223c:4400:1c:b536:2c40:21
2600:9000:2240:ea00:1f:f560:8d00:21
2606:4700:20::681a:219
2606:4700:20::681a:e7e
2606:4700::6810:5914
2606:4700::6812:acf
2606:4700::6812:d63b
2a00:1288:80:807::2
2a00:1450:4001:801::2003
2a00:1450:4001:802::200e
2a00:1450:4001:802::2013
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2004
2a00:1450:4001:810::2008
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::200e
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:400::644
2a07:7800::137
2a0b:4d07:101::1
3.125.0.95
35.190.27.197
52.34.62.240
54.145.112.251
54.186.23.98
54.203.114.187
54.68.182.192
54.72.193.170
67.222.21.127
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c
013e84310d7ab057017b3fa16549a6d4c254fd82b6555ed23a2f1747532e3f88
018f897df5ec50c53fba81270a9eb456e897ae789af33f9a7d2666fd2da09878
021decea59207b5b1dededd25bb1c6a69647aaa2f268689d9122d5bb2370bab9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03cb92827a65fb48c0850d1ea243a139bf58614c4e85ca9b88def0ece910efdf
03fa053e131169cda3771731b32b02cb04980446818a213304449e02cd5a0947
058e27e22f0f56bf4b40590009c0f314458fbeeb7c8c5795b63f0bb19c8ab2ac
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
170953154253d30323f7cb92e5b3f0c300787043952039a806800105bd4a9c6a
1acf7a8579eb4f9060576db7c7805cf639520e08bc5331dd047fc10f276ac9a1
1ada5259a5ac61a7d68315f7efa6b98d61d2d0478df0545869c880afeaa67dcd
1c7b5ea6f72f32f3b68bb249613f81c4a7b92495dfbaef1a8dd581a0f40e7235
1da8a039927042c95ebeacd909fd930acb03ef41568f91eee60a17c4e5eb5b15
2741a98ce6c12d14511f57b4332648da345cd9826adc68bab7013ab89fbe632e
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2dfa3bceb249c735a7936c072cc3937fc8c8169c8f58c9f1fdcadf5f7d43d471
2f4d0823359307bdc2fbcc62d1004b361b02cc8ae5d6cb75f314658827ee1eeb
308e8903dc7ea9bca1cc7df9c5e3beeb9d3dbd4eee8ee3c051b6398cd2efaf1e
33d169ddf59845727706b8f35156f216570fa4db793f33ac852d2baf44199374
343c96034205ea01bf921b896e3ef1fe434b907b53a9a9850135f9617c07b03b
34eace17373618f0ef6ad0052c607c2b3a6c02af6a6e0a1d16fa15efb97c139d
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
3691026b21b883801b6f0f4df2e35d5c862a4dc92445d48a00fc43147d1c70c8
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
3b2cc6c2c699328f5dd0dbe97cdcc76a86ef6decc7a88ebe02b27cfe02ddb9c1
3cfe790335dc4ff07f0f501fb361687f88edca78273d2424e0797457924462ea
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
408b16950e02ed70d04cfaf4abf35d2509aa699afe8b6db4282be0d9236c7b41
40a4d9ee587150c67bb0405f36b37d3600bbd91ecf7cfc221921b21e3e15f5aa
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
42aa6d1f7e84fd965691bc489f4a302cca56fa99657a633c7208109941c38dd7
432d29c25d55cdee78e0d7c267893746a418802929f78c52528b9e0569dd3f88
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
447bdcdb824004592b67dd6a45a91ccef95e979b11f7236a9ac23ddaeaac359d
47ea098a19f76499975eb245a69791db1ac913882aa2610caec2a9a8ac28a7a9
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4a2e8f6c07744ff59534fab4d21430272beab3638bc74f724496b90d923d1468
4d3d44f6ec54680e837763f2fdc2d5f2ab8811717cd585942c064eec31ddf6c8
4e901ebb09fa9903e237ef74d0578bede0331fb3ef264ea7dabf79f894dd9556
54b16a534f27d39f8edb7dd908ecf182b4be466f86f28ac0f01f415f2ba9d1cf
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
5ffef9a3fefbd95b22b8b3d27581cb27aeed5d1d8d252139104334e9a62672a2
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
65335d511559dcc30873958444455eeffe80fe369891d328b53f3597e83980bf
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66f47868fdf31319a2f6587f17803aae751c78875ff5deb0a8f38686262f869a
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6bd204027ac589144e37b2bc2ba82ec176cfe793bbc697b10ddbbee2392cde2a
6dbc18a17c7f6300694c0e18190cfab292e801b1b103e2e92bd6060da2672fa1
6e04c3f95f14b36b63e6ddb0dbbff7a159deadb238d9fe6bf0ce5180cb68025d
742323fc8b75911dd5587acc15557d0844633853c2e99c6c454b110bd2c0acf6
743920a6df53feb02c6a74581a04aa982408375542de4e2924b3c8b493a5e242
7460e7bfe27ba69692cd72452646130bf8f0e91177c867d7360297029228ff6c
7477842f3c2650dff5e40b62366b0114dde38952471793eba4de0c99d789d1ff
75c72e3ce633d28f29eb8cb7f35d46a81db681ede1f59fbaaa149f1964a9e4a1
76c7f09fc77a0bc67fba1b2fe14bd4a567020892ad26c1312fb76c4735ed689f
77dde14211368f448d6d974bfb2b9a47300125b4fb7d1d2501981b80114c4370
78981e8c1ec7b658060824a9f12782f9c1b08cdf90b8fed84f1dedf0bca55102
7b0315eabc2a7646ba2bfbe779a72ac2b8dc02d083c547479909eef884de5c80
7da9b72002f3f70d3b297e9bee7665b7edcb311d1b0bf13c06a9c34c9353e22d
80e142904c9feeca9d8c64af55dabfda8032b2ac29fc26ca11d59aa1abddc6ab
8143c1639f0a257f2ba1e17c04137c194cf4c87e4561ecf1f5a3e5dff63bbf7a
82ef74ca1712f76d79b9fc0d08e6449b2beccddf05a343dcdbb0a153fad8b885
84986c117f6f9418eff2f7ce5e55940671f178542c58092c05ef539ebd4da308
85280aa9e7e8f5c47e3001989b2f3d384e4e870686a27dad087e848bcee53e2f
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8b6e874e09fd450a979bf4a9dce3590d03e1e3d645995ae94f52530b20222c6c
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
90b0bc71a3f3712d834523c9709a5304b4f19f1702c9db3e094e83dcbeabfcd3
9137e657209c0ae29f0af3183bc0d30708244470eb59393123ed9e0743694932
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264
9922a5981b422da601817238d06f288a3b8048689c9bb753b42ae5b21e7e163a
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9fec01a1d87afa53f98cc18a461540c6aa2c3a939046eb03a417e10800be062b
a29853274b6ee4adc581f3815812f00a5509c90c2473cc2e88c3828a37a033f4
a3ba10e614083832f41494e71b4c53bd738a88a9ffd6f9a0c785348ec389527c
a5c55ed2115af67fceb3487697bf863e1941a1ebd7b21514f09c4707b53a7255
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
aaa39c55a7b7af43718e80335e86bf71ae4a63f15a3b22da2dc46a3948d109f4
acc86c4886ca5b8a51887ad2942d6756d6c15be95f82da9be827df1222903279
ad554a89ac5a217395a61851928b9c8499a4becd2d607a0d358393fbb42ed765
aea7c1b3daa920b1a100d2e403b89c52d0824578abe3be42f428f9125075bf01
aeffed18ac9cdfbca5bcf2bb0f3a91c06aec0040253d7880eabae02f6458a79c
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b20c80b98442db393baf2f4a7a27d11ccd8eccb5ef656796bcb20f5480b2f94e
b216a1038518406eca228e3420fbb58a4dfff0f96b589d77d0f98fcbecb99c8d
b2869d8a2bd0b52da8584c48985b845ef95e24c4b5e98b42d16d3bdccf8eac7d
b39aea8dc2deb42a2c652fc5fb90e300ba9deebf5fc259e2313d4f16cdc9cb9b
b484b3de3ea96eaf5bfe09afe35252f386b70013d95dedb588be7afac5ba975d
b63adecbbf5e006d111da1289657f6eaebfc1fd9ab3faf7181f465e8acff1a6c
ba8d24c717892abdadfefebcebc9f050279a6f2087e19709b6b7a049e9627c2b
bc00f3f8c780754c992c1cae9bfe25f2545b52cbbc1ab2f2e159051b02ea830d
bc672038fba5fd227ee60750fe0f43e21e312ce230ea198bc96e11136cf200d4
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
c37d2d1bc47597799bbe117c6d432b5b13197e760866fdada9b7a92c8db1b05e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c708273f96067efb288482121e781753a903c3f2fbf00cae65fafe23b6d68533
c71c726a8befcb1efdb4ba2862f9528d5582ceeb1bac426fb642f82b9b4e46e7
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c804e51818d2ea556fae98bd5417e9407947690dcfa191a2d9a26ce1ea6c172d
c841fc7dbc4d2c138865ff729bfeac6d9e972dc1bf742490d283d4d2f32be918
cb30bdec55a5ce7a0f11b4d105128fbf152bc018220651f906affd4882e55bd3
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6
cdd54ba9bf4842a1abee9a0b0a2e5616ca47a7f90adb828e3773bc1ba89b6170
cf4925be72da48ceaed81cdefd7060d276a622dad113bc4dbe44c66477a5e347
d09cfee5f21ed7285b77fa6ee68aac9186a8cbbac9aee5b62cbfb79b780030ef
d721a77cb472936a395e72fc02f8ef4e82fe2f949674074e7e494d84018e259f
d8655975c032afe9cb56452ffac62e5930a5a7a4382cafaaf14ab08e6d453523
ddda47b049ec774960fe39b5c0fca40c15abf80158daec17c8e29146d1d1c31e
e27cbe253fdfc3a37ac72eca8ba4ecfbc690909c02bb2fc2e005a83b3e51b4ad
e2b128a72c6e2c5bc7c526c24799ae8b83a2c32ad25f71c3acc14c7c6e2e1469
e36eaa6e7cebbd4138dfb008ee3d53ab8195f45953b0f4f27d0d8156ab059021
e389b8cb9b17900d72c25f6ab99b0054b4726317c258ebbf3bc7c8fec4a1e2b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55b7bec8c766b27b91ba4faefd33b4d85d3c5db69322febe6064212e0d07045
e6ad6dbf2dff0f084263f77d8fbcfd193470f22647a84fb04fdd4840efef6de0
e79b9a5c41f27ccc04d48b2a997d13bcf3693ca52cb6ae60acca9673164f318e
ea487ae2bd5fe6dd87ebf37deea1d024f4df7909a08ea89bf3b31c3f0363e9f3
ea65746fc8d098492a98a2cc7346ce3902f128c43fcfeb2e3dd5aadf01256310
ea91f570d576025a94a12d0e501028492867d7e5f7e4507d2ed6152e4f615cf9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f11176ec1e89f383eda7494955e5e92783c48dd138d0e4f3ace8c1314f9dc66f
f1161374c4af2e9055c7f22b2f52e1b34f7c65cc84d3d74da7fccac1771fe9c3
f1edabdf06f806086c2f67b54c9aeee634d06b666e2dcd6acd8a1d221c377a88
f1f487a441b78d59cf250619c1d421ae8f3645b3640d47b94f550820b3804fc9
f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682
f4de02f4d3d995221d554f93fb5398b6db8c7ebd64ff1a1ffdd69aadb74b82f6
f4f9825d24a7764f6e2d4ba91718ab744a73f5fb4c879c319515d62d8f81ec9b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6f62c83cb3e39f84015885535db03e17ea285d3da7d179b8695ad93e5e8e09f
f71e2cee6934851a889e5c9fada78139940a7d583a1510afe087dd033f43e6a0
f752e24e380963973c86376422b0618658de851a8b2011c69e394b787a1c593f
f7d9c8184937ff854afd6da2a3de3fc970ef1c2820795e44e932499540fe5832
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f82a66d3e478235d29587378aab1eaccdf3513f5ba34f8196dfdcb2f0b75436d
f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c
f8e7bf03701efd2aee505e7ac8e7b6e9efbae155d18b8940197b44c4b09ee92a
fb8c6e1a25ff615023bc8260df0e2e803bab9f5990138c8300809e74209514ce
fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c