| em.wdr.to/l/40285083835ffd330183e61ddc471648 | 136.243.10.236 | 302 | 0 B |
URL HTTP/1.1em.wdr.to/l/40285083835ffd330183e61ddc471648 IP136.243.10.236:0 ASN#24940 Hetzner Online GmbH
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /l/40285083835ffd330183e61ddc471648 HTTP/1.1
Host: em.wdr.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
X-Application-Context: emma:invoice,salesbutlers:8080
Set-Cookie: JSESSIONID=5C0A3D1DEFFC60A6C392887FE8BB734A; Path=/; HttpOnly
a0P9W000000bjdYUAQ=40285083835ffd330183e61ddc471648; Max-Age=31536000; Expires=Sat, 21-Oct-2023 23:35:43 GMT
Location: https://www.lottoland.com/lotto6aus49-12fuer1?lottolapid=email_369431_de&sid=b4c8367242b30dceeadaf8e58269f547-20221006.7314.pool
Content-Language: en-US
Content-Length: 0
Date: Fri, 21 Oct 2022 23:35:43 GMT
Connection: close
|
|
| firefox.settings.services.mozilla.com/v1/ | 143.204.55.35 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.35:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashc9df6b36bf16969ac566c1b798362e4a e56eff34815153ae019a4bf63eb9746dd9ae2e5b 33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 21 Oct 2022 22:52:32 GMT
Expires: Fri, 21 Oct 2022 22:57:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZL6Tnf1YGo8apljaohsAjkMW4y3j8ymZEJP98gkztrnYhbq8TxE-VA==
Age: 2591
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashc19f4a1def760c07cbc4aec1d0d6c050 6ad911a7c02f5e5fdd82fa86cae0453528d53a6d 750bba81910a4bbd78ab484ba03781a36459a0aec147d7c47424e9a9bf152b40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "750BBA81910A4BBD78AB484BA03781A36459A0AEC147D7C47424E9A9BF152B40"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4266
Expires: Sat, 22 Oct 2022 00:46:50 GMT
Date: Fri, 21 Oct 2022 23:35:44 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash9dc4f23f82148797f6d8041bdda3c7f7 6841ded3e2dd94fd762316d01efd43f7aafb8354 e229db1854a85b320cee574e805210f3adf5797136ea820c0a0ce9abcd63d4dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E229DB1854A85B320CEE574E805210F3ADF5797136EA820C0A0CE9ABCD63D4DD"
Last-Modified: Thu, 20 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6267
Expires: Sat, 22 Oct 2022 01:20:11 GMT
Date: Fri, 21 Oct 2022 23:35:44 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: AOIH8mhZsrHEZeZ2p84uA+ZRWyfXIVPSq1pbDwlz773QEHn2x6S3vBje62IHh9eDgQIdgqC2f68=
x-amz-request-id: JMWK02WEZJFXHJ94
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 21 Oct 2022 23:07:24 GMT
age: 1700
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp2.globalsign.com/gsalphasha2g2 | 104.18.21.226 | 200 OK | 1.4 kB |
URL HTTP/1.1ocsp2.globalsign.com/gsalphasha2g2 IP104.18.21.226:0
Hashf1354e68380c22039b0905d44bc2ca34 d9da47f199ad52431228e3fd32f4b613b6f5cfb7 a52eee150016240454cf0d0c89d8afdeada4f29b32234aee8be95a7ac8887e26
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 23:35:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 25 Oct 2022 21:57:33 GMT
ETag: "d9da47f199ad52431228e3fd32f4b613b6f5cfb7"
Last-Modified: Fri, 21 Oct 2022 21:57:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ddcfb50b0d0b59-OSL
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 21 Oct 2022 23:35:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp2.globalsign.com/gsalphasha2g2 | 104.18.21.226 | 200 OK | 1.4 kB |
URL HTTP/1.1ocsp2.globalsign.com/gsalphasha2g2 IP104.18.21.226:0
Hashf1354e68380c22039b0905d44bc2ca34 d9da47f199ad52431228e3fd32f4b613b6f5cfb7 a52eee150016240454cf0d0c89d8afdeada4f29b32234aee8be95a7ac8887e26
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 23:35:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 25 Oct 2022 21:57:33 GMT
ETag: "d9da47f199ad52431228e3fd32f4b613b6f5cfb7"
Last-Modified: Fri, 21 Oct 2022 21:57:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 0
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ddcfb66c200b59-OSL
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.35 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.35:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 21 Oct 2022 22:43:40 GMT
Cache-Control: max-age=3600
Expires: Fri, 21 Oct 2022 23:02:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EkV7qwifNx3KLHtO9VQJYpi0glt7Khpyff5Mg_JvYT6rpdRrBMeICw==
Age: 3124
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash94ee541bb392e5675c1e24c94c197f8b bce18b05a24f5e2c6743cbbe849a733091586176 82f791c205847646216d72b4ce65bc3587ca69d1da17a3a2afb477640822c4dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashf47cc320695635b544a761f72f3afc6f b7cee764dcb0a625e0f8e0b4a4fce04548a1bf76 78608be3d0d6aaaf0364aed316b8676ab28d23c9b6a8ac6c147cf5d16e5cc283
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2002
Cache-Control: max-age=119065
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:44 GMT
Etag: "63525317-1d7"
Expires: Sun, 23 Oct 2022 08:40:09 GMT
Last-Modified: Fri, 21 Oct 2022 08:06:47 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
|
|
| cdn.evgnet.com/beacon/lottoland/lottoland_com/scripts/evergage.min.js | 151.101.0.114 | 200 OK | 87 kB |
URL HTTP/2cdn.evgnet.com/beacon/lottoland/lottoland_com/scripts/evergage.min.js IP151.101.0.114:0
File typeUnicode text, UTF-8 text, with very long lines (11924) Hash7d4d80a938157e448131d44b5ba96f70 eb37e2e31cb91f09a64987f72f220a126a87ef0f 92db1b0408d1a53cb2dcb8b24c842f0072eb28347696f2ba0c3cd876eae51775
GET /beacon/lottoland/lottoland_com/scripts/evergage.min.js HTTP/1.1
Host: cdn.evgnet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eDXEVWsJAkQ57Ww+CZxpAUBIExCsVG5DKnccbihRZvKPnmdYmviA+3KMtQfWNMuoBuXGqhiBDoo=
x-amz-request-id: 0DFP2NA2VEBSG0X1
x-amz-replication-status: COMPLETED
last-modified: Fri, 21 Oct 2022 07:46:37 GMT
etag: "7d4d80a938157e448131d44b5ba96f70"
cache-control: max-age=120
content-encoding: gzip
x-amz-meta-evergage-beacon-ver: 14
x-amz-meta-evergage-sum: 735255171148d209d3a9230ba9c1e2e0865672e0
x-amz-version-id: sBgTImKiblri3O7akfjW6vQX8S8H.E5R
content-type: application/javascript; charset=utf-8
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 21 Oct 2022 23:35:44 GMT
age: 113
x-served-by: cache-iad-kiad7000034-IAD, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 6, 1
x-timer: S1666395345.810472,VS0,VE91
vary: Accept-Encoding
timing-allow-origin: *
content-length: 86573
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-N7JQ2W&l=gtmDataLayer | 142.250.74.168 | 200 OK | 62 kB |
URL HTTP/2www.googletagmanager.com/gtm.js?id=GTM-N7JQ2W&l=gtmDataLayer IP142.250.74.168:0
File typeASCII text, with very long lines (14236) Hash851a6f6082d77dbbabd7aab9a1648f39 363805e857c94167fc7a837904d0ac034383933d eefedf877182da4f2b24864a6c82c485e286b27831e02bdd2f9a08e2a702b852
GET /gtm.js?id=GTM-N7JQ2W&l=gtmDataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 21 Oct 2022 23:35:44 GMT
expires: Fri, 21 Oct 2022 23:35:44 GMT
cache-control: private, max-age=900
last-modified: Fri, 21 Oct 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 62524
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash94ee541bb392e5675c1e24c94c197f8b bce18b05a24f5e2c6743cbbe849a733091586176 82f791c205847646216d72b4ce65bc3587ca69d1da17a3a2afb477640822c4dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashb5478ad9a4e98dab9f3595d4de67a76d dad152f4e242193030e23e25b1d60d941f1a8db2 ea96f28983a63963c5f7744294671210d68446b029d20f4de4fb9770d505f97f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2340
Cache-Control: max-age=123344
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:45 GMT
Etag: "6352627d-117"
Expires: Sun, 23 Oct 2022 09:51:29 GMT
Last-Modified: Fri, 21 Oct 2022 09:12:29 GMT
Server: ECS (amb/6B85)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashb5478ad9a4e98dab9f3595d4de67a76d dad152f4e242193030e23e25b1d60d941f1a8db2 ea96f28983a63963c5f7744294671210d68446b029d20f4de4fb9770d505f97f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5962
Cache-Control: max-age=126966
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:45 GMT
Etag: "6352627d-117"
Expires: Sun, 23 Oct 2022 10:51:51 GMT
Last-Modified: Fri, 21 Oct 2022 09:12:29 GMT
Server: ECS (amb/6BA1)
X-Cache: HIT
Content-Length: 279
|
|
| push.services.mozilla.com/ | 34.213.92.18 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.213.92.18:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iE11rtc7QnNTp7bPl8lPGg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5BqZmFyCH9DVL2Zuf1qgTIXLrYE=
|
|
| tr.lottoland.com/lotto-tracking/api/v1/tr | 104.18.75.2 | 200 OK | 0 B |
URL HTTP/2tr.lottoland.com/lotto-tracking/api/v1/tr IP104.18.75.2:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /lotto-tracking/api/v1/tr HTTP/1.1
Host: tr.lottoland.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.lottoland.com/
Origin: https://www.lottoland.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 23:35:45 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.lottoland.com
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=Lhbf9Vp3M0Nh7hZACeuRVWHzZN4Ak_Cv0A3VK1pJKXA-1666395345-0-AUcMidVMq0eXp2996LkvjyiB3q9kBAY7cHaNPoQf/1auYQFqSZOSgKX4/710E4qj5Y/ae5E3hDItuNrOC5rHO3w=; path=/; expires=Sat, 22-Oct-22 00:05:45 GMT; domain=.lottoland.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75ddcfbb4cb9b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashb5478ad9a4e98dab9f3595d4de67a76d dad152f4e242193030e23e25b1d60d941f1a8db2 ea96f28983a63963c5f7744294671210d68446b029d20f4de4fb9770d505f97f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2340
Cache-Control: max-age=123344
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:45 GMT
Etag: "6352627d-117"
Expires: Sun, 23 Oct 2022 09:51:29 GMT
Last-Modified: Fri, 21 Oct 2022 09:12:29 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
|
|
| tr.lottoland.com/lotto-tracking/api/v1/tr | 104.18.75.2 | 200 OK | 22 B |
URL HTTP/2tr.lottoland.com/lotto-tracking/api/v1/tr IP104.18.75.2:0
File typegzip compressed data, from Unix\012- data Hash8bd3e739a9ba80a435f0214811da0c2a bfc17d1e04e56542eb8037f08ed142efd252ea82 a2dd5774b01bbfc29140279e02fea087df42a4c257dce8858226737a2e521986
POST /lotto-tracking/api/v1/tr HTTP/1.1
Host: tr.lottoland.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 298
Origin: https://www.lottoland.com
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 21 Oct 2022 23:35:45 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.lottoland.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=vP8J1y2ZawN3vcNhXXxLp12yMBdileJH7t9GnkOe_Wc-1666395345-0-AYMfrs8SzlNIBtUHEgzbVT5RmRhAW40cGq6FiYGiA7gSoxO2nMhIv7Ob3+cflYWT88mW+8WlmivYMNwOH/Np8F4=; path=/; expires=Sat, 22-Oct-22 00:05:45 GMT; domain=.lottoland.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 75ddcfbc2d37b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| pixel.mathtag.com/event/js?mt_pp=1&mt_adid=245335 | 23.38.200.207 | 200 OK | 2.5 kB |
URL HTTP/1.1pixel.mathtag.com/event/js?mt_pp=1&mt_adid=245335 IP23.38.200.207:0
Hashe10ca00ff91ce4e094ba0ff2a8e077aa f2adcd236d8b0522cd974dce81ce55f05944a1fb 0327dc18b60fe3200a466c0044e873f9e0698288c7f74de79da5f479ca1720de
GET /event/js?mt_pp=1&mt_adid=245335 HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 2506
Access-Control-Allow-Origin: *
Server: MT3 4539 98cc2da master iad-pixel-x14 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Fri, 21 Oct 2022 23:35:44 GMT
Date: Fri, 21 Oct 2022 23:35:45 GMT
Connection: keep-alive
Set-Cookie: uuid=07f56353-2cd1-4200-aec5-160ef3bdf89c; domain=.mathtag.com; path=/; expires=Sat, 18-Nov-2023 23:35:45 GMT; SameSite=None; Secure
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.88 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.88:0
Hash69534a38b33ff9d1b53b12c25392fd75 2f69c10bdc1eba2198e1c148b4e2636ccad51890 50274dbcaeb3d4bbf6c77be32d37c6d2f616214db6b4f46beb987064bbcbd99c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=157558
Date: Fri, 21 Oct 2022 23:35:45 GMT
Etag: "6352e3ee-1d7"
Expires: Sun, 23 Oct 2022 19:21:43 GMT
Last-Modified: Fri, 21 Oct 2022 18:24:46 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 63K6bg9mipUcLjeW4RlRQN7POcDTRd8eJ0WhZ6jOsMf26LrQU00Ynw==
Age: 3417
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.88 | 200 OK | 692 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.88:0
Hash7dfc4dd77ea6afbb19ea4c4660baa0c9 00bf2b64b0ac04f53b89fd174ac8c725cd1a945c ec753c50faab1328dadb58815ce2ecdf4398dbf694c9abadecad664a22a66d32
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=157775
Date: Fri, 21 Oct 2022 23:35:45 GMT
Etag: "6352e3ee-1d7"
Expires: Sun, 23 Oct 2022 19:25:20 GMT
Last-Modified: Fri, 21 Oct 2022 18:24:46 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Jdm35syNhbhiEDI3cwoIm-0rgcRl4brECqmfUOstEsUPrS74UAAWfw==
Age: 3634
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.88 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.88:0
Hash69534a38b33ff9d1b53b12c25392fd75 2f69c10bdc1eba2198e1c148b4e2636ccad51890 50274dbcaeb3d4bbf6c77be32d37c6d2f616214db6b4f46beb987064bbcbd99c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=154992
Date: Fri, 21 Oct 2022 23:35:45 GMT
Etag: "6352e3ee-1d7"
Expires: Sun, 23 Oct 2022 18:38:57 GMT
Last-Modified: Fri, 21 Oct 2022 18:24:46 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WTdvKK2n-2MWTgjRH-84wCXh_zDPlJtswxpjBHvLh1-I6vQBDA9ILg==
Age: 851
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 471 B |
IP104.18.32.68:0
Hashaed30c6ecd5af5cabeee67a392c66b42 0157e24f14b7745abdfbfe353f83c3d6c64430cd 1ef792f556dd8c37e08959df8706979ce45b913867a9554e7017d656161282c4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 23:35:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 05:50:35 GMT
Expires: Thu, 27 Oct 2022 05:50:34 GMT
Etag: "0157e24f14b7745abdfbfe353f83c3d6c64430cd"
Cache-Control: max-age=453888,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75ddcfbdedafb518-OSL
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 471 B |
IP104.18.32.68:0
Hashaed30c6ecd5af5cabeee67a392c66b42 0157e24f14b7745abdfbfe353f83c3d6c64430cd 1ef792f556dd8c37e08959df8706979ce45b913867a9554e7017d656161282c4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 23:35:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 05:50:35 GMT
Expires: Thu, 27 Oct 2022 05:50:34 GMT
Etag: "0157e24f14b7745abdfbfe353f83c3d6c64430cd"
Cache-Control: max-age=453888,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75ddcfbddeb3b523-OSL
|
|
| www.rvty.net/goto/px/key/5d9f40412398a?gtmcb=2048967785 | 89.163.211.242 | 302 Found | 0 B |
URL HTTP/1.1www.rvty.net/goto/px/key/5d9f40412398a?gtmcb=2048967785 IP89.163.211.242:0 ASN#24961 myLoc managed IT AG
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /goto/px/key/5d9f40412398a?gtmcb=2048967785 HTTP/1.1
Host: www.rvty.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.13.4
Date: Fri, 21 Oct 2022 23:35:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=g9hutnu986p6am6mmukqckn9ii; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
P3P: policyref="http://www.rvty.net/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
Location: https://brain.rvty.net/RTB/Track?k=5d9f40412398a&s=&hosted_table=&amount=
Access-Control-Allow-Origin: *, *
|
|
| www.rvty.net/goto/px/key/5d9f402ecb990?gtmcb=2063185855 | 89.163.211.242 | 302 Found | 0 B |
URL HTTP/1.1www.rvty.net/goto/px/key/5d9f402ecb990?gtmcb=2063185855 IP89.163.211.242:0 ASN#24961 myLoc managed IT AG
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /goto/px/key/5d9f402ecb990?gtmcb=2063185855 HTTP/1.1
Host: www.rvty.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.13.4
Date: Fri, 21 Oct 2022 23:35:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: PHPSESSID=b2kur4rc9aqmhj7ptclgahq3v7; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
P3P: policyref="http://www.rvty.net/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
Location: https://brain.rvty.net/RTB/Track?k=5d9f402ecb990&s=&hosted_table=&amount=
Access-Control-Allow-Origin: *, *
|
|
| www.sc.pages01.net/lp/static/js/iMAWebCookie.js?1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&h=www.pages01.net | 54.230.111.97 | 200 OK | 5.1 kB |
URL HTTP/2www.sc.pages01.net/lp/static/js/iMAWebCookie.js?1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&h=www.pages01.net IP54.230.111.97:0
File typeASCII text, with very long lines (533) Hashd67c446c2cab982c70305d63c3ff9015 08741352ebaae78ddabfbac3ba30888b13ea14ff b4842a6a73b1be94b6a5205776640c7af585e90daffa09db234c3bf553fa5e7d
GET /lp/static/js/iMAWebCookie.js?1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&h=www.pages01.net HTTP/1.1
Host: www.sc.pages01.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 5138
date: Fri, 21 Oct 2022 23:35:45 GMT
server: Apache
last-modified: Wed, 12 Oct 2022 02:31:59 GMT
etag: "3772-5eacd327de113-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
set-cookie: Silverpop_cookie=1955586058.17439.0000; path=/; Httponly; Secure;SameSite=None
strict-transport-security: max-age=16070400; includeSubDomains; preload
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _okEMYf07199nDiVk5grZ216Pen1j7LCf2ArNj3Acz9l6w8N3Y-Yzw==
X-Firefox-Spdy: h2
|
|
| brain.rvty.net/RTB/Track?k=5d9f40412398a&s=&hosted_table=&amount= | 89.163.211.233 | 200 | 43 B |
URL HTTP/1.1brain.rvty.net/RTB/Track?k=5d9f40412398a&s=&hosted_table=&amount= IP89.163.211.233:0 ASN#24961 myLoc managed IT AG
File typeGIF image data, version 89a, 1 x 1\012- data Hash07fff40b5dd495aca2ac4e1c3fbc60aa e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4 a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /RTB/Track?k=5d9f40412398a&s=&hosted_table=&amount= HTTP/1.1
Host: brain.rvty.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.lottoland.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx/1.13.4
Date: Fri, 21 Oct 2022 23:35:45 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: RTBUserId=cd9944f2-29fa-4143-9a89-e9ee9a90313c; domain=.rvty.net; path=/; SameSite=None; secure; Expires=Sat, 21 Oct 2023 23:35:45 GMT
RTBUserId-Old=cd9944f2-29fa-4143-9a89-e9ee9a90313c; domain=.rvty.net; path=/; secure; Expires=Sat, 21 Oct 2023 23:35:45 GMT
RTBUserId-Plain=cd9944f2-29fa-4143-9a89-e9ee9a90313c; domain=.rvty.net; path=/; Expires=Sat, 21 Oct 2023 23:35:45 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
|
|
| brain.rvty.net/RTB/Track?k=5d9f402ecb990&s=&hosted_table=&amount= | 89.163.211.233 | 200 | 43 B |
URL HTTP/1.1brain.rvty.net/RTB/Track?k=5d9f402ecb990&s=&hosted_table=&amount= IP89.163.211.233:0 ASN#24961 myLoc managed IT AG
File typeGIF image data, version 89a, 1 x 1\012- data Hash07fff40b5dd495aca2ac4e1c3fbc60aa e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4 a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /RTB/Track?k=5d9f402ecb990&s=&hosted_table=&amount= HTTP/1.1
Host: brain.rvty.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.lottoland.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: nginx/1.13.4
Date: Fri, 21 Oct 2022 23:35:45 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: RTBUserId=ba665426-f95a-4452-aeaf-168f8a117137; domain=.rvty.net; path=/; SameSite=None; secure; Expires=Sat, 21 Oct 2023 23:35:45 GMT
RTBUserId-Old=ba665426-f95a-4452-aeaf-168f8a117137; domain=.rvty.net; path=/; secure; Expires=Sat, 21 Oct 2023 23:35:45 GMT
RTBUserId-Plain=ba665426-f95a-4452-aeaf-168f8a117137; domain=.rvty.net; path=/; Expires=Sat, 21 Oct 2023 23:35:45 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
|
|
| lottoland.evergage.com/msreceiver?_r=441722&_ak=lottoland&_ds=lottoland_com&.anonId=7eefa26d9f306276&_anon=true&.cStat=%5B%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22F6PiH%22%2C%22stat%22%3A%22i%22%7D%5D%5D&.bv=14&.scv=208 | 3.226.206.162 | 204 No Content | 0 B |
URL HTTP/2lottoland.evergage.com/msreceiver?_r=441722&_ak=lottoland&_ds=lottoland_com&.anonId=7eefa26d9f306276&_anon=true&.cStat=%5B%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22F6PiH%22%2C%22stat%22%3A%22i%22%7D%5D%5D&.bv=14&.scv=208 IP3.226.206.162:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /msreceiver?_r=441722&_ak=lottoland&_ds=lottoland_com&.anonId=7eefa26d9f306276&_anon=true&.cStat=%5B%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22F6PiH%22%2C%22stat%22%3A%22i%22%7D%5D%5D&.bv=14&.scv=208 HTTP/1.1
Host: lottoland.evergage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.lottoland.com
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 21 Oct 2022 23:35:46 GMT
set-cookie: AWSALB=hnH5Z2p0i5H5UmwIasVkRCsLPEgoDX3oOVmcP5ducJa6gCKp0iD3/gBwLbzkn8haumuZbmLmlXnmJb8P5aDhmB9hNYkxgp6tguGmdJqCmG9Iw4cm8grQtjQ9pdln; Expires=Fri, 28 Oct 2022 23:35:46 GMT; Path=/
AWSALBCORS=hnH5Z2p0i5H5UmwIasVkRCsLPEgoDX3oOVmcP5ducJa6gCKp0iD3/gBwLbzkn8haumuZbmLmlXnmJb8P5aDhmB9hNYkxgp6tguGmdJqCmG9Iw4cm8grQtjQ9pdln; Expires=Fri, 28 Oct 2022 23:35:46 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: https://www.lottoland.com
timing-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash888a97463428b5825095b3a3fa153472 ae0897059e090610c72409462b8e6e6153a78da1 fe07a2acc1960d359b5f78a913585aab158fe902cf0798ba823eb192117e4ec4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE07A2ACC1960D359B5F78A913585AAB158FE902CF0798BA823EB192117E4EC4"
Last-Modified: Wed, 19 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5412
Expires: Sat, 22 Oct 2022 01:05:58 GMT
Date: Fri, 21 Oct 2022 23:35:46 GMT
Connection: keep-alive
|
|
| evergage.lottobirock.com/evergageListener?r=402137 | 52.211.32.132 | 200 OK | 2 B |
URL HTTP/1.1evergage.lottobirock.com/evergageListener?r=402137 IP52.211.32.132:0
File typeASCII text, with no line terminators Hashe0aa021e21dddbd6d8cecec71e9cf564 9ce3bd4224c8c1780db56b4125ecf3f24bf748b7 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /evergageListener?r=402137 HTTP/1.1
Host: evergage.lottobirock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 204
Origin: https://www.lottoland.com
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Fri, 21 Oct 2022 23:35:46 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, X-Requested-With, Authorization, Token
Strict-Transport-Security: max-age=31536000
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-QR4532DN83>m=2oeaj0&_p=1515369679&cid=932789792.1666395359&ul=en-us&sr=1280x1024&_s=1&sid=1666395358&sct=1&seg=0&dl=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&dt=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&en=page_view&_fv=1&_nsi=1&_ss=1 | 216.239.32.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-QR4532DN83>m=2oeaj0&_p=1515369679&cid=932789792.1666395359&ul=en-us&sr=1280x1024&_s=1&sid=1666395358&sct=1&seg=0&dl=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&dt=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&en=page_view&_fv=1&_nsi=1&_ss=1 IP216.239.32.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-QR4532DN83>m=2oeaj0&_p=1515369679&cid=932789792.1666395359&ul=en-us&sr=1280x1024&_s=1&sid=1666395358&sct=1&seg=0&dl=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&dt=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.lottoland.com
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.lottoland.com
date: Fri, 21 Oct 2022 23:35:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash56aa4d33e288d7ec3acf3ac1a61ef7f9 ac2e2f3609cc604dde554e37471567c042bf8191 544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17910
Expires: Sat, 22 Oct 2022 04:34:16 GMT
Date: Fri, 21 Oct 2022 23:35:46 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash56aa4d33e288d7ec3acf3ac1a61ef7f9 ac2e2f3609cc604dde554e37471567c042bf8191 544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17910
Expires: Sat, 22 Oct 2022 04:34:16 GMT
Date: Fri, 21 Oct 2022 23:35:46 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 722 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash35d422e8283e59f07d0bca478310c1b7 76e0992ac6e4945d031c8db7515a0bbad9d55d88 3979ef47114c3d02a79bae82fbcdd46d9431104b28f572419f072ddb049e799b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17910
Expires: Sat, 22 Oct 2022 04:34:16 GMT
Date: Fri, 21 Oct 2022 23:35:46 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash56aa4d33e288d7ec3acf3ac1a61ef7f9 ac2e2f3609cc604dde554e37471567c042bf8191 544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17910
Expires: Sat, 22 Oct 2022 04:34:16 GMT
Date: Fri, 21 Oct 2022 23:35:46 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg | 34.120.237.76 | 200 OK | 7.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf4fb0f4c9ac5a88678baf456107f5341 f6c54dbdfad7e243fe38c03f004c4c79f96b2892 b2fc6c453d7ed610521fcf34d7736a20191d86b485fd57236d2d2c4849cbb8d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7821
x-amzn-requestid: b3b72561-80fd-4b73-862c-ad070f135634
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-LzEkrIAMFmrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b1-73f427947c17f35667c0b443;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mq7h4TJkHKd-I9c01ao1yJ3izpJLRiMG_Sk3_e2pQDGCyunY2RlI3Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:02:32 GMT
age: 5594
etag: "f6c54dbdfad7e243fe38c03f004c4c79f96b2892"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.pages01.net/WTS/event.jpeg?accesskey=1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&v=1.31&isNewSession=1&type=pageview&isNewVisitor=1&sessionGUID=b9b2c8e6-c51d-b9a6-3714-c83dd76434bb&webSyncID=911b08d9-78ad-aae6-3b97-9a22d82ab855&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&newSiteVisit=1&hostname=www.lottoland.com&pathname=%2Flotto6aus49-12fuer1&newPageVisit=1&eventKey=89640cd9-95a5-0a51-98d1-dbae5b16dd2b | 35.169.63.124 | 200 OK | 0 B |
URL HTTP/1.1www.pages01.net/WTS/event.jpeg?accesskey=1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&v=1.31&isNewSession=1&type=pageview&isNewVisitor=1&sessionGUID=b9b2c8e6-c51d-b9a6-3714-c83dd76434bb&webSyncID=911b08d9-78ad-aae6-3b97-9a22d82ab855&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&newSiteVisit=1&hostname=www.lottoland.com&pathname=%2Flotto6aus49-12fuer1&newPageVisit=1&eventKey=89640cd9-95a5-0a51-98d1-dbae5b16dd2b IP35.169.63.124:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WTS/event.jpeg?accesskey=1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&v=1.31&isNewSession=1&type=pageview&isNewVisitor=1&sessionGUID=b9b2c8e6-c51d-b9a6-3714-c83dd76434bb&webSyncID=911b08d9-78ad-aae6-3b97-9a22d82ab855&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&newSiteVisit=1&hostname=www.lottoland.com&pathname=%2Flotto6aus49-12fuer1&newPageVisit=1&eventKey=89640cd9-95a5-0a51-98d1-dbae5b16dd2b HTTP/1.1
Host: www.pages01.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 23:35:46 GMT
Server: Apache
p3p: CP="CAO PSA OUR"
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Connection: close
Content-Type: image/jpeg
Set-Cookie: Silverpop_cookie=1955586058.4525.0000; path=/; Httponly; Secure;SameSite=None
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63520430-d90d-4f99-ad29-214d03cc1525.jpeg | 34.120.237.76 | 200 OK | 6.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63520430-d90d-4f99-ad29-214d03cc1525.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashcd562cc3980d93423b625d59deea0f95 5c8646f62e19f78579fca8473edcc4e5de0e161f b77d018b77f627e99ae6d6d2eac6c56d92499779abdbb85da3045ccb8df5211e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63520430-d90d-4f99-ad29-214d03cc1525.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6801
x-amzn-requestid: 668e33b2-d3e8-46c6-acae-b99777f605d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-M6HOBIAMFyNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b8-2b4e95e24c0dd2f33f8a2dc7;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DrXs0i2RMDtmHX8N4BN6LtiogZr56Da3yPFpye5siVtx0dZfLEXk7g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:02:19 GMT
age: 5607
etag: "5c8646f62e19f78579fca8473edcc4e5de0e161f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.dwin1.com/18852.js | 143.204.55.42 | 200 OK | 16 kB |
IP143.204.55.42:0
Hashd3ca349bf8103debfdc0c61ec8cdf981 b0eff3487a868e609fcec8b883b9c1b63cef56e5 bd4e3d462651571960159a1fccc41fda29f5ae143af2c585a2fd74c86db1096c
GET /18852.js HTTP/1.1
Host: www.dwin1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
x-amz-replication-status: COMPLETED
last-modified: Wed, 19 Oct 2022 10:18:03 GMT
x-amz-version-id: K2MH3bxIwSBrWrSTMGMSsJYWVUMsKxHn
server: AmazonS3
content-encoding: gzip
date: Fri, 21 Oct 2022 23:29:42 GMT
cache-control: max-age=600, s-maxage=600
etag: W/"9803e8af04c1171ff4d7626890faf2f7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jAd5ZOZf0MmjO0CmELu5jplEuqojNX2AiVk1BQJTEJOPi3KK_JbtzQ==
age: 364
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63f136cc-8688-48a8-a173-5f57e08e25bb.png | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63f136cc-8688-48a8-a173-5f57e08e25bb.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5ef386b42bd6b9efb747cfeb3d64fb7a db63f62383d513348c1ef231ea4fb58d7e1e044e 988cb73f0fef893d2d65a66fad0b171350102f4496fa5ba22e415d5929373d0f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63f136cc-8688-48a8-a173-5f57e08e25bb.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10684
x-amzn-requestid: 643c8e7b-15e9-4241-8ba1-e3f4a4592373
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-okE7AoAMFjDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63531169-705159c619bc23880acd4d42;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CWLtJnrAc5b0j1aPGbuOaGuPRYzwNM0xGGP1muEwkPsih8c0iryoGw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:05:57 GMT
age: 5389
etag: "db63f62383d513348c1ef231ea4fb58d7e1e044e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| lottoland.evergage.com/twreceiver?_r=243772&_ak=lottoland&_ds=lottoland_com&.anonId=7eefa26d9f306276&_anon=true&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&.dt=1420&.pt=13&.bt=250&.btdns=3&.pv=&.ple=3&.bv=14&.scv=208 | 3.226.206.162 | 200 OK | 9.6 kB |
URL HTTP/2lottoland.evergage.com/twreceiver?_r=243772&_ak=lottoland&_ds=lottoland_com&.anonId=7eefa26d9f306276&_anon=true&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&.dt=1420&.pt=13&.bt=250&.btdns=3&.pv=&.ple=3&.bv=14&.scv=208 IP3.226.206.162:0
Hashaba5d9387af8a758037b5bca42376848 211f9d623c126139e48434cdc54148de21c8ea2d c0325ad98e7d37adeed8882064a8f8b143710eb2e0c53d427ac3bc32d5f60171
GET /twreceiver?_r=243772&_ak=lottoland&_ds=lottoland_com&.anonId=7eefa26d9f306276&_anon=true&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&.dt=1420&.pt=13&.bt=250&.btdns=3&.pv=&.ple=3&.bv=14&.scv=208 HTTP/1.1
Host: lottoland.evergage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.lottoland.com
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 23:35:45 GMT
content-type: application/json;charset=UTF-8
set-cookie: AWSALB=mknm08MEAlmW5MQdww/WoqX16asRqWZUPVq1fG4Gr8NWyWCY48rF0fN8pJvoMYyAxrrAaWERAO1wAfocBSdIEp7zr9LJj6GPVOAV5h7pVZiiXVJRVjfQ5F+bb+QD; Expires=Fri, 28 Oct 2022 23:35:45 GMT; Path=/
AWSALBCORS=mknm08MEAlmW5MQdww/WoqX16asRqWZUPVq1fG4Gr8NWyWCY48rF0fN8pJvoMYyAxrrAaWERAO1wAfocBSdIEp7zr9LJj6GPVOAV5h7pVZiiXVJRVjfQ5F+bb+QD; Expires=Fri, 28 Oct 2022 23:35:45 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: https://www.lottoland.com
timing-allow-origin: *
x-content-type-options: nosniff
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1161ffd-d618-4da5-b16d-40f9f2fda316.jpeg | 34.120.237.76 | 200 OK | 8.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1161ffd-d618-4da5-b16d-40f9f2fda316.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash139dcd1a5232524efac37c0f9e482cae 7b28ad06ff24b0ff8fc29bd00e1736bad8a77c03 0d1d8e62b00d9f03f45cb1c59dcfd269b22ff4b54ea0bacdb88449ac2d4443dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1161ffd-d618-4da5-b16d-40f9f2fda316.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8133
x-amzn-requestid: 39a5952e-d747-4cfd-99cf-316e92a82835
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-kPGFooAMFV_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353114e-167f08dd48e9934c48c196ff;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8VL0kOr2ur7BbAOZjmnWcLhv-uaDWMh5eh1bkoc1Dq8U8DiM1Hz8Tw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:10 GMT
age: 5736
etag: "7b28ad06ff24b0ff8fc29bd00e1736bad8a77c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.pages01.net/WTS/event.jpeg?accesskey=1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&v=1.31&isNewSession=0&type=pageview&isNewVisitor=1&sessionGUID=b9b2c8e6-c51d-b9a6-3714-c83dd76434bb&webSyncID=911b08d9-78ad-aae6-3b97-9a22d82ab855&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&newSiteVisit=0&hostname=www.lottoland.com&pathname=%2Flotto6aus49-12fuer1&newPageVisit=0&eventKey=cea925bc-c817-160e-4cbd-2305c749dae4 | 35.169.63.124 | 200 OK | 0 B |
URL HTTP/1.1www.pages01.net/WTS/event.jpeg?accesskey=1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&v=1.31&isNewSession=0&type=pageview&isNewVisitor=1&sessionGUID=b9b2c8e6-c51d-b9a6-3714-c83dd76434bb&webSyncID=911b08d9-78ad-aae6-3b97-9a22d82ab855&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&newSiteVisit=0&hostname=www.lottoland.com&pathname=%2Flotto6aus49-12fuer1&newPageVisit=0&eventKey=cea925bc-c817-160e-4cbd-2305c749dae4 IP35.169.63.124:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WTS/event.jpeg?accesskey=1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&v=1.31&isNewSession=0&type=pageview&isNewVisitor=1&sessionGUID=b9b2c8e6-c51d-b9a6-3714-c83dd76434bb&webSyncID=911b08d9-78ad-aae6-3b97-9a22d82ab855&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&newSiteVisit=0&hostname=www.lottoland.com&pathname=%2Flotto6aus49-12fuer1&newPageVisit=0&eventKey=cea925bc-c817-160e-4cbd-2305c749dae4 HTTP/1.1
Host: www.pages01.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 23:35:46 GMT
Server: Apache
p3p: CP="CAO PSA OUR"
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Connection: close
Content-Type: image/jpeg
Set-Cookie: Silverpop_cookie=1653596170.4525.0000; path=/; Httponly; Secure;SameSite=None
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash2eaba36da86177a324dc3f59051e88f8 8248e37c850c10c13b3b55e85e81869984ff98ea c62416a009668f178cc78773d72276b0d2999cad0ec94cf8ccbfe1090c3bd844
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2599
Cache-Control: max-age=140541
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:46 GMT
Etag: "6352a4a8-1d7"
Expires: Sun, 23 Oct 2022 14:38:07 GMT
Last-Modified: Fri, 21 Oct 2022 13:54:48 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
|
|
| www.google-analytics.com/analytics.js | 142.250.74.174 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.174:0
File typeASCII text, with very long lines (1325) Hash47e6f374ca946fddd5b59871b325736c baa9282efc8785e84d247c3bff518eaa45f101c4 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 21 Oct 2022 22:41:09 GMT
expires: Sat, 22 Oct 2022 00:41:09 GMT
cache-control: public, max-age=7200
age: 3277
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash560156f6d5190899cb52b7d5b589b9de 0561a7d673fe87bf4cb19a0c103ae8a4bca7499a f6797c46b407b9c884c5fcd1449d25db4203dfc946ff60ac8a1043ee3fa92d41
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5250
Cache-Control: max-age=160812
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:46 GMT
Etag: "6352e97c-1d7"
Expires: Sun, 23 Oct 2022 20:15:58 GMT
Last-Modified: Fri, 21 Oct 2022 18:48:28 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash06210a4a9db522652fd6aabfa05b2653 630b4ef71ec82a3970927a328d279035eaaa1267 5100e1703020fdef7d473c91e1c88dfb734083057f431feeefaaa24838990a21
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| connect.facebook.net/en_US/fbevents.js | 31.13.72.12 | 200 OK | 27 kB |
URL HTTP/2connect.facebook.net/en_US/fbevents.js IP31.13.72.12:0
File typeASCII text, with very long lines (64348) Hash71875f848896ee82a106224e048bd060 277a624e507dff2cd9cff104aa0c5618ca76e105 a22635e404a419027fc88eee705d254910d05d481953733d5e1fda4bc6ab3c5b
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: IBQztwU06pJw3+qJbUEiw1F0gGkmWh+vXOlc5/pZXN00AgfR7uzwh8vwdRABe+R6jdIpAusS6aQ4W1TqKVyAcA==
content-length: 27027
x-fb-trip-id: 1904183273
date: Fri, 21 Oct 2022 23:35:46 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| pubads.g.doubleclick.net/activity;dc_iu=/8804/DFPAudiencePixel;ord=6121924253188.938;dc_seg=6657370401? | 216.58.211.2 | 200 OK | 42 B |
URL HTTP/2pubads.g.doubleclick.net/activity;dc_iu=/8804/DFPAudiencePixel;ord=6121924253188.938;dc_seg=6657370401? IP216.58.211.2:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /activity;dc_iu=/8804/DFPAudiencePixel;ord=6121924253188.938;dc_seg=6657370401? HTTP/1.1
Host: pubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 21 Oct 2022 23:35:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 21-Oct-2022 23:50:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 16 kB |
IP93.184.220.29:0
File typegzip compressed data, max speed\012- data Hashac772f43e52d064b6716385f4124850f c90fb082184599d2e06a69b8989259817251bece 28f63c291e7d69845b4f05a3f67be659ffbe3a46c1b1df2de8a7d445cf0f5586
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2599
Cache-Control: max-age=140541
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:46 GMT
Etag: "6352a4a8-1d7"
Expires: Sun, 23 Oct 2022 14:38:07 GMT
Last-Modified: Fri, 21 Oct 2022 13:54:48 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
|
|
| www.google-analytics.com/j/collect?v=1&_v=j98&a=1515369679&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&ul=en-us&de=UTF-8&dt=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IAhAAEABAAAAACAAM~&jid=1463448555&gjid=1374850584&cid=932789792.1666395359&tid=UA-28776713-12&_gid=652002902.1666395360&_r=1&_slc=1&z=434373425 | 142.250.74.174 | 200 OK | 4 B |
URL HTTP/2www.google-analytics.com/j/collect?v=1&_v=j98&a=1515369679&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&ul=en-us&de=UTF-8&dt=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IAhAAEABAAAAACAAM~&jid=1463448555&gjid=1374850584&cid=932789792.1666395359&tid=UA-28776713-12&_gid=652002902.1666395360&_r=1&_slc=1&z=434373425 IP142.250.74.174:0
File typeASCII text, with no line terminators Hash9e92e190700c1af4539b40c2171320a9 209bcdb79e6067b51091ce8586d4b977f25b67d8 aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j98&a=1515369679&t=pageview&_s=1&dl=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&ul=en-us&de=UTF-8&dt=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IAhAAEABAAAAACAAM~&jid=1463448555&gjid=1374850584&cid=932789792.1666395359&tid=UA-28776713-12&_gid=652002902.1666395360&_r=1&_slc=1&z=434373425 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.lottoland.com
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.lottoland.com
date: Fri, 21 Oct 2022 23:35:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| pixel.mathtag.com/event/js?mt_pp=2&version=1.1&delimiter=%5BINSERT%20DELIMITER%5D&mt_exem=%5BINSERT%20SHA-256%20HASHED%20EMAIL%5D&industry=Gambling&mt_adid=245335&event_type=catchall&mt_id=1541395¤cy=%5BINSERT%20MACRO%5D&duration_days=%5BINSERT%20MACRO%5D&order_id=%5BINSERT%20MACRO%5D&product_category=%5BINSERT%20MACRO%5D&product_id=%5BINSERT%20MACRO%5D&product_price=%5BINSERT%20MACRO%5D&product_quantity=%5BINSERT%20MACRO%5D&promotion_id_1=%5BINSERT%20MACRO%5D&revenue=%5BINSERT%20MACRO%5D&v3=%5BINSERT%20MACRO%5D&language=en-US%2Cen%3Bq%3D0.5&mt_lim=20&document_title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&location=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&document_path=%2Flotto6aus49-12fuer1&v1=%5BINSERT%20MACRO%5D&v2=%5BINSERT%20MACRO%5D&mt_cb=1666395358984 | 23.38.200.207 | 200 OK | 1.5 kB |
URL HTTP/1.1pixel.mathtag.com/event/js?mt_pp=2&version=1.1&delimiter=%5BINSERT%20DELIMITER%5D&mt_exem=%5BINSERT%20SHA-256%20HASHED%20EMAIL%5D&industry=Gambling&mt_adid=245335&event_type=catchall&mt_id=1541395¤cy=%5BINSERT%20MACRO%5D&duration_days=%5BINSERT%20MACRO%5D&order_id=%5BINSERT%20MACRO%5D&product_category=%5BINSERT%20MACRO%5D&product_id=%5BINSERT%20MACRO%5D&product_price=%5BINSERT%20MACRO%5D&product_quantity=%5BINSERT%20MACRO%5D&promotion_id_1=%5BINSERT%20MACRO%5D&revenue=%5BINSERT%20MACRO%5D&v3=%5BINSERT%20MACRO%5D&language=en-US%2Cen%3Bq%3D0.5&mt_lim=20&document_title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&location=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&document_path=%2Flotto6aus49-12fuer1&v1=%5BINSERT%20MACRO%5D&v2=%5BINSERT%20MACRO%5D&mt_cb=1666395358984 IP23.38.200.207:0
Hash03a940aa94d60489983b68291ff13d93 50edbcdb69c1c42db15ac67ff6354c63d0b46955 60fd3a42a1af41e100327224b372ea7af6e9f7c3e67bfed4e610d7917a629055
GET /event/js?mt_pp=2&version=1.1&delimiter=%5BINSERT%20DELIMITER%5D&mt_exem=%5BINSERT%20SHA-256%20HASHED%20EMAIL%5D&industry=Gambling&mt_adid=245335&event_type=catchall&mt_id=1541395¤cy=%5BINSERT%20MACRO%5D&duration_days=%5BINSERT%20MACRO%5D&order_id=%5BINSERT%20MACRO%5D&product_category=%5BINSERT%20MACRO%5D&product_id=%5BINSERT%20MACRO%5D&product_price=%5BINSERT%20MACRO%5D&product_quantity=%5BINSERT%20MACRO%5D&promotion_id_1=%5BINSERT%20MACRO%5D&revenue=%5BINSERT%20MACRO%5D&v3=%5BINSERT%20MACRO%5D&language=en-US%2Cen%3Bq%3D0.5&mt_lim=20&document_title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&location=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&document_path=%2Flotto6aus49-12fuer1&v1=%5BINSERT%20MACRO%5D&v2=%5BINSERT%20MACRO%5D&mt_cb=1666395358984 HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1503
Access-Control-Allow-Origin: *
Server: MT3 4539 98cc2da master iad-pixel-x19 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Fri, 21 Oct 2022 23:35:45 GMT
Date: Fri, 21 Oct 2022 23:35:46 GMT
Connection: keep-alive
Set-Cookie: uuid=6b976353-2cd2-4b00-9142-47941e6c61e3; domain=.mathtag.com; path=/; expires=Sat, 18-Nov-2023 23:35:46 GMT; SameSite=None; Secure
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash06210a4a9db522652fd6aabfa05b2653 630b4ef71ec82a3970927a328d279035eaaa1267 5100e1703020fdef7d473c91e1c88dfb734083057f431feeefaaa24838990a21
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| pixel.mathtag.com/sync/iframe?mt_uuid=6b976353-2cd2-4b00-9142-47941e6c61e3&no_iframe=1&mt_adid=245335&mt_lim=20&source=mathtag | 23.38.200.207 | 200 OK | 713 B |
URL HTTP/1.1pixel.mathtag.com/sync/iframe?mt_uuid=6b976353-2cd2-4b00-9142-47941e6c61e3&no_iframe=1&mt_adid=245335&mt_lim=20&source=mathtag IP23.38.200.207:0
File typeHTML document text\012- HTML document, ASCII text Hashf853f2ecf3f2d763c4057f4ff5c3e4e8 0f9ca6de16aa4261f1202443311462a81717dd85 8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da
GET /sync/iframe?mt_uuid=6b976353-2cd2-4b00-9142-47941e6c61e3&no_iframe=1&mt_adid=245335&mt_lim=20&source=mathtag HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 713
Access-Control-Allow-Origin: *
Server: MT3 4539 98cc2da master iad-pixel-x31 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Fri, 21 Oct 2022 23:35:45 GMT
Date: Fri, 21 Oct 2022 23:35:46 GMT
Connection: keep-alive
|
|
| s2.adform.net/banners/scripts/st/trackpoint-async.js | 37.157.2.248 | 200 OK | 31 kB |
URL HTTP/2s2.adform.net/banners/scripts/st/trackpoint-async.js IP37.157.2.248:0
Hash2c4c8842224309163b2c49196f8edd8b da58d1c9e6e196158924f54ca6d6f53cc02435ea ad23a6310a683184c3295f88e4c7d08ffe62427aba93d132004f1789be3b331d
GET /banners/scripts/st/trackpoint-async.js HTTP/1.1
Host: s2.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 21 Oct 2022 23:35:46 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 05 Oct 2022 12:23:24 GMT
x-rgw-object-type: Normal
etag: W/"4cb8e818a3c8dda5fd80d6d9a55d958d"
x-amz-request-id: tx000008e678274a1afb0c9-006353174f-329373d4-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| track.adform.net/Serving/TrackPoint/?pm=1388237&ADFPageName=Landing%20Page%20DE&ADFdivider=%7C&ord=793824525559&ADFtpmode=2&loc=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&Set1=en-US%7Cen-US%7C1280x1024%7C24 | 37.157.5.142 | 302 Found | 564 B |
URL HTTP/2track.adform.net/Serving/TrackPoint/?pm=1388237&ADFPageName=Landing%20Page%20DE&ADFdivider=%7C&ord=793824525559&ADFtpmode=2&loc=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&Set1=en-US%7Cen-US%7C1280x1024%7C24 IP37.157.5.142:0
Hash28929377b3ff784f7622538111a7c158 a44c41e4b61ea9bbe03a204177396b89bc36a53a d352e3675919e97cccefdfd6edf28a91c4cbae550974bc59258eacc66602d0d7
GET /Serving/TrackPoint/?pm=1388237&ADFPageName=Landing%20Page%20DE&ADFdivider=%7C&ord=793824525559&ADFtpmode=2&loc=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 21 Oct 2022 23:35:46 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1388237&ADFPageName=Landing%20Page%20DE&ADFdivider=%7C&ord=793824525559&ADFtpmode=2&loc=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&Set1=en-US%7Cen-US%7C1280x1024%7C24
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Tue, 22-Nov-2022 00:35:46 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashd8ad2cc67fe4edf14ed9497ee349419b b11f1d3df0e57e5967f39f8dfeb97af5138edd5f b459e908234aaa71dd46eafb74920476176f9f8136fc2df0cdd7eecb744d35c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash9f4b1d3c4fdfbd28fa4afc92115bd9f9 365125fe68f668bae6f3c13ef21d92bb00783ebe 92ea3ab34acb6f2464ef06496365dd1a54767519d3429346849898739bf05bb5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28776713-12&cid=932789792.1666395359&jid=1463448555&_u=IAhAAEAAAAAAACAAM~&z=1913016990 | 142.250.74.3 | 200 OK | 42 B |
URL HTTP/2www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28776713-12&cid=932789792.1666395359&jid=1463448555&_u=IAhAAEAAAAAAACAAM~&z=1913016990 IP142.250.74.3:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28776713-12&cid=932789792.1666395359&jid=1463448555&_u=IAhAAEAAAAAAACAAM~&z=1913016990 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 21 Oct 2022 23:35:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.facebook.com/tr/?id=2104094796432765&ev=PageView&dl=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&rl=&if=false&ts=1666395360133&sw=1280&sh=1024&v=2.9.87&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1666395360132.1890927278&it=1666395359899&coo=false&tm=1&rqm=GET | 31.13.72.36 | 200 OK | 0 B |
URL HTTP/2www.facebook.com/tr/?id=2104094796432765&ev=PageView&dl=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&rl=&if=false&ts=1666395360133&sw=1280&sh=1024&v=2.9.87&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1666395360132.1890927278&it=1666395359899&coo=false&tm=1&rqm=GET IP31.13.72.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=2104094796432765&ev=PageView&dl=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&rl=&if=false&ts=1666395360133&sw=1280&sh=1024&v=2.9.87&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1666395360132.1890927278&it=1666395359899&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 21 Oct 2022 23:35:46 GMT
X-Firefox-Spdy: h2
|
|
| www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28776713-12&cid=932789792.1666395359&jid=1463448555&_u=IAhAAEAAAAAAACAAM~&z=1913016990 | 142.250.74.164 | 200 OK | 42 B |
URL HTTP/2www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28776713-12&cid=932789792.1666395359&jid=1463448555&_u=IAhAAEAAAAAAACAAM~&z=1913016990 IP142.250.74.164:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-28776713-12&cid=932789792.1666395359&jid=1463448555&_u=IAhAAEAAAAAAACAAM~&z=1913016990 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 21 Oct 2022 23:35:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashd8ad2cc67fe4edf14ed9497ee349419b b11f1d3df0e57e5967f39f8dfeb97af5138edd5f b459e908234aaa71dd46eafb74920476176f9f8136fc2df0cdd7eecb744d35c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash1b0cd7fce51616614b5ebb265d02c2f7 6748d7df7c347bbe06afb2155fff3bbc8bf50eb0 d41beb047830bdacb772b75123c39906db8edcd49fdc8c9a00258a2556efd1c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:35:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| lottoland.evergage.com/pr?_r=904549&_ak=lottoland&_ds=lottoland_com&.scv=208&.anonId=7eefa26d9f306276&_anon=true&.top=1590&.lt=3073&.tt=406&.ttdns=1 | 3.226.206.162 | 204 No Content | 0 B |
URL HTTP/2lottoland.evergage.com/pr?_r=904549&_ak=lottoland&_ds=lottoland_com&.scv=208&.anonId=7eefa26d9f306276&_anon=true&.top=1590&.lt=3073&.tt=406&.ttdns=1 IP3.226.206.162:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pr?_r=904549&_ak=lottoland&_ds=lottoland_com&.scv=208&.anonId=7eefa26d9f306276&_anon=true&.top=1590&.lt=3073&.tt=406&.ttdns=1 HTTP/1.1
Host: lottoland.evergage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.lottoland.com
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 21 Oct 2022 23:35:47 GMT
set-cookie: AWSALB=iq3zp1AbXc91UXo4rd/smhVxmSfSJfxNO/Cu8MnHKqabIAszOeDLVoQIB5iJir0iXzhNaRnHEKnaZ6FeG80sriqiy4rLpGBiaT1RgV7MK+stqIw9jRRN3NIr2rz1; Expires=Fri, 28 Oct 2022 23:35:47 GMT; Path=/
AWSALBCORS=iq3zp1AbXc91UXo4rd/smhVxmSfSJfxNO/Cu8MnHKqabIAszOeDLVoQIB5iJir0iXzhNaRnHEKnaZ6FeG80sriqiy4rLpGBiaT1RgV7MK+stqIw9jRRN3NIr2rz1; Expires=Fri, 28 Oct 2022 23:35:47 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: https://www.lottoland.com
timing-allow-origin: *
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| www.pages01.net/WTS/event.jpeg?accesskey=1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&v=1.31&isNewSession=0&type=pageview&isNewVisitor=1&sessionGUID=b9b2c8e6-c51d-b9a6-3714-c83dd76434bb&webSyncID=911b08d9-78ad-aae6-3b97-9a22d82ab855&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&newSiteVisit=0&hostname=www.lottoland.com&pathname=%2Flotto6aus49-12fuer1&newPageVisit=0&eventKey=1d2a02d4-d3a7-22eb-b864-5e43c4e03504 | 35.169.63.124 | 200 OK | 0 B |
URL HTTP/1.1www.pages01.net/WTS/event.jpeg?accesskey=1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&v=1.31&isNewSession=0&type=pageview&isNewVisitor=1&sessionGUID=b9b2c8e6-c51d-b9a6-3714-c83dd76434bb&webSyncID=911b08d9-78ad-aae6-3b97-9a22d82ab855&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&newSiteVisit=0&hostname=www.lottoland.com&pathname=%2Flotto6aus49-12fuer1&newPageVisit=0&eventKey=1d2a02d4-d3a7-22eb-b864-5e43c4e03504 IP35.169.63.124:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WTS/event.jpeg?accesskey=1b1965b5-13dfe1902f8-c2a8af96738cc20073a7254c07aedd78&v=1.31&isNewSession=0&type=pageview&isNewVisitor=1&sessionGUID=b9b2c8e6-c51d-b9a6-3714-c83dd76434bb&webSyncID=911b08d9-78ad-aae6-3b97-9a22d82ab855&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&newSiteVisit=0&hostname=www.lottoland.com&pathname=%2Flotto6aus49-12fuer1&newPageVisit=0&eventKey=1d2a02d4-d3a7-22eb-b864-5e43c4e03504 HTTP/1.1
Host: www.pages01.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Cookie: Silverpop_cookie=1653596170.4525.0000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 23:35:47 GMT
Server: Apache
p3p: CP="CAO PSA OUR"
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Connection: close
Content-Type: image/jpeg
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
|
|
| www.lottoland.com/lotto6aus49-12fuer1 | 104.17.214.185 | 200 OK | 0 B |
URL HTTP/2www.lottoland.com/lotto6aus49-12fuer1 IP104.17.214.185:0
GET /lotto6aus49-12fuer1 HTTP/1.1
Host: www.lottoland.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: route=1666395345.314.1256.345859|107af3ac26dde70c7eaf6c2546e21e24; pid=email_369431_de; sid=b4c8367242b30dceeadaf8e58269f547-20221006.7314.pool; csfcfc=FtOBvf6LO%2FIYRw%3D%3D; JSESSIONID=ce70dc009d7295aeaa93311b7b4a.lotto-lotto-web-74cfcb46f5-c2q5g; __cf_bm=wYbHc7z_KMr0FykCSeIvF35tujdxuXmdt0Ab_3m6pWs-1666395344-0-AabPPCJYQ4D1fw3eEIWS/BUHt6pIyrBRBeDrMqHkBuB4kOvywu+kVieMcnPLDyR30emqXEd2TOxeTDPGuP15K3g=; __cfruid=f362502476ecfb40b878e6303d935fcba53e4c50-1666395344
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Fri, 21 Oct 2022 23:35:44 GMT
content-type: text/html;charset=UTF-8
cf-ray: 75ddcfb67cd31c02-OSL
strict-transport-security: max-age=15724800; includeSubDomains
vary: User-Agent, Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
set-cookie: RMC=mNFdg0IcdgdMXT3RCAseGkgEOmYMbX9.1gfuee3kb.de_DE; Expires=Fri, 20-Oct-2023 23:35:44 GMT; Path=/; SameSite=None; Secure; Secure; HttpOnly
launchMappingId=%2Flotto6aus49%2D12fuer1; Path=/; SameSite=None; Secure
mappingId=%2Flotto6aus49%2D12fuer1; Path=/; SameSite=None; Secure
growlsToBeClosed=clear; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; SameSite=None; Secure
csfcfc=e9SEu%2FmNVMwQaicaQjNp%2FsGcAw%3D%3D; Path=/; SameSite=None; Secure; Secure; HttpOnly
JSESSIONID=ce70dc009d7295aeaa93311b7b4a.lotto-lotto-web-74cfcb46f5-c2q5g; Path=/; SameSite=None; Secure; Secure; HttpOnly
server: cloudflare
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lottoland.evergage.com/er?.em=can%27t%20access%20property%20%22indexOf%22%2C%20ajq(...).data(...)%20is%20undefined&.es=invokeDataCollectionFunction&.ef=window.evergageBeforeSiteConfigExecution%2F%3C&.eu=https%3A%2F%2Fcdn.evgnet.com%2Fbeacon%2Flottoland%2Flottoland_com%2Fscripts%2Fevergage.min.js&_ak=lottoland&_ds=lottoland_com&.scv=208&.anonId=7eefa26d9f306276&_anon=true&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&.bv=14&_r=901102 | 3.226.206.162 | 200 OK | 0 B |
URL HTTP/2lottoland.evergage.com/er?.em=can%27t%20access%20property%20%22indexOf%22%2C%20ajq(...).data(...)%20is%20undefined&.es=invokeDataCollectionFunction&.ef=window.evergageBeforeSiteConfigExecution%2F%3C&.eu=https%3A%2F%2Fcdn.evgnet.com%2Fbeacon%2Flottoland%2Flottoland_com%2Fscripts%2Fevergage.min.js&_ak=lottoland&_ds=lottoland_com&.scv=208&.anonId=7eefa26d9f306276&_anon=true&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&.bv=14&_r=901102 IP3.226.206.162:0
GET /er?.em=can%27t%20access%20property%20%22indexOf%22%2C%20ajq(...).data(...)%20is%20undefined&.es=invokeDataCollectionFunction&.ef=window.evergageBeforeSiteConfigExecution%2F%3C&.eu=https%3A%2F%2Fcdn.evgnet.com%2Fbeacon%2Flottoland%2Flottoland_com%2Fscripts%2Fevergage.min.js&_ak=lottoland&_ds=lottoland_com&.scv=208&.anonId=7eefa26d9f306276&_anon=true&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&.bv=14&_r=901102 HTTP/1.1
Host: lottoland.evergage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 23:35:45 GMT
content-type: image/gif
set-cookie: AWSALB=MdHT3yDEJ7pkJ5r/OlDLn/PZh4JdXNn/2lbwBpyjzXByn4r6DjWP/RI3w8/l10NXzSm+u759Men7vfaYpB8mFZ/NXGcnxxmJUh8eRZPf6iQVvmXgtmCtwKOv+SaW; Expires=Fri, 28 Oct 2022 23:35:45 GMT; Path=/
AWSALBCORS=MdHT3yDEJ7pkJ5r/OlDLn/PZh4JdXNn/2lbwBpyjzXByn4r6DjWP/RI3w8/l10NXzSm+u759Men7vfaYpB8mFZ/NXGcnxxmJUh8eRZPf6iQVvmXgtmCtwKOv+SaW; Expires=Fri, 28 Oct 2022 23:35:45 GMT; Path=/; SameSite=None; Secure
timing-allow-origin: *
expires: Sat, 22 Oct 2022 23:35:45 GMT
cache-control: private, max-age=86400000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| lottoland.evergage.com/er?.em=Syntax%20error%2C%20unrecognized%20expression%3A%20div.l-carousel-subContainer%20%26gt%3B%20div.l-carousel-allPodContainer&.es=jQueryObjectSyntaxError&.ef=ga.error&.eu=https%3A%2F%2Fwww.lottoland.com%2Fde_DE%2Fskins%2Flottoland%2Fjs%2Flib%2Fjquery-3.2.1.min-8f9d10308fc5677a.js&_ak=lottoland&_ds=lottoland_com&.scv=208&.anonId=7eefa26d9f306276&_anon=true&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&.bv=14&_r=311882 | 3.226.206.162 | 200 OK | 0 B |
URL HTTP/2lottoland.evergage.com/er?.em=Syntax%20error%2C%20unrecognized%20expression%3A%20div.l-carousel-subContainer%20%26gt%3B%20div.l-carousel-allPodContainer&.es=jQueryObjectSyntaxError&.ef=ga.error&.eu=https%3A%2F%2Fwww.lottoland.com%2Fde_DE%2Fskins%2Flottoland%2Fjs%2Flib%2Fjquery-3.2.1.min-8f9d10308fc5677a.js&_ak=lottoland&_ds=lottoland_com&.scv=208&.anonId=7eefa26d9f306276&_anon=true&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&.bv=14&_r=311882 IP3.226.206.162:0
GET /er?.em=Syntax%20error%2C%20unrecognized%20expression%3A%20div.l-carousel-subContainer%20%26gt%3B%20div.l-carousel-allPodContainer&.es=jQueryObjectSyntaxError&.ef=ga.error&.eu=https%3A%2F%2Fwww.lottoland.com%2Fde_DE%2Fskins%2Flottoland%2Fjs%2Flib%2Fjquery-3.2.1.min-8f9d10308fc5677a.js&_ak=lottoland&_ds=lottoland_com&.scv=208&.anonId=7eefa26d9f306276&_anon=true&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&.bv=14&_r=311882 HTTP/1.1
Host: lottoland.evergage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 23:35:45 GMT
content-type: image/gif
set-cookie: AWSALB=BcoJ5BZ/6ex2+Uq0i0A1601VG0TeT4EYa0Fph962WkdmttIJpiTjTb0U4EtqEiH1CdN4Us9+ERqD/CH2dISxZQcLYJKHarOVG0XZpSOtZ6Wkkl3zsGtqXoG5MsH0; Expires=Fri, 28 Oct 2022 23:35:45 GMT; Path=/
AWSALBCORS=BcoJ5BZ/6ex2+Uq0i0A1601VG0TeT4EYa0Fph962WkdmttIJpiTjTb0U4EtqEiH1CdN4Us9+ERqD/CH2dISxZQcLYJKHarOVG0XZpSOtZ6Wkkl3zsGtqXoG5MsH0; Expires=Fri, 28 Oct 2022 23:35:45 GMT; Path=/; SameSite=None; Secure
timing-allow-origin: *
expires: Sat, 22 Oct 2022 23:35:45 GMT
cache-control: private, max-age=86400000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| lottoland.evergage.com/er?.em=Syntax%20error%2C%20unrecognized%20expression%3A%20p.new-cta-after-optin%20%26gt%3B%20a.btn&.es=jQueryObjectSyntaxError&.ef=ga.error&.eu=https%3A%2F%2Fwww.lottoland.com%2Fde_DE%2Fskins%2Flottoland%2Fjs%2Flib%2Fjquery-3.2.1.min-8f9d10308fc5677a.js&_ak=lottoland&_ds=lottoland_com&.scv=208&.anonId=7eefa26d9f306276&_anon=true&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&.bv=14&_r=073142 | 3.226.206.162 | 200 OK | 0 B |
URL HTTP/2lottoland.evergage.com/er?.em=Syntax%20error%2C%20unrecognized%20expression%3A%20p.new-cta-after-optin%20%26gt%3B%20a.btn&.es=jQueryObjectSyntaxError&.ef=ga.error&.eu=https%3A%2F%2Fwww.lottoland.com%2Fde_DE%2Fskins%2Flottoland%2Fjs%2Flib%2Fjquery-3.2.1.min-8f9d10308fc5677a.js&_ak=lottoland&_ds=lottoland_com&.scv=208&.anonId=7eefa26d9f306276&_anon=true&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&.bv=14&_r=073142 IP3.226.206.162:0
GET /er?.em=Syntax%20error%2C%20unrecognized%20expression%3A%20p.new-cta-after-optin%20%26gt%3B%20a.btn&.es=jQueryObjectSyntaxError&.ef=ga.error&.eu=https%3A%2F%2Fwww.lottoland.com%2Fde_DE%2Fskins%2Flottoland%2Fjs%2Flib%2Fjquery-3.2.1.min-8f9d10308fc5677a.js&_ak=lottoland&_ds=lottoland_com&.scv=208&.anonId=7eefa26d9f306276&_anon=true&url=https%3A%2F%2Fwww.lottoland.com%2Flotto6aus49-12fuer1&title=LOTTO%206aus49%2012%20TIPPFELDER%20F%C3%9CR%20NUR%201%E2%82%AC&.bv=14&_r=073142 HTTP/1.1
Host: lottoland.evergage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lottoland.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 23:35:45 GMT
content-type: image/gif
set-cookie: AWSALB=qa67n54XA5ePlHH0JYQoZ9ZI8Ojx3WkcWL23qcEEbpmrjE32Og5UJVhLVtUqemIGRzYCjBEvJQ+2b3vqH0jlyh75TskcDT0TYpHfA4IBi3CYHH/aRVruq/CV3eXJ; Expires=Fri, 28 Oct 2022 23:35:45 GMT; Path=/
AWSALBCORS=qa67n54XA5ePlHH0JYQoZ9ZI8Ojx3WkcWL23qcEEbpmrjE32Og5UJVhLVtUqemIGRzYCjBEvJQ+2b3vqH0jlyh75TskcDT0TYpHfA4IBi3CYHH/aRVruq/CV3eXJ; Expires=Fri, 28 Oct 2022 23:35:45 GMT; Path=/; SameSite=None; Secure
timing-allow-origin: *
expires: Sat, 22 Oct 2022 23:35:45 GMT
cache-control: private, max-age=86400000
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| www.lottoland.com/lotto6aus49-12fuer1?lottolapid=email_369431_de&sid=b4c8367242b30dceeadaf8e58269f547-20221006.7314.pool | 104.17.214.185 | 302 Found | 0 B |
URL HTTP/2www.lottoland.com/lotto6aus49-12fuer1?lottolapid=email_369431_de&sid=b4c8367242b30dceeadaf8e58269f547-20221006.7314.pool IP104.17.214.185:0
GET /lotto6aus49-12fuer1?lottolapid=email_369431_de&sid=b4c8367242b30dceeadaf8e58269f547-20221006.7314.pool HTTP/1.1
Host: www.lottoland.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Fri, 21 Oct 2022 23:35:44 GMT
content-type: text/html;charset=ISO-8859-1
location: https://www.lottoland.com/lotto6aus49-12fuer1
cf-ray: 75ddcfb53c441c02-OSL
content-language: en-US
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
vary: Accept-Encoding
set-cookie: route=1666395345.314.1256.345859|107af3ac26dde70c7eaf6c2546e21e24; Path=/; Secure; HttpOnly; SameSite=None
pid=email_369431_de; Expires=Sun, 20-Nov-2022 23:35:44 GMT; Path=/; SameSite=None; Secure
sid=b4c8367242b30dceeadaf8e58269f547-20221006.7314.pool; Expires=Sun, 20-Nov-2022 23:35:44 GMT; Path=/; SameSite=None; Secure
csfcfc=FtOBvf6LO%2FIYRw%3D%3D; Path=/; SameSite=None; Secure; Secure; HttpOnly
JSESSIONID=ce70dc009d7295aeaa93311b7b4a.lotto-lotto-web-74cfcb46f5-c2q5g; Path=/; SameSite=None; Secure; Secure; HttpOnly
__cf_bm=wYbHc7z_KMr0FykCSeIvF35tujdxuXmdt0Ab_3m6pWs-1666395344-0-AabPPCJYQ4D1fw3eEIWS/BUHt6pIyrBRBeDrMqHkBuB4kOvywu+kVieMcnPLDyR30emqXEd2TOxeTDPGuP15K3g=; path=/; expires=Sat, 22-Oct-22 00:05:44 GMT; domain=.lottoland.com; HttpOnly; Secure; SameSite=None
__cfruid=f362502476ecfb40b878e6303d935fcba53e4c50-1666395344; path=/; domain=.lottoland.com; HttpOnly; Secure; SameSite=None
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|