Report - em.wdr.to/l/40285083835ffd330183e61ddc471648

Report Overview

Submitted URL
em.wdr.to/l/40285083835ffd330183e61ddc471648
IP
136.243.10.236
ASN
#24940 Hetzner Online GmbH
Submitted
2022-10-21 23:35:55
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	1.0 kB	3.2 kB	143.204.42.88
evergage.lottobirock.com	unknown	2018-05-23T14:38:17Z	2023-03-04T21:37:22Z	492 B	363 B	52.211.32.132
pubads.g.doubleclick.net	495	2012-06-26T18:06:42Z	2023-03-09T12:48:49Z	449 B	883 B	216.58.211.2
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-09T05:09:49Z	690 B	3.8 kB	104.18.21.226
brain.rvty.net	85050	2012-07-25T19:40:08Z	2023-03-05T15:01:09Z	822 B	1.3 kB	89.163.211.233
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	34.213.92.18
www.rvty.net	698214	2012-06-20T19:52:09Z	2023-03-04T17:16:10Z	802 B	1.1 kB	89.163.211.242
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	2.1 kB	38 kB	34.120.237.76
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	628 B	349 B	31.13.72.36
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.8 kB	34.160.144.191
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	2.3 kB	21 kB	93.184.220.29
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-09T13:40:16Z	385 B	63 kB	142.250.74.168
www.dwin1.com	4572	2012-06-20T09:16:16Z	2023-03-09T05:14:37Z	347 B	16 kB	143.204.55.42
s2.adform.net	4693	2013-04-18T13:49:52Z	2023-03-09T05:25:02Z	377 B	31 kB	37.157.2.248
www.google.com	7	2015-05-10T13:11:19Z	2023-03-09T13:38:50Z	507 B	694 B	142.250.74.164
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-09T05:09:40Z	697 B	564 B	216.239.32.36
www.lottoland.com	409513	2013-10-09T01:01:43Z	2023-03-05T07:01:24Z	1.5 kB	2.4 kB	104.17.214.185
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	2.3 kB	6.4 kB	23.36.76.226
cdn.evgnet.com	5695	2017-08-31T09:06:40Z	2023-03-09T15:10:04Z	394 B	87 kB	151.101.0.114
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-09T11:25:06Z	656 B	1.9 kB	104.18.32.68
track.adform.net	3564	2012-05-21T09:01:21Z	2023-03-09T05:25:03Z	542 B	1.3 kB	37.157.5.142
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	2.6 kB	5.6 kB	142.250.74.3
lottoland.evergage.com	unknown	2015-04-04T11:58:03Z	2023-03-01T20:58:49Z	4.5 kB	13 kB	3.226.206.162
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.8 kB	143.204.55.35
tr.lottoland.com	unknown	2017-12-22T08:56:28Z	2022-11-25T15:41:13Z	947 B	1.6 kB	104.18.75.2
pixel.mathtag.com	1199	2012-05-22T07:36:42Z	2023-03-09T05:49:45Z	2.1 kB	6.1 kB	23.38.200.207
www.sc.pages01.net	95948	2017-01-29T22:07:16Z	2023-03-08T17:13:59Z	444 B	5.8 kB	54.230.111.97
www.pages01.net	93612	2017-01-29T18:13:30Z	2023-03-09T16:31:33Z	2.4 kB	1.3 kB	35.169.63.124
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-09T13:53:17Z	1.2 kB	21 kB	142.250.74.174
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-09T05:09:57Z	363 B	28 kB	31.13.72.12
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-09T09:24:51Z	506 B	694 B	142.250.74.3
em.wdr.to	unknown	2022-01-31T17:27:20Z	2023-03-08T14:04:21Z	363 B	676 B	136.243.10.236

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-21	medium	em.wdr.to/l/40285083835ffd330183e61ddc471648	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (43)

	URL	Size	First Seen	Last Seen
	www.lottoland.com/de_DE/skins/lottoland/js/translations/common_moneyCurrenc-711cccac3c2b89f6.js	708 B	2023-03-10	2023-03-10
Pretty URL www.lottoland.com/de_DE/skins/lottoland/js/translations/common_moneyCurrenc-711cccac3c2b89f6.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash c7b7b24f376c0dec81fd4c6bdcfd07ea 7e9e39f81e43835a6aa4bbbe819ba63eec79c1c3 ce8336ea0c3f086132d8731e5b8dd1cbc79a7307df4c56a2b39f79ec10f1a3a7 Loading...

	www.lottoland.com/lotto6aus49-12fuer1	521 B	2023-03-10	2023-03-10
Pretty URL www.lottoland.com/lotto6aus49-12fuer1 IP 104.17.214.185 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash ac766e640b1763e1522f5f8c3becf6fb 05bbf48ee4c9e3838395f447de6a4ffd137f3392 c8d6de44cce705f3e5bea1b7d9f79381be4eacd95a3278f8fe72bdf3e6bf4537 Loading...

	www.lottoland.com/lotto6aus49-12fuer1	284 B	2023-03-10	2023-03-10
Pretty URL www.lottoland.com/lotto6aus49-12fuer1 IP 104.17.214.185 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash e557a2b517fc1cec0b26ed1d5e395256 8d0d47195a4e27efa8174d292f50dede9741db49 be8d736448653a7655acc3b391ed1b061f4e396ad84d97f9032b0092728459bc Loading...

	s2.adform.net/banners/scripts/st/trackpoint-async.js	80 kB	2023-03-08	2023-03-11
Pretty URL s2.adform.net/banners/scripts/st/trackpoint-async.js IP 37.157.2.248 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:43:24 Last Seen2023-03-11 22:22:25 Times Seen1 Hash 4cb8e818a3c8dda5fd80d6d9a55d958d a709663c9adccd945aca28e44131d3e2e1e3815f 45e0091e57ff659d0fe0711a43960d08bd5cf99b6f83e88eafa390fa6770192c Loading...

	www.lottoland.com/de_DE/skins/lottoland/js/cms/@lottoland/client-side-message-bus-caa0c9677398cddd.js	3.1 kB	2023-03-10	2024-01-11
Pretty URL www.lottoland.com/de_DE/skins/lottoland/js/cms/@lottoland/client-side-message-bus-caa0c9677398cddd.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2024-01-11 08:58:44 Times Seen22 Hash 4a599db6d9cdf9aceca5bd0b4263d572 8a33f68c7bf23f05e553c7456e308c27f52cdf7d 5dd0bc8b8070d1bc3d8ba5cc6433a064c04bf968656d5b12a38216fa734a8e02 Loading...

	www.lottoland.com/lotto6aus49-12fuer1	492 B	2023-03-10	2023-03-10
Pretty URL www.lottoland.com/lotto6aus49-12fuer1 IP 104.17.214.185 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash 4b10d606cba7592043295f6a870bb8d8 114c6212380ec88624bbf8e9ae3152f3714912ae c1433ca9db1a886ce63253eba574bdc3e6ec446f5a479da383e6259a9119ac4c Loading...

	connect.facebook.net/en_US/fbevents.js	104 kB	2023-03-08	2023-10-23
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:00:40 Last Seen2023-10-23 15:37:18 Times Seen8 Hash ba4feb901b5e33b95808908a1fc07264 eb7193f6fa6df7849a40a0a6f1e3da9513bae84c f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8 Loading...

	track.adform.net/Serving/TrackPoint/?pm=1388237&ADFPageName=Landing%20Page%20DE&ADFdivider=%7C&ord=793824525559&ADFtpmode=2&loc=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&Set1=en-US%7Cen-US%7C1280x1024%7C24	115 B	2023-03-10	2023-03-10
Pretty URL track.adform.net/Serving/TrackPoint/?pm=1388237&ADFPageName=Landing%20Page%20DE&ADFdivider=%7C&ord=793824525559&ADFtpmode=2&loc=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&Set1=en-US%7Cen-US%7C1280x1024%7C24 IP 37.157.5.142 ASN #198622 Adform A/S Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash 9976820d9a8e80fa2a0f2456565857cd 28e2cc0bc0d5a998d01b4b3c0589cbf127c6c619 b485962d045ce56540b452a40476be295c274de021c43bb03185d1861e97a5bb Loading...

	www.lottoland.com/lotto6aus49-12fuer1	38 kB	2023-03-10	2023-03-10
Pretty URL www.lottoland.com/lotto6aus49-12fuer1 IP 104.17.214.185 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash ea83f1d60fd3d911955f6d989aa55870 b2b7b4232df5705f2cba4247087620cd7eedc44d 34a0048b8802b2d48d3bdc3aae8650e0b21a60ea380646867cc9d789bbf78421 Loading...

	www.lottoland.com/lotto6aus49-12fuer1	518 B	2023-03-10	2024-01-03
Pretty URL www.lottoland.com/lotto6aus49-12fuer1 IP 104.17.214.185 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2024-01-03 20:33:01 Times Seen6 Hash a09c640f1cc930d72db2a7831133e091 e6f60440777b5bab9e73b0ce6f17df7f98235dd0 8473a9d5612b6cfff04bafc8e7139940afe4ad4ec9451e665b688593e31b44e5 Loading...

	connect.facebook.net/signals/plugins/identity.js?v=2.9.87	65 kB	2023-03-08	2023-10-31
Pretty URL connect.facebook.net/signals/plugins/identity.js?v=2.9.87 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:47:10 Last Seen2023-10-31 18:18:05 Times Seen6 Hash 3db1d62e0f7e350997486f47458484bf 1fec0c1504d1b5afd937c7d8829c7ca76907c5d9 e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047 Loading...

	pixel.mathtag.com/sync/iframe?mt_uuid=6b976353-2cd2-4b00-9142-47941e6c61e3&no_iframe=1&mt_adid=245335&mt_lim=20&source=mathtag	643 B	2023-03-07	2023-03-17
Pretty URL pixel.mathtag.com/sync/iframe?mt_uuid=6b976353-2cd2-4b00-9142-47941e6c61e3&no_iframe=1&mt_adid=245335&mt_lim=20&source=mathtag IP 23.38.200.207 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:42 Last Seen2023-03-17 12:46:46 Times Seen1 Hash dc6f1789f9271ac721dd1a4c46029089 5321f3beb6309a3a8d1cffc3314638418891f78c 4c0963c4a64be36b64d44218fc19d45763a6e8b122ce4085d07e020424e458ef Loading...

	www.lottoland.com/api/lotteries/german6aus49/closingdate?callback=setDate	163 B	2023-03-10	2023-03-10
Pretty URL www.lottoland.com/api/lotteries/german6aus49/closingdate?callback=setDate IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash af99c148f43d56b1deaa5ec59c8d3ebf ecebb117763d2f71e934e6cd67c3d0d00c55f875 c6fe54b0c9937b0a54697853a634412fb016c088c42a144b7c9ae6921d0373d6 Loading...

	www.lottoland.com/js-client/manifest.client-bundle-c23ceccedbb5e0ac.js	5.8 kB	2023-03-10	2023-03-10
Pretty URL www.lottoland.com/js-client/manifest.client-bundle-c23ceccedbb5e0ac.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash 4c84b28f20294950a2ea23f741574255 acf4550e5e76f4b1fa57ba94ab91bb631a85bec5 a06e2de93a186357531c3b94d11f94c065e52e55a4b124d04868fe2fe35604d0 Loading...

	www.lottoland.com/de_DE/skins/lottoland/js/core/@lottoland/core/lit-element-c16c867bd604ce25.js	35 kB	2023-03-10	2024-01-11
Pretty URL www.lottoland.com/de_DE/skins/lottoland/js/core/@lottoland/core/lit-element-c16c867bd604ce25.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2024-01-11 08:58:44 Times Seen24 Hash 94a4168f6b08b63163d05ed2c14d73b5 71d02a24076f59a2c5fdb7a7842b3270be6ec8bb 60f142391517c99aece45ae6299bac396f4530440f55b615974208b400af05f5 Loading...

	www.lottoland.com/de_DE/skins/lottoland/js/core/@lottoland/one-styleguide-e9a88044d5012734.js	245 kB	2023-03-10	2023-03-10
Pretty URL www.lottoland.com/de_DE/skins/lottoland/js/core/@lottoland/one-styleguide-e9a88044d5012734.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash 74170a6b18194fd37e4382f1bc950e9d 13ab20c9a10246ad1fcd2146ab842a00311876b8 82b79791d655df1a80d9877652bf25ea97a3213386fa800d06e8b38cc54fcec3 Loading...

	unknown	0 B	2023-03-07	2024-04-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 04:14:50 Times Seen36969551 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.lottoland.com/cms/apigtmdatalayer.min.js	7.4 kB	2023-03-10	2023-03-10
Pretty URL www.lottoland.com/cms/apigtmdatalayer.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash 6c13381da7f390b02cee8408f69fd842 08ff33c1fff266530caf42edf5e676a1feb0c656 28b4e88894d09a7a483cf83830c664bf53734e63fe252efd1c89ace61d7877d4 Loading...

	www.lottoland.com/cms/ll-tracking-1.1.1.min.js	3.7 kB	2023-03-10	2023-03-10
Pretty URL www.lottoland.com/cms/ll-tracking-1.1.1.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash 3e4e3e9ee85f0dbf7f09b4749dd174c9 183271b57796f953a4db1046e20677e9db2dd55f ff352ad0935b16b5d0145a290c8d4813df2aed7ce593fc430c9cbf991940dec1 Loading...

	www.lottoland.com/lotto6aus49-12fuer1	1.4 kB	2023-03-10	2023-03-10
Pretty URL www.lottoland.com/lotto6aus49-12fuer1 IP 104.17.214.185 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash aa8054ed12e7fc441eac139cb99e3054 bccea1383a8504af5c2201688c992cbd696f1149 c6befc6c8d6eeced38ee9795e358b5184c35ce9d2972a275551e13324468b851 Loading...

	www.lottoland.com/lotto6aus49-12fuer1	1.1 kB	2023-03-10	2024-01-11
Pretty URL www.lottoland.com/lotto6aus49-12fuer1 IP 104.17.214.185 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2024-01-11 08:58:39 Times Seen9 Hash 1b3c48d8a57e737e2e2e17e766cf4491 9f110cc1b459be5adeb76770a719188f496146f2 ae5180906e8da3733dd3f826726b70a736189edc1ec56d22741e1dca473d0072 Loading...

	www.googletagmanager.com/gtag/js?id=G-QR4532DN83&l=gtmDataLayer&cx=c	220 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-QR4532DN83&l=gtmDataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash 72428e07f8b87233166e996eb8095437 78e8184071b402c15ea2418cb39a9cadb1877e29 7092054a49651931029ebf21ad9e97c5a347f4322b06d8d395aa07f8ffcf7229 Loading...

	pixel.mathtag.com/event/js?mt_pp=2&version=1.1&delimiter=%5BINSERT%20DELIMITER%5D&mt_exem=%5BINSERT%20SHA-256%20HASHED%20EMAIL%5D&industry=Gambling&mt_adid=245335&event_type=catchall&mt_id=1541395&currency=%5BINSERT%20MACRO%5D&duration_days=%5BINSERT%20MACRO%5D&order_id=%5BINSERT%20MACRO%5D&product_category=%5BINSERT%20MACRO%5D&product_id=%5BINSERT%20MACRO%5D&product_price=%5BINSERT%20MACRO%5D&product_quantity=%5BINSERT%20MACRO%5D&promotion_id_1=%5BINSERT%20MACRO%5D&revenue=%5BINSERT%20MACRO%5D&v3=%5BINSERT%20MACRO%5D&language=en-US%2Cen%3Bq%3D0.5&mt_lim=20&document_title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&location=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&document_path=%2Flotto6aus49-12fuer1&v1=%5BINSERT%20MACRO%5D&v2=%5BINSERT%20MACRO%5D&mt_cb=1666395358984	1.5 kB	2023-03-10	2023-03-10
Pretty URL pixel.mathtag.com/event/js?mt_pp=2&version=1.1&delimiter=%5BINSERT%20DELIMITER%5D&mt_exem=%5BINSERT%20SHA-256%20HASHED%20EMAIL%5D&industry=Gambling&mt_adid=245335&event_type=catchall&mt_id=1541395&currency=%5BINSERT%20MACRO%5D&duration_days=%5BINSERT%20MACRO%5D&order_id=%5BINSERT%20MACRO%5D&product_category=%5BINSERT%20MACRO%5D&product_id=%5BINSERT%20MACRO%5D&product_price=%5BINSERT%20MACRO%5D&product_quantity=%5BINSERT%20MACRO%5D&promotion_id_1=%5BINSERT%20MACRO%5D&revenue=%5BINSERT%20MACRO%5D&v3=%5BINSERT%20MACRO%5D&language=en-US%2Cen%3Bq%3D0.5&mt_lim=20&document_title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&location=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&document_path=%2Flotto6aus49-12fuer1&v1=%5BINSERT%20MACRO%5D&v2=%5BINSERT%20MACRO%5D&mt_cb=1666395358984 IP 23.38.200.207 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash 03a940aa94d60489983b68291ff13d93 50edbcdb69c1c42db15ac67ff6354c63d0b46955 60fd3a42a1af41e100327224b372ea7af6e9f7c3e67bfed4e610d7917a629055 Loading...

	www.lottoland.com/de_DE/skins/lottoland/js/translations/common_jackpot-77860def6b2cb82d.js	2.1 kB	2023-03-10	2023-03-10
Pretty URL www.lottoland.com/de_DE/skins/lottoland/js/translations/common_jackpot-77860def6b2cb82d.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash 51ac84ac607d5dd1893ea48e1805a881 075018d170c9239d2c0ce18d5d4af80d3372ceb5 29a32cb06ec3169f5d5c50f135e3b3bbc7f20170d2cc517f17f31f672ee8a233 Loading...

	www.lottoland.com/de_DE/skins/lottoland/js/translations/common_moneyFormat-b3104139d806c1f7.js	47 B	2023-03-10	2024-01-03
Pretty URL www.lottoland.com/de_DE/skins/lottoland/js/translations/common_moneyFormat-b3104139d806c1f7.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2024-01-03 20:33:03 Times Seen18 Hash c111c632833079636cceecd6351b67ea bfdfd2f6f687c45ae07c2f757676d63c313ccd56 6ee0ad21721acbfb6420e1c8025acd289f185db7e72e84c719904c5a848c5518 Loading...

	www.lottoland.com/cms/ll-performance-1.0.0.min.js	1.0 kB	2023-03-10	2023-03-10
Pretty URL www.lottoland.com/cms/ll-performance-1.0.0.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash 31ba31258ba9c73ea3e49fcb2934c749 ca3465e5a6562323f33b7bd4b35afb1b66291f17 e3887bcbf2792c284a2b095397178fe993590ac8ef8b84c2897fa0fab4cad3fb Loading...

	www.googletagmanager.com/gtm.js?id=GTM-N7JQ2W&l=gtmDataLayer	187 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-N7JQ2W&l=gtmDataLayer IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash ffca1623ca7a57699e5f42e1b4b9b548 6a1cc7dd5fedc379807d80554296a3dfd458a697 60b31aaa48723b6dae65df0bbce77ee1e98f4cde804445e15b9fed65cbcbda83 Loading...

	http:blank	600 B	2023-03-10	2023-03-10
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash c59e9ad7f487499ad195461ab79d913c 8c57c47e4ed3c3f45313852edb8309012ac1a124 cb2734774d2da8b993d0a07e2b4a61f8dbd6dcce053bce0db5a50b104efb9b55 Loading...

	www.dwin1.com/18852.js	32 kB	2023-03-10	2023-03-10
Pretty URL www.dwin1.com/18852.js IP 143.204.55.42 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash 9803e8af04c1171ff4d7626890faf2f7 0ae878b95577fe13b73016f3e9e541d5b4e4e7e8 f339aaba287747d57570a00591ab95b7a9c75240551e3f5f133e9eeb81cd664b Loading...

	www.lottoland.com/de_DE/skins/lottoland/js/core/@lottoland/lsl-fa80edc961790b04.js	15 kB	2023-03-10	2023-03-10
Pretty URL www.lottoland.com/de_DE/skins/lottoland/js/core/@lottoland/lsl-fa80edc961790b04.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash 25dd27498ae020a7e9154e4735ea5aae 7deaf35b811f92f96f52a7a82fee1314a5211766 32d64758b8872574f7f0fc882154612757e60d806e92494e61b2e285f01f81e0 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-T772FZ&l=gtmDataLayer	156 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-T772FZ&l=gtmDataLayer IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash 155da57533d58d63a67bfdb4da391915 c150c1e7c65edcb011ab46be37a285c5b8033991 87170c3a706769b44cb6b61f687840a69d811a1748aaeedcb2ad88fe86a7c2ad Loading...

	www.lottoland.com/lotto6aus49-12fuer1	1.3 kB	2023-03-10	2024-01-11
Pretty URL www.lottoland.com/lotto6aus49-12fuer1 IP 104.17.214.185 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2024-01-11 08:58:40 Times Seen9 Hash 65c122ad6d66b6e4b320903a534eb03c 970d5a6c1ac45e5fe26a7efa988bf2efde56c433 053a3bcc806bc294352526f37ae0d26e398d221899e69f9881c2d6381f1e4c6a Loading...

	www.lottoland.com/lotto6aus49-12fuer1	488 B	2023-03-10	2024-01-03
Pretty URL www.lottoland.com/lotto6aus49-12fuer1 IP 104.17.214.185 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2024-01-03 20:33:01 Times Seen7 Hash e658fa036b4d14fcbdf220d91a5ede83 6e1bb1c45ce5a0013020f6b70a89216fdc18448e 52a901eb1c52e4af9b359d46c24c64bee5d65dccc4ae57a6c99412a8adf11493 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-19
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-19 19:03:21 Times Seen1521 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	www.lottoland.com/de_DE/skins/lottoland/js/lib/jquery-3.2.1.min-8f9d10308fc5677a.js	87 kB	2023-03-07	2024-04-20
Pretty URL www.lottoland.com/de_DE/skins/lottoland/js/lib/jquery-3.2.1.min-8f9d10308fc5677a.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-20 04:04:31 Times Seen61231 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	www.lottoland.com/lotto6aus49-12fuer1	1.7 kB	2023-03-10	2023-03-10
Pretty URL www.lottoland.com/lotto6aus49-12fuer1 IP 104.17.214.185 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash 3597710483acb3d0109d998e3a1982f9 f03623b173eb63fe74fe4c9c8f57daf86fb2f009 d88821d3e59561094c3a4eaab1433eeed88838f4a0dfce3335a0ccdbc91875a7 Loading...

	www.lottoland.com/de_DE/skins/lottoland/js/translations/common_emptyJackpot-2fd461717435e975.js	58 B	2023-03-10	2024-01-03
Pretty URL www.lottoland.com/de_DE/skins/lottoland/js/translations/common_emptyJackpot-2fd461717435e975.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2024-01-03 20:33:03 Times Seen17 Hash 88123d63bcd1eef6a29b81db4d064b00 a0b189bfd53aa36cab6673d6ba121c1dc2ed8a41 07697fafc9fb1648974af05e418f6da677da739a185cc3f8897fafebfb12887f Loading...

	www.lottoland.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1666382400	38 kB	2023-03-10	2023-03-10
Pretty URL www.lottoland.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1666382400 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash 9d1f7374c8b07661a6a8e9b210552eab 342091485215451f5e0826ad324750957494f36e 1c01fc430fcf7c6f3ac0bfca9e6f15dd13c50b9df1946f21fb608893783be4c8 Loading...

	www.sc.pages01.net/lp/static/js/iMAWebCookie.js?1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&h=www.pages01.net	14 kB	2023-03-07	2023-06-26
Pretty URL www.sc.pages01.net/lp/static/js/iMAWebCookie.js?1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&h=www.pages01.net IP 54.230.111.97 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:01:34 Last Seen2023-06-26 23:15:03 Times Seen171 Hash 289bbf81f13b25d40ba9eca1ce7f6c44 57cbcbbaf0217c9ed26630938d992cdfcf236946 27a1e80167055f562f0ddda38620ec1f5a354c5ab795c75da16874f4095520f3 Loading...

	www.lottoland.com/de_DE/skins/lottoland/js-module/helper.min-bf886e04cccd8980.js	16 kB	2023-03-10	2023-03-10
Pretty URL www.lottoland.com/de_DE/skins/lottoland/js-module/helper.min-bf886e04cccd8980.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash ef8c881f0f7614e3c51b649d7918093f 3de5cdd421ec4e94c65a1e554d068980d024f673 18af0fd47065b7f502aacc498fad0added9503678daaa8f9a62dd3899452f74b Loading...

	www.lottoland.com/lotto6aus49-12fuer1	357 B	2023-03-10	2023-03-10
Pretty URL www.lottoland.com/lotto6aus49-12fuer1 IP 104.17.214.185 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:10 Last Seen2023-03-10 12:47:10 Times Seen1 Hash 78a3f8e6de1f948b92255b0e43780ed1 bc36f58aca0ca65aeec5d3b7d3716f819279a778 a96efa1486807058a26093f9abdb4954d88b68b08c0de123600e07d7f99975fd Loading...

	www.lottoland.com/lotto6aus49-12fuer1	176 B	2023-03-10	2023-03-10
Pretty URL www.lottoland.com/lotto6aus49-12fuer1 IP 104.17.214.185 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:11 Last Seen2023-03-10 12:47:11 Times Seen1 Hash aba6743c73dc76c16db6c9223c8141e6 0b460dfa09284e632fb9c7780df9f2b42119e3e8 316ba1d3a5990fcfeaade9ecf87dce97dd7d0ab081da4761b7248003258c5731 Loading...

	pixel.mathtag.com/event/js?mt_pp=1&mt_adid=245335	2.5 kB	2023-03-10	2023-03-10
Pretty URL pixel.mathtag.com/event/js?mt_pp=1&mt_adid=245335 IP 23.38.200.207 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 12:47:11 Last Seen2023-03-10 12:47:11 Times Seen1 Hash e10ca00ff91ce4e094ba0ff2a8e077aa f2adcd236d8b0522cd974dce81ce55f05944a1fb 0327dc18b60fe3200a466c0044e873f9e0698288c7f74de79da5f479ca1720de Loading...

HTTP Transactions (74)

URL IP Response Size

em.wdr.to/l/40285083835ffd330183e61ddc471648

136.243.10.236

302

0 B

URL HTTP/1.1
em.wdr.to/l/40285083835ffd330183e61ddc471648
IP
136.243.10.236:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /l/40285083835ffd330183e61ddc471648 HTTP/1.1
Host: em.wdr.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
X-Application-Context: emma:invoice,salesbutlers:8080
Set-Cookie: JSESSIONID=5C0A3D1DEFFC60A6C392887FE8BB734A; Path=/; HttpOnly
a0P9W000000bjdYUAQ=40285083835ffd330183e61ddc471648; Max-Age=31536000; Expires=Sat, 21-Oct-2023 23:35:43 GMT
Location: https://www.lottoland.com/lotto6aus49-12fuer1?lottolapid=email_369431_de&sid=b4c8367242b30dceeadaf8e58269f547-20221006.7314.pool
Content-Language: en-US
Content-Length: 0
Date: Fri, 21 Oct 2022 23:35:43 GMT
Connection: close

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 21 Oct 2022 22:52:32 GMT
Expires: Fri, 21 Oct 2022 22:57:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZL6Tnf1YGo8apljaohsAjkMW4y3j8ymZEJP98gkztrnYhbq8TxE-VA==
Age: 2591

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c19f4a1def760c07cbc4aec1d0d6c050
6ad911a7c02f5e5fdd82fa86cae0453528d53a6d
750bba81910a4bbd78ab484ba03781a36459a0aec147d7c47424e9a9bf152b40

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "750BBA81910A4BBD78AB484BA03781A36459A0AEC147D7C47424E9A9BF152B40"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4266
Expires: Sat, 22 Oct 2022 00:46:50 GMT
Date: Fri, 21 Oct 2022 23:35:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9dc4f23f82148797f6d8041bdda3c7f7
6841ded3e2dd94fd762316d01efd43f7aafb8354
e229db1854a85b320cee574e805210f3adf5797136ea820c0a0ce9abcd63d4dd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E229DB1854A85B320CEE574E805210F3ADF5797136EA820C0A0CE9ABCD63D4DD"
Last-Modified: Thu, 20 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6267
Expires: Sat, 22 Oct 2022 01:20:11 GMT
Date: Fri, 21 Oct 2022 23:35:44 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: AOIH8mhZsrHEZeZ2p84uA+ZRWyfXIVPSq1pbDwlz773QEHn2x6S3vBje62IHh9eDgQIdgqC2f68=
x-amz-request-id: JMWK02WEZJFXHJ94
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 21 Oct 2022 23:07:24 GMT
age: 1700
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsalphasha2g2

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
f1354e68380c22039b0905d44bc2ca34
d9da47f199ad52431228e3fd32f4b613b6f5cfb7
a52eee150016240454cf0d0c89d8afdeada4f29b32234aee8be95a7ac8887e26

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 23:35:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 25 Oct 2022 21:57:33 GMT
ETag: "d9da47f199ad52431228e3fd32f4b613b6f5cfb7"
Last-Modified: Fri, 21 Oct 2022 21:57:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ddcfb50b0d0b59-OSL

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 21 Oct 2022 23:35:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp2.globalsign.com/gsalphasha2g2

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
f1354e68380c22039b0905d44bc2ca34
d9da47f199ad52431228e3fd32f4b613b6f5cfb7
a52eee150016240454cf0d0c89d8afdeada4f29b32234aee8be95a7ac8887e26

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 23:35:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 25 Oct 2022 21:57:33 GMT
ETag: "d9da47f199ad52431228e3fd32f4b613b6f5cfb7"
Last-Modified: Fri, 21 Oct 2022 21:57:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 0
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ddcfb66c200b59-OSL

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 21 Oct 2022 22:43:40 GMT
Cache-Control: max-age=3600
Expires: Fri, 21 Oct 2022 23:02:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EkV7qwifNx3KLHtO9VQJYpi0glt7Khpyff5Mg_JvYT6rpdRrBMeICw==
Age: 3124

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
94ee541bb392e5675c1e24c94c197f8b
bce18b05a24f5e2c6743cbbe849a733091586176
82f791c205847646216d72b4ce65bc3587ca69d1da17a3a2afb477640822c4dc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f47cc320695635b544a761f72f3afc6f
b7cee764dcb0a625e0f8e0b4a4fce04548a1bf76
78608be3d0d6aaaf0364aed316b8676ab28d23c9b6a8ac6c147cf5d16e5cc283

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2002
Cache-Control: max-age=119065
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:44 GMT
Etag: "63525317-1d7"
Expires: Sun, 23 Oct 2022 08:40:09 GMT
Last-Modified: Fri, 21 Oct 2022 08:06:47 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

cdn.evgnet.com/beacon/lottoland/lottoland_com/scripts/evergage.min.js

151.101.0.114

200 OK

87 kB

URL HTTP/2
cdn.evgnet.com/beacon/lottoland/lottoland_com/scripts/evergage.min.js
IP
151.101.0.114:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (11924)
Size
87 kB (86573 bytes)
Hash
7d4d80a938157e448131d44b5ba96f70
eb37e2e31cb91f09a64987f72f220a126a87ef0f
92db1b0408d1a53cb2dcb8b24c842f0072eb28347696f2ba0c3cd876eae51775

HTTP Headers

GET /beacon/lottoland/lottoland_com/scripts/evergage.min.js HTTP/1.1
Host: cdn.evgnet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: eDXEVWsJAkQ57Ww+CZxpAUBIExCsVG5DKnccbihRZvKPnmdYmviA+3KMtQfWNMuoBuXGqhiBDoo=
x-amz-request-id: 0DFP2NA2VEBSG0X1
x-amz-replication-status: COMPLETED
last-modified: Fri, 21 Oct 2022 07:46:37 GMT
etag: "7d4d80a938157e448131d44b5ba96f70"
cache-control: max-age=120
content-encoding: gzip
x-amz-meta-evergage-beacon-ver: 14
x-amz-meta-evergage-sum: 735255171148d209d3a9230ba9c1e2e0865672e0
x-amz-version-id: sBgTImKiblri3O7akfjW6vQX8S8H.E5R
content-type: application/javascript; charset=utf-8
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 21 Oct 2022 23:35:44 GMT
age: 113
x-served-by: cache-iad-kiad7000034-IAD, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 6, 1
x-timer: S1666395345.810472,VS0,VE91
vary: Accept-Encoding
timing-allow-origin: *
content-length: 86573
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-N7JQ2W&l=gtmDataLayer

142.250.74.168

200 OK

62 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-N7JQ2W&l=gtmDataLayer
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (14236)
Size
62 kB (62524 bytes)
Hash
851a6f6082d77dbbabd7aab9a1648f39
363805e857c94167fc7a837904d0ac034383933d
eefedf877182da4f2b24864a6c82c485e286b27831e02bdd2f9a08e2a702b852

HTTP Headers

GET /gtm.js?id=GTM-N7JQ2W&l=gtmDataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 21 Oct 2022 23:35:44 GMT
expires: Fri, 21 Oct 2022 23:35:44 GMT
cache-control: private, max-age=900
last-modified: Fri, 21 Oct 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 62524
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
94ee541bb392e5675c1e24c94c197f8b
bce18b05a24f5e2c6743cbbe849a733091586176
82f791c205847646216d72b4ce65bc3587ca69d1da17a3a2afb477640822c4dc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
b5478ad9a4e98dab9f3595d4de67a76d
dad152f4e242193030e23e25b1d60d941f1a8db2
ea96f28983a63963c5f7744294671210d68446b029d20f4de4fb9770d505f97f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2340
Cache-Control: max-age=123344
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:45 GMT
Etag: "6352627d-117"
Expires: Sun, 23 Oct 2022 09:51:29 GMT
Last-Modified: Fri, 21 Oct 2022 09:12:29 GMT
Server: ECS (amb/6B85)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
b5478ad9a4e98dab9f3595d4de67a76d
dad152f4e242193030e23e25b1d60d941f1a8db2
ea96f28983a63963c5f7744294671210d68446b029d20f4de4fb9770d505f97f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5962
Cache-Control: max-age=126966
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:45 GMT
Etag: "6352627d-117"
Expires: Sun, 23 Oct 2022 10:51:51 GMT
Last-Modified: Fri, 21 Oct 2022 09:12:29 GMT
Server: ECS (amb/6BA1)
X-Cache: HIT
Content-Length: 279

push.services.mozilla.com/

34.213.92.18

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.213.92.18:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iE11rtc7QnNTp7bPl8lPGg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5BqZmFyCH9DVL2Zuf1qgTIXLrYE=

tr.lottoland.com/lotto-tracking/api/v1/tr

104.18.75.2

200 OK

0 B

URL HTTP/2
tr.lottoland.com/lotto-tracking/api/v1/tr
IP
104.18.75.2:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /lotto-tracking/api/v1/tr HTTP/1.1
Host: tr.lottoland.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.lottoland.com/
Origin: https://www.lottoland.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Fri, 21 Oct 2022 23:35:45 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.lottoland.com
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=Lhbf9Vp3M0Nh7hZACeuRVWHzZN4Ak_Cv0A3VK1pJKXA-1666395345-0-AUcMidVMq0eXp2996LkvjyiB3q9kBAY7cHaNPoQf/1auYQFqSZOSgKX4/710E4qj5Y/ae5E3hDItuNrOC5rHO3w=; path=/; expires=Sat, 22-Oct-22 00:05:45 GMT; domain=.lottoland.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75ddcfbb4cb9b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
b5478ad9a4e98dab9f3595d4de67a76d
dad152f4e242193030e23e25b1d60d941f1a8db2
ea96f28983a63963c5f7744294671210d68446b029d20f4de4fb9770d505f97f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2340
Cache-Control: max-age=123344
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:45 GMT
Etag: "6352627d-117"
Expires: Sun, 23 Oct 2022 09:51:29 GMT
Last-Modified: Fri, 21 Oct 2022 09:12:29 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

tr.lottoland.com/lotto-tracking/api/v1/tr

104.18.75.2

200 OK

22 B

URL HTTP/2
tr.lottoland.com/lotto-tracking/api/v1/tr
IP
104.18.75.2:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix\012- data
Size
22 B (22 bytes)
Hash
8bd3e739a9ba80a435f0214811da0c2a
bfc17d1e04e56542eb8037f08ed142efd252ea82
a2dd5774b01bbfc29140279e02fea087df42a4c257dce8858226737a2e521986

HTTP Headers

POST /lotto-tracking/api/v1/tr HTTP/1.1
Host: tr.lottoland.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 298
Origin: https://www.lottoland.com
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Fri, 21 Oct 2022 23:35:45 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.lottoland.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=vP8J1y2ZawN3vcNhXXxLp12yMBdileJH7t9GnkOe_Wc-1666395345-0-AYMfrs8SzlNIBtUHEgzbVT5RmRhAW40cGq6FiYGiA7gSoxO2nMhIv7Ob3+cflYWT88mW+8WlmivYMNwOH/Np8F4=; path=/; expires=Sat, 22-Oct-22 00:05:45 GMT; domain=.lottoland.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75ddcfbc2d37b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

pixel.mathtag.com/event/js?mt_pp=1&mt_adid=245335

23.38.200.207

200 OK

2.5 kB

URL HTTP/1.1
pixel.mathtag.com/event/js?mt_pp=1&mt_adid=245335
IP
23.38.200.207:0
ASN
#16625 AKAMAI-AS

File type
ASCII text
Size
2.5 kB (2506 bytes)
Hash
e10ca00ff91ce4e094ba0ff2a8e077aa
f2adcd236d8b0522cd974dce81ce55f05944a1fb
0327dc18b60fe3200a466c0044e873f9e0698288c7f74de79da5f479ca1720de

HTTP Headers

GET /event/js?mt_pp=1&mt_adid=245335 HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 2506
Access-Control-Allow-Origin: *
Server: MT3 4539 98cc2da master iad-pixel-x14 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Fri, 21 Oct 2022 23:35:44 GMT
Date: Fri, 21 Oct 2022 23:35:45 GMT
Connection: keep-alive
Set-Cookie: uuid=07f56353-2cd1-4200-aec5-160ef3bdf89c; domain=.mathtag.com; path=/; expires=Sat, 18-Nov-2023 23:35:45 GMT; SameSite=None; Secure

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
69534a38b33ff9d1b53b12c25392fd75
2f69c10bdc1eba2198e1c148b4e2636ccad51890
50274dbcaeb3d4bbf6c77be32d37c6d2f616214db6b4f46beb987064bbcbd99c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=157558
Date: Fri, 21 Oct 2022 23:35:45 GMT
Etag: "6352e3ee-1d7"
Expires: Sun, 23 Oct 2022 19:21:43 GMT
Last-Modified: Fri, 21 Oct 2022 18:24:46 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 63K6bg9mipUcLjeW4RlRQN7POcDTRd8eJ0WhZ6jOsMf26LrQU00Ynw==
Age: 3417

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

692 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
692 B (692 bytes)
Hash
7dfc4dd77ea6afbb19ea4c4660baa0c9
00bf2b64b0ac04f53b89fd174ac8c725cd1a945c
ec753c50faab1328dadb58815ce2ecdf4398dbf694c9abadecad664a22a66d32

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=157775
Date: Fri, 21 Oct 2022 23:35:45 GMT
Etag: "6352e3ee-1d7"
Expires: Sun, 23 Oct 2022 19:25:20 GMT
Last-Modified: Fri, 21 Oct 2022 18:24:46 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Jdm35syNhbhiEDI3cwoIm-0rgcRl4brECqmfUOstEsUPrS74UAAWfw==
Age: 3634

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
69534a38b33ff9d1b53b12c25392fd75
2f69c10bdc1eba2198e1c148b4e2636ccad51890
50274dbcaeb3d4bbf6c77be32d37c6d2f616214db6b4f46beb987064bbcbd99c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=154992
Date: Fri, 21 Oct 2022 23:35:45 GMT
Etag: "6352e3ee-1d7"
Expires: Sun, 23 Oct 2022 18:38:57 GMT
Last-Modified: Fri, 21 Oct 2022 18:24:46 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WTdvKK2n-2MWTgjRH-84wCXh_zDPlJtswxpjBHvLh1-I6vQBDA9ILg==
Age: 851

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
aed30c6ecd5af5cabeee67a392c66b42
0157e24f14b7745abdfbfe353f83c3d6c64430cd
1ef792f556dd8c37e08959df8706979ce45b913867a9554e7017d656161282c4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 23:35:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 05:50:35 GMT
Expires: Thu, 27 Oct 2022 05:50:34 GMT
Etag: "0157e24f14b7745abdfbfe353f83c3d6c64430cd"
Cache-Control: max-age=453888,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75ddcfbdedafb518-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
aed30c6ecd5af5cabeee67a392c66b42
0157e24f14b7745abdfbfe353f83c3d6c64430cd
1ef792f556dd8c37e08959df8706979ce45b913867a9554e7017d656161282c4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 23:35:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 05:50:35 GMT
Expires: Thu, 27 Oct 2022 05:50:34 GMT
Etag: "0157e24f14b7745abdfbfe353f83c3d6c64430cd"
Cache-Control: max-age=453888,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75ddcfbddeb3b523-OSL

www.rvty.net/goto/px/key/5d9f40412398a?gtmcb=2048967785

89.163.211.242

302 Found

0 B

URL HTTP/1.1
www.rvty.net/goto/px/key/5d9f40412398a?gtmcb=2048967785
IP
89.163.211.242:0
ASN
#24961 myLoc managed IT AG

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /goto/px/key/5d9f40412398a?gtmcb=2048967785 HTTP/1.1
Host: www.rvty.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx/1.13.4
Date: Fri, 21 Oct 2022 23:35:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=g9hutnu986p6am6mmukqckn9ii; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
P3P: policyref="http://www.rvty.net/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
Location: https://brain.rvty.net/RTB/Track?k=5d9f40412398a&s=&hosted_table=&amount=
Access-Control-Allow-Origin: *, *

www.rvty.net/goto/px/key/5d9f402ecb990?gtmcb=2063185855

89.163.211.242

302 Found

0 B

URL HTTP/1.1
www.rvty.net/goto/px/key/5d9f402ecb990?gtmcb=2063185855
IP
89.163.211.242:0
ASN
#24961 myLoc managed IT AG

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /goto/px/key/5d9f402ecb990?gtmcb=2063185855 HTTP/1.1
Host: www.rvty.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Server: nginx/1.13.4
Date: Fri, 21 Oct 2022 23:35:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=b2kur4rc9aqmhj7ptclgahq3v7; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
P3P: policyref="http://www.rvty.net/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
Location: https://brain.rvty.net/RTB/Track?k=5d9f402ecb990&s=&hosted_table=&amount=
Access-Control-Allow-Origin: *, *

www.sc.pages01.net/lp/static/js/iMAWebCookie.js?1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&h=www.pages01.net

54.230.111.97

200 OK

5.1 kB

URL HTTP/2
www.sc.pages01.net/lp/static/js/iMAWebCookie.js?1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&h=www.pages01.net
IP
54.230.111.97:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (533)
Size
5.1 kB (5138 bytes)
Hash
d67c446c2cab982c70305d63c3ff9015
08741352ebaae78ddabfbac3ba30888b13ea14ff
b4842a6a73b1be94b6a5205776640c7af585e90daffa09db234c3bf553fa5e7d

HTTP Headers

GET /lp/static/js/iMAWebCookie.js?1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&h=www.pages01.net HTTP/1.1
Host: www.sc.pages01.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 5138
date: Fri, 21 Oct 2022 23:35:45 GMT
server: Apache
last-modified: Wed, 12 Oct 2022 02:31:59 GMT
etag: "3772-5eacd327de113-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
set-cookie: Silverpop_cookie=1955586058.17439.0000; path=/; Httponly; Secure;SameSite=None
strict-transport-security: max-age=16070400; includeSubDomains; preload
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _okEMYf07199nDiVk5grZ216Pen1j7LCf2ArNj3Acz9l6w8N3Y-Yzw==
X-Firefox-Spdy: h2

brain.rvty.net/RTB/Track?k=5d9f40412398a&s=&hosted_table=&amount=

89.163.211.233

200

43 B

URL HTTP/1.1
brain.rvty.net/RTB/Track?k=5d9f40412398a&s=&hosted_table=&amount=
IP
89.163.211.233:0
ASN
#24961 myLoc managed IT AG

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /RTB/Track?k=5d9f40412398a&s=&hosted_table=&amount= HTTP/1.1
Host: brain.rvty.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.lottoland.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 
Server: nginx/1.13.4
Date: Fri, 21 Oct 2022 23:35:45 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: RTBUserId=cd9944f2-29fa-4143-9a89-e9ee9a90313c; domain=.rvty.net; path=/; SameSite=None; secure; Expires=Sat, 21 Oct 2023 23:35:45 GMT
RTBUserId-Old=cd9944f2-29fa-4143-9a89-e9ee9a90313c; domain=.rvty.net; path=/; secure; Expires=Sat, 21 Oct 2023 23:35:45 GMT
RTBUserId-Plain=cd9944f2-29fa-4143-9a89-e9ee9a90313c; domain=.rvty.net; path=/; Expires=Sat, 21 Oct 2023 23:35:45 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

brain.rvty.net/RTB/Track?k=5d9f402ecb990&s=&hosted_table=&amount=

89.163.211.233

200

43 B

URL HTTP/1.1
brain.rvty.net/RTB/Track?k=5d9f402ecb990&s=&hosted_table=&amount=
IP
89.163.211.233:0
ASN
#24961 myLoc managed IT AG

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /RTB/Track?k=5d9f402ecb990&s=&hosted_table=&amount= HTTP/1.1
Host: brain.rvty.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.lottoland.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 
Server: nginx/1.13.4
Date: Fri, 21 Oct 2022 23:35:45 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: RTBUserId=ba665426-f95a-4452-aeaf-168f8a117137; domain=.rvty.net; path=/; SameSite=None; secure; Expires=Sat, 21 Oct 2023 23:35:45 GMT
RTBUserId-Old=ba665426-f95a-4452-aeaf-168f8a117137; domain=.rvty.net; path=/; secure; Expires=Sat, 21 Oct 2023 23:35:45 GMT
RTBUserId-Plain=ba665426-f95a-4452-aeaf-168f8a117137; domain=.rvty.net; path=/; Expires=Sat, 21 Oct 2023 23:35:45 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

lottoland.evergage.com/msreceiver?_r=441722&_ak=lottoland&_ds=lottoland_com&.anonId=7eefa26d9f306276&_anon=true&.cStat=%5B%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22F6PiH%22%2C%22stat%22%3A%22i%22%7D%5D%5D&.bv=14&.scv=208

3.226.206.162

204 No Content

0 B

URL HTTP/2
lottoland.evergage.com/msreceiver?_r=441722&_ak=lottoland&_ds=lottoland_com&.anonId=7eefa26d9f306276&_anon=true&.cStat=%5B%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22F6PiH%22%2C%22stat%22%3A%22i%22%7D%5D%5D&.bv=14&.scv=208
IP
3.226.206.162:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /msreceiver?_r=441722&_ak=lottoland&_ds=lottoland_com&.anonId=7eefa26d9f306276&_anon=true&.cStat=%5B%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22F6PiH%22%2C%22stat%22%3A%22i%22%7D%5D%5D&.bv=14&.scv=208 HTTP/1.1
Host: lottoland.evergage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.lottoland.com
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Fri, 21 Oct 2022 23:35:46 GMT
set-cookie: AWSALB=hnH5Z2p0i5H5UmwIasVkRCsLPEgoDX3oOVmcP5ducJa6gCKp0iD3/gBwLbzkn8haumuZbmLmlXnmJb8P5aDhmB9hNYkxgp6tguGmdJqCmG9Iw4cm8grQtjQ9pdln; Expires=Fri, 28 Oct 2022 23:35:46 GMT; Path=/
AWSALBCORS=hnH5Z2p0i5H5UmwIasVkRCsLPEgoDX3oOVmcP5ducJa6gCKp0iD3/gBwLbzkn8haumuZbmLmlXnmJb8P5aDhmB9hNYkxgp6tguGmdJqCmG9Iw4cm8grQtjQ9pdln; Expires=Fri, 28 Oct 2022 23:35:46 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: https://www.lottoland.com
timing-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
888a97463428b5825095b3a3fa153472
ae0897059e090610c72409462b8e6e6153a78da1
fe07a2acc1960d359b5f78a913585aab158fe902cf0798ba823eb192117e4ec4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE07A2ACC1960D359B5F78A913585AAB158FE902CF0798BA823EB192117E4EC4"
Last-Modified: Wed, 19 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5412
Expires: Sat, 22 Oct 2022 01:05:58 GMT
Date: Fri, 21 Oct 2022 23:35:46 GMT
Connection: keep-alive

evergage.lottobirock.com/evergageListener?r=402137

52.211.32.132

200 OK

2 B

URL HTTP/1.1
evergage.lottobirock.com/evergageListener?r=402137
IP
52.211.32.132:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /evergageListener?r=402137 HTTP/1.1
Host: evergage.lottobirock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 204
Origin: https://www.lottoland.com
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 21 Oct 2022 23:35:46 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, X-Requested-With, Authorization, Token
Strict-Transport-Security: max-age=31536000

region1.google-analytics.com/g/collect?v=2&tid=G-QR4532DN83&gtm=2oeaj0&_p=1515369679&cid=932789792.1666395359&ul=en-us&sr=1280x1024&_s=1&sid=1666395358&sct=1&seg=0&dl=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&dt=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-QR4532DN83&gtm=2oeaj0&_p=1515369679&cid=932789792.1666395359&ul=en-us&sr=1280x1024&_s=1&sid=1666395358&sct=1&seg=0&dl=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&dt=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-QR4532DN83&gtm=2oeaj0&_p=1515369679&cid=932789792.1666395359&ul=en-us&sr=1280x1024&_s=1&sid=1666395358&sct=1&seg=0&dl=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&dt=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.lottoland.com
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.lottoland.com
date: Fri, 21 Oct 2022 23:35:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17910
Expires: Sat, 22 Oct 2022 04:34:16 GMT
Date: Fri, 21 Oct 2022 23:35:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17910
Expires: Sat, 22 Oct 2022 04:34:16 GMT
Date: Fri, 21 Oct 2022 23:35:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

722 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
722 B (722 bytes)
Hash
35d422e8283e59f07d0bca478310c1b7
76e0992ac6e4945d031c8db7515a0bbad9d55d88
3979ef47114c3d02a79bae82fbcdd46d9431104b28f572419f072ddb049e799b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17910
Expires: Sat, 22 Oct 2022 04:34:16 GMT
Date: Fri, 21 Oct 2022 23:35:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17910
Expires: Sat, 22 Oct 2022 04:34:16 GMT
Date: Fri, 21 Oct 2022 23:35:46 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7821 bytes)
Hash
f4fb0f4c9ac5a88678baf456107f5341
f6c54dbdfad7e243fe38c03f004c4c79f96b2892
b2fc6c453d7ed610521fcf34d7736a20191d86b485fd57236d2d2c4849cbb8d9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7821
x-amzn-requestid: b3b72561-80fd-4b73-862c-ad070f135634
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-LzEkrIAMFmrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b1-73f427947c17f35667c0b443;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mq7h4TJkHKd-I9c01ao1yJ3izpJLRiMG_Sk3_e2pQDGCyunY2RlI3Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:02:32 GMT
age: 5594
etag: "f6c54dbdfad7e243fe38c03f004c4c79f96b2892"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.pages01.net/WTS/event.jpeg?accesskey=1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&v=1.31&isNewSession=1&type=pageview&isNewVisitor=1&sessionGUID=b9b2c8e6-c51d-b9a6-3714-c83dd76434bb&webSyncID=911b08d9-78ad-aae6-3b97-9a22d82ab855&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&newSiteVisit=1&hostname=www.lottoland.com&pathname=%2Flotto6aus49-12fuer1&newPageVisit=1&eventKey=89640cd9-95a5-0a51-98d1-dbae5b16dd2b

35.169.63.124

200 OK

0 B

URL HTTP/1.1
www.pages01.net/WTS/event.jpeg?accesskey=1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&v=1.31&isNewSession=1&type=pageview&isNewVisitor=1&sessionGUID=b9b2c8e6-c51d-b9a6-3714-c83dd76434bb&webSyncID=911b08d9-78ad-aae6-3b97-9a22d82ab855&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&newSiteVisit=1&hostname=www.lottoland.com&pathname=%2Flotto6aus49-12fuer1&newPageVisit=1&eventKey=89640cd9-95a5-0a51-98d1-dbae5b16dd2b
IP
35.169.63.124:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WTS/event.jpeg?accesskey=1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&v=1.31&isNewSession=1&type=pageview&isNewVisitor=1&sessionGUID=b9b2c8e6-c51d-b9a6-3714-c83dd76434bb&webSyncID=911b08d9-78ad-aae6-3b97-9a22d82ab855&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&newSiteVisit=1&hostname=www.lottoland.com&pathname=%2Flotto6aus49-12fuer1&newPageVisit=1&eventKey=89640cd9-95a5-0a51-98d1-dbae5b16dd2b HTTP/1.1
Host: www.pages01.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 23:35:46 GMT
Server: Apache
p3p: CP="CAO PSA OUR"
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Connection: close
Content-Type: image/jpeg
Set-Cookie: Silverpop_cookie=1955586058.4525.0000; path=/; Httponly; Secure;SameSite=None
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63520430-d90d-4f99-ad29-214d03cc1525.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6801 bytes)
Hash
cd562cc3980d93423b625d59deea0f95
5c8646f62e19f78579fca8473edcc4e5de0e161f
b77d018b77f627e99ae6d6d2eac6c56d92499779abdbb85da3045ccb8df5211e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63520430-d90d-4f99-ad29-214d03cc1525.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6801
x-amzn-requestid: 668e33b2-d3e8-46c6-acae-b99777f605d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-M6HOBIAMFyNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b8-2b4e95e24c0dd2f33f8a2dc7;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DrXs0i2RMDtmHX8N4BN6LtiogZr56Da3yPFpye5siVtx0dZfLEXk7g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:02:19 GMT
age: 5607
etag: "5c8646f62e19f78579fca8473edcc4e5de0e161f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.dwin1.com/18852.js

143.204.55.42

200 OK

16 kB

URL HTTP/2
www.dwin1.com/18852.js
IP
143.204.55.42:0
ASN
#16509 AMAZON-02

File type
data
Size
16 kB (15739 bytes)
Hash
d3ca349bf8103debfdc0c61ec8cdf981
b0eff3487a868e609fcec8b883b9c1b63cef56e5
bd4e3d462651571960159a1fccc41fda29f5ae143af2c585a2fd74c86db1096c

HTTP Headers

GET /18852.js HTTP/1.1
Host: www.dwin1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
x-amz-replication-status: COMPLETED
last-modified: Wed, 19 Oct 2022 10:18:03 GMT
x-amz-version-id: K2MH3bxIwSBrWrSTMGMSsJYWVUMsKxHn
server: AmazonS3
content-encoding: gzip
date: Fri, 21 Oct 2022 23:29:42 GMT
cache-control: max-age=600, s-maxage=600
etag: W/"9803e8af04c1171ff4d7626890faf2f7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jAd5ZOZf0MmjO0CmELu5jplEuqojNX2AiVk1BQJTEJOPi3KK_JbtzQ==
age: 364
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63f136cc-8688-48a8-a173-5f57e08e25bb.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10684 bytes)
Hash
5ef386b42bd6b9efb747cfeb3d64fb7a
db63f62383d513348c1ef231ea4fb58d7e1e044e
988cb73f0fef893d2d65a66fad0b171350102f4496fa5ba22e415d5929373d0f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63f136cc-8688-48a8-a173-5f57e08e25bb.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10684
x-amzn-requestid: 643c8e7b-15e9-4241-8ba1-e3f4a4592373
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-okE7AoAMFjDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63531169-705159c619bc23880acd4d42;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CWLtJnrAc5b0j1aPGbuOaGuPRYzwNM0xGGP1muEwkPsih8c0iryoGw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:05:57 GMT
age: 5389
etag: "db63f62383d513348c1ef231ea4fb58d7e1e044e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

lottoland.evergage.com/twreceiver?_r=243772&_ak=lottoland&_ds=lottoland_com&.anonId=7eefa26d9f306276&_anon=true&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&.dt=1420&.pt=13&.bt=250&.btdns=3&.pv=&.ple=3&.bv=14&.scv=208

3.226.206.162

200 OK

9.6 kB

URL HTTP/2
lottoland.evergage.com/twreceiver?_r=243772&_ak=lottoland&_ds=lottoland_com&.anonId=7eefa26d9f306276&_anon=true&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&.dt=1420&.pt=13&.bt=250&.btdns=3&.pv=&.ple=3&.bv=14&.scv=208
IP
3.226.206.162:0
ASN
#14618 AMAZON-AES

File type
data
Size
9.6 kB (9607 bytes)
Hash
aba5d9387af8a758037b5bca42376848
211f9d623c126139e48434cdc54148de21c8ea2d
c0325ad98e7d37adeed8882064a8f8b143710eb2e0c53d427ac3bc32d5f60171

HTTP Headers

GET /twreceiver?_r=243772&_ak=lottoland&_ds=lottoland_com&.anonId=7eefa26d9f306276&_anon=true&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&.dt=1420&.pt=13&.bt=250&.btdns=3&.pv=&.ple=3&.bv=14&.scv=208 HTTP/1.1
Host: lottoland.evergage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.lottoland.com
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 21 Oct 2022 23:35:45 GMT
content-type: application/json;charset=UTF-8
set-cookie: AWSALB=mknm08MEAlmW5MQdww/WoqX16asRqWZUPVq1fG4Gr8NWyWCY48rF0fN8pJvoMYyAxrrAaWERAO1wAfocBSdIEp7zr9LJj6GPVOAV5h7pVZiiXVJRVjfQ5F+bb+QD; Expires=Fri, 28 Oct 2022 23:35:45 GMT; Path=/
AWSALBCORS=mknm08MEAlmW5MQdww/WoqX16asRqWZUPVq1fG4Gr8NWyWCY48rF0fN8pJvoMYyAxrrAaWERAO1wAfocBSdIEp7zr9LJj6GPVOAV5h7pVZiiXVJRVjfQ5F+bb+QD; Expires=Fri, 28 Oct 2022 23:35:45 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: https://www.lottoland.com
timing-allow-origin: *
x-content-type-options: nosniff
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1161ffd-d618-4da5-b16d-40f9f2fda316.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8133 bytes)
Hash
139dcd1a5232524efac37c0f9e482cae
7b28ad06ff24b0ff8fc29bd00e1736bad8a77c03
0d1d8e62b00d9f03f45cb1c59dcfd269b22ff4b54ea0bacdb88449ac2d4443dd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1161ffd-d618-4da5-b16d-40f9f2fda316.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8133
x-amzn-requestid: 39a5952e-d747-4cfd-99cf-316e92a82835
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-kPGFooAMFV_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353114e-167f08dd48e9934c48c196ff;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8VL0kOr2ur7BbAOZjmnWcLhv-uaDWMh5eh1bkoc1Dq8U8DiM1Hz8Tw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:10 GMT
age: 5736
etag: "7b28ad06ff24b0ff8fc29bd00e1736bad8a77c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.pages01.net/WTS/event.jpeg?accesskey=1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&v=1.31&isNewSession=0&type=pageview&isNewVisitor=1&sessionGUID=b9b2c8e6-c51d-b9a6-3714-c83dd76434bb&webSyncID=911b08d9-78ad-aae6-3b97-9a22d82ab855&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&newSiteVisit=0&hostname=www.lottoland.com&pathname=%2Flotto6aus49-12fuer1&newPageVisit=0&eventKey=cea925bc-c817-160e-4cbd-2305c749dae4

35.169.63.124

200 OK

0 B

URL HTTP/1.1
www.pages01.net/WTS/event.jpeg?accesskey=1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&v=1.31&isNewSession=0&type=pageview&isNewVisitor=1&sessionGUID=b9b2c8e6-c51d-b9a6-3714-c83dd76434bb&webSyncID=911b08d9-78ad-aae6-3b97-9a22d82ab855&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&newSiteVisit=0&hostname=www.lottoland.com&pathname=%2Flotto6aus49-12fuer1&newPageVisit=0&eventKey=cea925bc-c817-160e-4cbd-2305c749dae4
IP
35.169.63.124:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WTS/event.jpeg?accesskey=1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&v=1.31&isNewSession=0&type=pageview&isNewVisitor=1&sessionGUID=b9b2c8e6-c51d-b9a6-3714-c83dd76434bb&webSyncID=911b08d9-78ad-aae6-3b97-9a22d82ab855&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&newSiteVisit=0&hostname=www.lottoland.com&pathname=%2Flotto6aus49-12fuer1&newPageVisit=0&eventKey=cea925bc-c817-160e-4cbd-2305c749dae4 HTTP/1.1
Host: www.pages01.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 23:35:46 GMT
Server: Apache
p3p: CP="CAO PSA OUR"
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Connection: close
Content-Type: image/jpeg
Set-Cookie: Silverpop_cookie=1653596170.4525.0000; path=/; Httponly; Secure;SameSite=None
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2eaba36da86177a324dc3f59051e88f8
8248e37c850c10c13b3b55e85e81869984ff98ea
c62416a009668f178cc78773d72276b0d2999cad0ec94cf8ccbfe1090c3bd844

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2599
Cache-Control: max-age=140541
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:46 GMT
Etag: "6352a4a8-1d7"
Expires: Sun, 23 Oct 2022 14:38:07 GMT
Last-Modified: Fri, 21 Oct 2022 13:54:48 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 21 Oct 2022 22:41:09 GMT
expires: Sat, 22 Oct 2022 00:41:09 GMT
cache-control: public, max-age=7200
age: 3277
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
560156f6d5190899cb52b7d5b589b9de
0561a7d673fe87bf4cb19a0c103ae8a4bca7499a
f6797c46b407b9c884c5fcd1449d25db4203dfc946ff60ac8a1043ee3fa92d41

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5250
Cache-Control: max-age=160812
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:46 GMT
Etag: "6352e97c-1d7"
Expires: Sun, 23 Oct 2022 20:15:58 GMT
Last-Modified: Fri, 21 Oct 2022 18:48:28 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
06210a4a9db522652fd6aabfa05b2653
630b4ef71ec82a3970927a328d279035eaaa1267
5100e1703020fdef7d473c91e1c88dfb734083057f431feeefaaa24838990a21

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27027 bytes)
Hash
71875f848896ee82a106224e048bd060
277a624e507dff2cd9cff104aa0c5618ca76e105
a22635e404a419027fc88eee705d254910d05d481953733d5e1fda4bc6ab3c5b

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: IBQztwU06pJw3+qJbUEiw1F0gGkmWh+vXOlc5/pZXN00AgfR7uzwh8vwdRABe+R6jdIpAusS6aQ4W1TqKVyAcA==
content-length: 27027
x-fb-trip-id: 1904183273
date: Fri, 21 Oct 2022 23:35:46 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pubads.g.doubleclick.net/activity;dc_iu=/8804/DFPAudiencePixel;ord=6121924253188.938;dc_seg=6657370401?

216.58.211.2

200 OK

42 B

URL HTTP/2
pubads.g.doubleclick.net/activity;dc_iu=/8804/DFPAudiencePixel;ord=6121924253188.938;dc_seg=6657370401?
IP
216.58.211.2:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /activity;dc_iu=/8804/DFPAudiencePixel;ord=6121924253188.938;dc_seg=6657370401? HTTP/1.1
Host: pubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 21 Oct 2022 23:35:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-Oct-2022 23:50:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

16 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
gzip compressed data, max speed\012- data
Size
16 kB (16162 bytes)
Hash
ac772f43e52d064b6716385f4124850f
c90fb082184599d2e06a69b8989259817251bece
28f63c291e7d69845b4f05a3f67be659ffbe3a46c1b1df2de8a7d445cf0f5586

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2599
Cache-Control: max-age=140541
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:46 GMT
Etag: "6352a4a8-1d7"
Expires: Sun, 23 Oct 2022 14:38:07 GMT
Last-Modified: Fri, 21 Oct 2022 13:54:48 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/j/collect?v=1&_v=j98&a=1515369679&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&ul=en-us&de=UTF-8&dt=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IAhAAEABAAAAACAAM~&jid=1463448555&gjid=1374850584&cid=932789792.1666395359&tid=UA-28776713-12&_gid=652002902.1666395360&_r=1&_slc=1&z=434373425

142.250.74.174

200 OK

4 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&a=1515369679&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&ul=en-us&de=UTF-8&dt=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IAhAAEABAAAAACAAM~&jid=1463448555&gjid=1374850584&cid=932789792.1666395359&tid=UA-28776713-12&_gid=652002902.1666395360&_r=1&_slc=1&z=434373425
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

HTTP Headers

POST /j/collect?v=1&_v=j98&a=1515369679&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&ul=en-us&de=UTF-8&dt=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IAhAAEABAAAAACAAM~&jid=1463448555&gjid=1374850584&cid=932789792.1666395359&tid=UA-28776713-12&_gid=652002902.1666395360&_r=1&_slc=1&z=434373425 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.lottoland.com
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://www.lottoland.com
date: Fri, 21 Oct 2022 23:35:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

pixel.mathtag.com/event/js?mt_pp=2&version=1.1&delimiter=%5BINSERT%20DELIMITER%5D&mt_exem=%5BINSERT%20SHA-256%20HASHED%20EMAIL%5D&industry=Gambling&mt_adid=245335&event_type=catchall&mt_id=1541395&currency=%5BINSERT%20MACRO%5D&duration_days=%5BINSERT%20MACRO%5D&order_id=%5BINSERT%20MACRO%5D&product_category=%5BINSERT%20MACRO%5D&product_id=%5BINSERT%20MACRO%5D&product_price=%5BINSERT%20MACRO%5D&product_quantity=%5BINSERT%20MACRO%5D&promotion_id_1=%5BINSERT%20MACRO%5D&revenue=%5BINSERT%20MACRO%5D&v3=%5BINSERT%20MACRO%5D&language=en-US%2Cen%3Bq%3D0.5&mt_lim=20&document_title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&location=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&document_path=%2Flotto6aus49-12fuer1&v1=%5BINSERT%20MACRO%5D&v2=%5BINSERT%20MACRO%5D&mt_cb=1666395358984

23.38.200.207

200 OK

1.5 kB

URL HTTP/1.1
pixel.mathtag.com/event/js?mt_pp=2&version=1.1&delimiter=%5BINSERT%20DELIMITER%5D&mt_exem=%5BINSERT%20SHA-256%20HASHED%20EMAIL%5D&industry=Gambling&mt_adid=245335&event_type=catchall&mt_id=1541395&currency=%5BINSERT%20MACRO%5D&duration_days=%5BINSERT%20MACRO%5D&order_id=%5BINSERT%20MACRO%5D&product_category=%5BINSERT%20MACRO%5D&product_id=%5BINSERT%20MACRO%5D&product_price=%5BINSERT%20MACRO%5D&product_quantity=%5BINSERT%20MACRO%5D&promotion_id_1=%5BINSERT%20MACRO%5D&revenue=%5BINSERT%20MACRO%5D&v3=%5BINSERT%20MACRO%5D&language=en-US%2Cen%3Bq%3D0.5&mt_lim=20&document_title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&location=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&document_path=%2Flotto6aus49-12fuer1&v1=%5BINSERT%20MACRO%5D&v2=%5BINSERT%20MACRO%5D&mt_cb=1666395358984
IP
23.38.200.207:0
ASN
#16625 AKAMAI-AS

File type
ASCII text
Size
1.5 kB (1503 bytes)
Hash
03a940aa94d60489983b68291ff13d93
50edbcdb69c1c42db15ac67ff6354c63d0b46955
60fd3a42a1af41e100327224b372ea7af6e9f7c3e67bfed4e610d7917a629055

HTTP Headers

GET /event/js?mt_pp=2&version=1.1&delimiter=%5BINSERT%20DELIMITER%5D&mt_exem=%5BINSERT%20SHA-256%20HASHED%20EMAIL%5D&industry=Gambling&mt_adid=245335&event_type=catchall&mt_id=1541395&currency=%5BINSERT%20MACRO%5D&duration_days=%5BINSERT%20MACRO%5D&order_id=%5BINSERT%20MACRO%5D&product_category=%5BINSERT%20MACRO%5D&product_id=%5BINSERT%20MACRO%5D&product_price=%5BINSERT%20MACRO%5D&product_quantity=%5BINSERT%20MACRO%5D&promotion_id_1=%5BINSERT%20MACRO%5D&revenue=%5BINSERT%20MACRO%5D&v3=%5BINSERT%20MACRO%5D&language=en-US%2Cen%3Bq%3D0.5&mt_lim=20&document_title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&location=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&document_path=%2Flotto6aus49-12fuer1&v1=%5BINSERT%20MACRO%5D&v2=%5BINSERT%20MACRO%5D&mt_cb=1666395358984 HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1503
Access-Control-Allow-Origin: *
Server: MT3 4539 98cc2da master iad-pixel-x19 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Fri, 21 Oct 2022 23:35:45 GMT
Date: Fri, 21 Oct 2022 23:35:46 GMT
Connection: keep-alive
Set-Cookie: uuid=6b976353-2cd2-4b00-9142-47941e6c61e3; domain=.mathtag.com; path=/; expires=Sat, 18-Nov-2023 23:35:46 GMT; SameSite=None; Secure

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
06210a4a9db522652fd6aabfa05b2653
630b4ef71ec82a3970927a328d279035eaaa1267
5100e1703020fdef7d473c91e1c88dfb734083057f431feeefaaa24838990a21

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pixel.mathtag.com/sync/iframe?mt_uuid=6b976353-2cd2-4b00-9142-47941e6c61e3&no_iframe=1&mt_adid=245335&mt_lim=20&source=mathtag

23.38.200.207

200 OK

713 B

URL HTTP/1.1
pixel.mathtag.com/sync/iframe?mt_uuid=6b976353-2cd2-4b00-9142-47941e6c61e3&no_iframe=1&mt_adid=245335&mt_lim=20&source=mathtag
IP
23.38.200.207:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document, ASCII text
Size
713 B (713 bytes)
Hash
f853f2ecf3f2d763c4057f4ff5c3e4e8
0f9ca6de16aa4261f1202443311462a81717dd85
8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da

HTTP Headers

GET /sync/iframe?mt_uuid=6b976353-2cd2-4b00-9142-47941e6c61e3&no_iframe=1&mt_adid=245335&mt_lim=20&source=mathtag HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 713
Access-Control-Allow-Origin: *
Server: MT3 4539 98cc2da master iad-pixel-x31 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Fri, 21 Oct 2022 23:35:45 GMT
Date: Fri, 21 Oct 2022 23:35:46 GMT
Connection: keep-alive

s2.adform.net/banners/scripts/st/trackpoint-async.js

37.157.2.248

200 OK

31 kB

URL HTTP/2
s2.adform.net/banners/scripts/st/trackpoint-async.js
IP
37.157.2.248:0
ASN
#198622 Adform A/S

File type
data
Size
31 kB (30865 bytes)
Hash
2c4c8842224309163b2c49196f8edd8b
da58d1c9e6e196158924f54ca6d6f53cc02435ea
ad23a6310a683184c3295f88e4c7d08ffe62427aba93d132004f1789be3b331d

HTTP Headers

GET /banners/scripts/st/trackpoint-async.js HTTP/1.1
Host: s2.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 21 Oct 2022 23:35:46 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 05 Oct 2022 12:23:24 GMT
x-rgw-object-type: Normal
etag: W/"4cb8e818a3c8dda5fd80d6d9a55d958d"
x-amz-request-id: tx000008e678274a1afb0c9-006353174f-329373d4-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

track.adform.net/Serving/TrackPoint/?pm=1388237&ADFPageName=Landing%20Page%20DE&ADFdivider=%7C&ord=793824525559&ADFtpmode=2&loc=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&Set1=en-US%7Cen-US%7C1280x1024%7C24

37.157.5.142

302 Found

564 B

URL HTTP/2
track.adform.net/Serving/TrackPoint/?pm=1388237&ADFPageName=Landing%20Page%20DE&ADFdivider=%7C&ord=793824525559&ADFtpmode=2&loc=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP
37.157.5.142:0
ASN
#198622 Adform A/S

File type
data
Size
564 B (564 bytes)
Hash
28929377b3ff784f7622538111a7c158
a44c41e4b61ea9bbe03a204177396b89bc36a53a
d352e3675919e97cccefdfd6edf28a91c4cbae550974bc59258eacc66602d0d7

HTTP Headers

GET /Serving/TrackPoint/?pm=1388237&ADFPageName=Landing%20Page%20DE&ADFdivider=%7C&ord=793824525559&ADFtpmode=2&loc=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Fri, 21 Oct 2022 23:35:46 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1388237&ADFPageName=Landing%20Page%20DE&ADFdivider=%7C&ord=793824525559&ADFtpmode=2&loc=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&Set1=en-US%7Cen-US%7C1280x1024%7C24
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Tue, 22-Nov-2022 00:35:46 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d8ad2cc67fe4edf14ed9497ee349419b
b11f1d3df0e57e5967f39f8dfeb97af5138edd5f
b459e908234aaa71dd46eafb74920476176f9f8136fc2df0cdd7eecb744d35c6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9f4b1d3c4fdfbd28fa4afc92115bd9f9
365125fe68f668bae6f3c13ef21d92bb00783ebe
92ea3ab34acb6f2464ef06496365dd1a54767519d3429346849898739bf05bb5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28776713-12&cid=932789792.1666395359&jid=1463448555&_u=IAhAAEAAAAAAACAAM~&z=1913016990

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28776713-12&cid=932789792.1666395359&jid=1463448555&_u=IAhAAEAAAAAAACAAM~&z=1913016990
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28776713-12&cid=932789792.1666395359&jid=1463448555&_u=IAhAAEAAAAAAACAAM~&z=1913016990 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 21 Oct 2022 23:35:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=2104094796432765&ev=PageView&dl=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&rl=&if=false&ts=1666395360133&sw=1280&sh=1024&v=2.9.87&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1666395360132.1890927278&it=1666395359899&coo=false&tm=1&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=2104094796432765&ev=PageView&dl=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&rl=&if=false&ts=1666395360133&sw=1280&sh=1024&v=2.9.87&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1666395360132.1890927278&it=1666395359899&coo=false&tm=1&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=2104094796432765&ev=PageView&dl=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&rl=&if=false&ts=1666395360133&sw=1280&sh=1024&v=2.9.87&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1666395360132.1890927278&it=1666395359899&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 21 Oct 2022 23:35:46 GMT
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28776713-12&cid=932789792.1666395359&jid=1463448555&_u=IAhAAEAAAAAAACAAM~&z=1913016990

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28776713-12&cid=932789792.1666395359&jid=1463448555&_u=IAhAAEAAAAAAACAAM~&z=1913016990
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28776713-12&cid=932789792.1666395359&jid=1463448555&_u=IAhAAEAAAAAAACAAM~&z=1913016990 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 21 Oct 2022 23:35:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d8ad2cc67fe4edf14ed9497ee349419b
b11f1d3df0e57e5967f39f8dfeb97af5138edd5f
b459e908234aaa71dd46eafb74920476176f9f8136fc2df0cdd7eecb744d35c6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1b0cd7fce51616614b5ebb265d02c2f7
6748d7df7c347bbe06afb2155fff3bbc8bf50eb0
d41beb047830bdacb772b75123c39906db8edcd49fdc8c9a00258a2556efd1c9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

lottoland.evergage.com/pr?_r=904549&_ak=lottoland&_ds=lottoland_com&.scv=208&.anonId=7eefa26d9f306276&_anon=true&.top=1590&.lt=3073&.tt=406&.ttdns=1

3.226.206.162

204 No Content

0 B

URL HTTP/2
lottoland.evergage.com/pr?_r=904549&_ak=lottoland&_ds=lottoland_com&.scv=208&.anonId=7eefa26d9f306276&_anon=true&.top=1590&.lt=3073&.tt=406&.ttdns=1
IP
3.226.206.162:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pr?_r=904549&_ak=lottoland&_ds=lottoland_com&.scv=208&.anonId=7eefa26d9f306276&_anon=true&.top=1590&.lt=3073&.tt=406&.ttdns=1 HTTP/1.1
Host: lottoland.evergage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.lottoland.com
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Fri, 21 Oct 2022 23:35:47 GMT
set-cookie: AWSALB=iq3zp1AbXc91UXo4rd/smhVxmSfSJfxNO/Cu8MnHKqabIAszOeDLVoQIB5iJir0iXzhNaRnHEKnaZ6FeG80sriqiy4rLpGBiaT1RgV7MK+stqIw9jRRN3NIr2rz1; Expires=Fri, 28 Oct 2022 23:35:47 GMT; Path=/
AWSALBCORS=iq3zp1AbXc91UXo4rd/smhVxmSfSJfxNO/Cu8MnHKqabIAszOeDLVoQIB5iJir0iXzhNaRnHEKnaZ6FeG80sriqiy4rLpGBiaT1RgV7MK+stqIw9jRRN3NIr2rz1; Expires=Fri, 28 Oct 2022 23:35:47 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: https://www.lottoland.com
timing-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2

35.169.63.124

200 OK

0 B

URL HTTP/1.1
www.pages01.net/WTS/event.jpeg?accesskey=1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&v=1.31&isNewSession=0&type=pageview&isNewVisitor=1&sessionGUID=b9b2c8e6-c51d-b9a6-3714-c83dd76434bb&webSyncID=911b08d9-78ad-aae6-3b97-9a22d82ab855&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&newSiteVisit=0&hostname=www.lottoland.com&pathname=%2Flotto6aus49-12fuer1&newPageVisit=0&eventKey=1d2a02d4-d3a7-22eb-b864-5e43c4e03504
IP
35.169.63.124:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /WTS/event.jpeg?accesskey=1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&v=1.31&isNewSession=0&type=pageview&isNewVisitor=1&sessionGUID=b9b2c8e6-c51d-b9a6-3714-c83dd76434bb&webSyncID=911b08d9-78ad-aae6-3b97-9a22d82ab855&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&newSiteVisit=0&hostname=www.lottoland.com&pathname=%2Flotto6aus49-12fuer1&newPageVisit=0&eventKey=1d2a02d4-d3a7-22eb-b864-5e43c4e03504 HTTP/1.1
Host: www.pages01.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Cookie: Silverpop_cookie=1653596170.4525.0000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 23:35:47 GMT
Server: Apache
p3p: CP="CAO PSA OUR"
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Connection: close
Content-Type: image/jpeg
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload

www.lottoland.com/lotto6aus49-12fuer1

104.17.214.185

200 OK

0 B

URL HTTP/2
www.lottoland.com/lotto6aus49-12fuer1
IP
104.17.214.185:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /lotto6aus49-12fuer1 HTTP/1.1
Host: www.lottoland.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: route=1666395345.314.1256.345859|107af3ac26dde70c7eaf6c2546e21e24; pid=email_369431_de; sid=b4c8367242b30dceeadaf8e58269f547-20221006.7314.pool; csfcfc=FtOBvf6LO%2FIYRw%3D%3D; JSESSIONID=ce70dc009d7295aeaa93311b7b4a.lotto-lotto-web-74cfcb46f5-c2q5g; __cf_bm=wYbHc7z_KMr0FykCSeIvF35tujdxuXmdt0Ab_3m6pWs-1666395344-0-AabPPCJYQ4D1fw3eEIWS/BUHt6pIyrBRBeDrMqHkBuB4kOvywu+kVieMcnPLDyR30emqXEd2TOxeTDPGuP15K3g=; __cfruid=f362502476ecfb40b878e6303d935fcba53e4c50-1666395344
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
date: Fri, 21 Oct 2022 23:35:44 GMT
content-type: text/html;charset=UTF-8
cf-ray: 75ddcfb67cd31c02-OSL
strict-transport-security: max-age=15724800; includeSubDomains
vary: User-Agent, Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
set-cookie: RMC=mNFdg0IcdgdMXT3RCAseGkgEOmYMbX9.1gfuee3kb.de_DE; Expires=Fri, 20-Oct-2023 23:35:44 GMT; Path=/; SameSite=None; Secure; Secure; HttpOnly
launchMappingId=%2Flotto6aus49%2D12fuer1; Path=/; SameSite=None; Secure
mappingId=%2Flotto6aus49%2D12fuer1; Path=/; SameSite=None; Secure
growlsToBeClosed=clear; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; SameSite=None; Secure
csfcfc=e9SEu%2FmNVMwQaicaQjNp%2FsGcAw%3D%3D; Path=/; SameSite=None; Secure; Secure; HttpOnly
JSESSIONID=ce70dc009d7295aeaa93311b7b4a.lotto-lotto-web-74cfcb46f5-c2q5g; Path=/; SameSite=None; Secure; Secure; HttpOnly
server: cloudflare
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

lottoland.evergage.com/er?.em=can%27t%20access%20property%20%22indexOf%22%2C%20ajq(...).data(...)%20is%20undefined&.es=invokeDataCollectionFunction&.ef=window.evergageBeforeSiteConfigExecution%2F%3C&.eu=https%3A%2F%2Fcdn.evgnet.com%2Fbeacon%2Flottoland%2Flottoland_com%2Fscripts%2Fevergage.min.js&_ak=lottoland&_ds=lottoland_com&.scv=208&.anonId=7eefa26d9f306276&_anon=true&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&.bv=14&_r=901102

3.226.206.162

200 OK

0 B

URL HTTP/2
lottoland.evergage.com/er?.em=can%27t%20access%20property%20%22indexOf%22%2C%20ajq(...).data(...)%20is%20undefined&.es=invokeDataCollectionFunction&.ef=window.evergageBeforeSiteConfigExecution%2F%3C&.eu=https%3A%2F%2Fcdn.evgnet.com%2Fbeacon%2Flottoland%2Flottoland_com%2Fscripts%2Fevergage.min.js&_ak=lottoland&_ds=lottoland_com&.scv=208&.anonId=7eefa26d9f306276&_anon=true&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&.bv=14&_r=901102
IP
3.226.206.162:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /er?.em=can%27t%20access%20property%20%22indexOf%22%2C%20ajq(...).data(...)%20is%20undefined&.es=invokeDataCollectionFunction&.ef=window.evergageBeforeSiteConfigExecution%2F%3C&.eu=https%3A%2F%2Fcdn.evgnet.com%2Fbeacon%2Flottoland%2Flottoland_com%2Fscripts%2Fevergage.min.js&_ak=lottoland&_ds=lottoland_com&.scv=208&.anonId=7eefa26d9f306276&_anon=true&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&.bv=14&_r=901102 HTTP/1.1
Host: lottoland.evergage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 21 Oct 2022 23:35:45 GMT
content-type: image/gif
set-cookie: AWSALB=MdHT3yDEJ7pkJ5r/OlDLn/PZh4JdXNn/2lbwBpyjzXByn4r6DjWP/RI3w8/l10NXzSm+u759Men7vfaYpB8mFZ/NXGcnxxmJUh8eRZPf6iQVvmXgtmCtwKOv+SaW; Expires=Fri, 28 Oct 2022 23:35:45 GMT; Path=/
AWSALBCORS=MdHT3yDEJ7pkJ5r/OlDLn/PZh4JdXNn/2lbwBpyjzXByn4r6DjWP/RI3w8/l10NXzSm+u759Men7vfaYpB8mFZ/NXGcnxxmJUh8eRZPf6iQVvmXgtmCtwKOv+SaW; Expires=Fri, 28 Oct 2022 23:35:45 GMT; Path=/; SameSite=None; Secure
timing-allow-origin: *
expires: Sat, 22 Oct 2022 23:35:45 GMT
cache-control: private, max-age=86400000
x-content-type-options: nosniff
X-Firefox-Spdy: h2

lottoland.evergage.com/er?.em=Syntax%20error%2C%20unrecognized%20expression%3A%20div.l-carousel-subContainer%20%26gt%3B%20div.l-carousel-allPodContainer&.es=jQueryObjectSyntaxError&.ef=ga.error&.eu=https%3A%2F%2Fwww.lottoland.com%2Fde_DE%2Fskins%2Flottoland%2Fjs%2Flib%2Fjquery-3.2.1.min-8f9d10308fc5677a.js&_ak=lottoland&_ds=lottoland_com&.scv=208&.anonId=7eefa26d9f306276&_anon=true&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&.bv=14&_r=311882

3.226.206.162

200 OK

0 B

URL HTTP/2
lottoland.evergage.com/er?.em=Syntax%20error%2C%20unrecognized%20expression%3A%20div.l-carousel-subContainer%20%26gt%3B%20div.l-carousel-allPodContainer&.es=jQueryObjectSyntaxError&.ef=ga.error&.eu=https%3A%2F%2Fwww.lottoland.com%2Fde_DE%2Fskins%2Flottoland%2Fjs%2Flib%2Fjquery-3.2.1.min-8f9d10308fc5677a.js&_ak=lottoland&_ds=lottoland_com&.scv=208&.anonId=7eefa26d9f306276&_anon=true&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&.bv=14&_r=311882
IP
3.226.206.162:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /er?.em=Syntax%20error%2C%20unrecognized%20expression%3A%20div.l-carousel-subContainer%20%26gt%3B%20div.l-carousel-allPodContainer&.es=jQueryObjectSyntaxError&.ef=ga.error&.eu=https%3A%2F%2Fwww.lottoland.com%2Fde_DE%2Fskins%2Flottoland%2Fjs%2Flib%2Fjquery-3.2.1.min-8f9d10308fc5677a.js&_ak=lottoland&_ds=lottoland_com&.scv=208&.anonId=7eefa26d9f306276&_anon=true&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&.bv=14&_r=311882 HTTP/1.1
Host: lottoland.evergage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 21 Oct 2022 23:35:45 GMT
content-type: image/gif
set-cookie: AWSALB=BcoJ5BZ/6ex2+Uq0i0A1601VG0TeT4EYa0Fph962WkdmttIJpiTjTb0U4EtqEiH1CdN4Us9+ERqD/CH2dISxZQcLYJKHarOVG0XZpSOtZ6Wkkl3zsGtqXoG5MsH0; Expires=Fri, 28 Oct 2022 23:35:45 GMT; Path=/
AWSALBCORS=BcoJ5BZ/6ex2+Uq0i0A1601VG0TeT4EYa0Fph962WkdmttIJpiTjTb0U4EtqEiH1CdN4Us9+ERqD/CH2dISxZQcLYJKHarOVG0XZpSOtZ6Wkkl3zsGtqXoG5MsH0; Expires=Fri, 28 Oct 2022 23:35:45 GMT; Path=/; SameSite=None; Secure
timing-allow-origin: *
expires: Sat, 22 Oct 2022 23:35:45 GMT
cache-control: private, max-age=86400000
x-content-type-options: nosniff
X-Firefox-Spdy: h2

lottoland.evergage.com/er?.em=Syntax%20error%2C%20unrecognized%20expression%3A%20p.new-cta-after-optin%20%26gt%3B%20a.btn&.es=jQueryObjectSyntaxError&.ef=ga.error&.eu=https%3A%2F%2Fwww.lottoland.com%2Fde_DE%2Fskins%2Flottoland%2Fjs%2Flib%2Fjquery-3.2.1.min-8f9d10308fc5677a.js&_ak=lottoland&_ds=lottoland_com&.scv=208&.anonId=7eefa26d9f306276&_anon=true&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&.bv=14&_r=073142

3.226.206.162

200 OK

0 B

URL HTTP/2
lottoland.evergage.com/er?.em=Syntax%20error%2C%20unrecognized%20expression%3A%20p.new-cta-after-optin%20%26gt%3B%20a.btn&.es=jQueryObjectSyntaxError&.ef=ga.error&.eu=https%3A%2F%2Fwww.lottoland.com%2Fde_DE%2Fskins%2Flottoland%2Fjs%2Flib%2Fjquery-3.2.1.min-8f9d10308fc5677a.js&_ak=lottoland&_ds=lottoland_com&.scv=208&.anonId=7eefa26d9f306276&_anon=true&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&.bv=14&_r=073142
IP
3.226.206.162:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /er?.em=Syntax%20error%2C%20unrecognized%20expression%3A%20p.new-cta-after-optin%20%26gt%3B%20a.btn&.es=jQueryObjectSyntaxError&.ef=ga.error&.eu=https%3A%2F%2Fwww.lottoland.com%2Fde_DE%2Fskins%2Flottoland%2Fjs%2Flib%2Fjquery-3.2.1.min-8f9d10308fc5677a.js&_ak=lottoland&_ds=lottoland_com&.scv=208&.anonId=7eefa26d9f306276&_anon=true&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&.bv=14&_r=073142 HTTP/1.1
Host: lottoland.evergage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 21 Oct 2022 23:35:45 GMT
content-type: image/gif
set-cookie: AWSALB=qa67n54XA5ePlHH0JYQoZ9ZI8Ojx3WkcWL23qcEEbpmrjE32Og5UJVhLVtUqemIGRzYCjBEvJQ+2b3vqH0jlyh75TskcDT0TYpHfA4IBi3CYHH/aRVruq/CV3eXJ; Expires=Fri, 28 Oct 2022 23:35:45 GMT; Path=/
AWSALBCORS=qa67n54XA5ePlHH0JYQoZ9ZI8Ojx3WkcWL23qcEEbpmrjE32Og5UJVhLVtUqemIGRzYCjBEvJQ+2b3vqH0jlyh75TskcDT0TYpHfA4IBi3CYHH/aRVruq/CV3eXJ; Expires=Fri, 28 Oct 2022 23:35:45 GMT; Path=/; SameSite=None; Secure
timing-allow-origin: *
expires: Sat, 22 Oct 2022 23:35:45 GMT
cache-control: private, max-age=86400000
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.lottoland.com/lotto6aus49-12fuer1?lottolapid=email_369431_de&sid=b4c8367242b30dceeadaf8e58269f547-20221006.7314.pool

104.17.214.185

302 Found

0 B

URL HTTP/2
www.lottoland.com/lotto6aus49-12fuer1?lottolapid=email_369431_de&sid=b4c8367242b30dceeadaf8e58269f547-20221006.7314.pool
IP
104.17.214.185:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /lotto6aus49-12fuer1?lottolapid=email_369431_de&sid=b4c8367242b30dceeadaf8e58269f547-20221006.7314.pool HTTP/1.1
Host: www.lottoland.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Fri, 21 Oct 2022 23:35:44 GMT
content-type: text/html;charset=ISO-8859-1
location: https://www.lottoland.com/lotto6aus49-12fuer1
cf-ray: 75ddcfb53c441c02-OSL
content-language: en-US
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
vary: Accept-Encoding
set-cookie: route=1666395345.314.1256.345859|107af3ac26dde70c7eaf6c2546e21e24; Path=/; Secure; HttpOnly; SameSite=None
pid=email_369431_de; Expires=Sun, 20-Nov-2022 23:35:44 GMT; Path=/; SameSite=None; Secure
sid=b4c8367242b30dceeadaf8e58269f547-20221006.7314.pool; Expires=Sun, 20-Nov-2022 23:35:44 GMT; Path=/; SameSite=None; Secure
csfcfc=FtOBvf6LO%2FIYRw%3D%3D; Path=/; SameSite=None; Secure; Secure; HttpOnly
JSESSIONID=ce70dc009d7295aeaa93311b7b4a.lotto-lotto-web-74cfcb46f5-c2q5g; Path=/; SameSite=None; Secure; Secure; HttpOnly
__cf_bm=wYbHc7z_KMr0FykCSeIvF35tujdxuXmdt0Ab_3m6pWs-1666395344-0-AabPPCJYQ4D1fw3eEIWS/BUHt6pIyrBRBeDrMqHkBuB4kOvywu+kVieMcnPLDyR30emqXEd2TOxeTDPGuP15K3g=; path=/; expires=Sat, 22-Oct-22 00:05:44 GMT; domain=.lottoland.com; HttpOnly; Secure; SameSite=None
__cfruid=f362502476ecfb40b878e6303d935fcba53e4c50-1666395344; path=/; domain=.lottoland.com; HttpOnly; Secure; SameSite=None
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (43)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations