urlscan.io logo urlscan.io
SecurityTrails logo

lottery.broadwaydirect.com Open in urlscan Pro
2606:4700::6812:ce6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://links.engage.ticketmaster.com/els/v2/-LwdS93RkYJ~/NDRjNzBrRmFWbW1kWVlqY1dLTTlBT1pvVmVOSDdlZXUvOGp2K2V0Tkp3cktDV05INVR4NERVTGZP...
Effective URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=...
Submission: On February 19 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 36 HTTP transactions. The main IP is 2606:4700::6812:ce6, located in United States and belongs to CLOUDFLARENET, US. The main domain is lottery.broadwaydirect.com. The Cisco Umbrella rank of the primary domain is 748030.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 31st 2023. Valid for: a year.
This is the only time lottery.broadwaydirect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    18.173.187.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-71.muc50.r.cloudfront.net
links.engage.ticketmaster.com
1    18.173.187.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-92.muc50.r.cloudfront.net
links.engage.ticketmaster.com
27    2606:4700::6812:ce6 (United States)

ASN13335 (CLOUDFLARENET, US)
lottery.broadwaydirect.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
27 broadwaydirect.com
lottery.broadwaydirect.com — Cisco Umbrella Rank: 748030
405 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
294 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52
166 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2400
1 KB
2 ticketmaster.com
links.engage.ticketmaster.com — Cisco Umbrella Rank: 107183
1 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5654
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 113
252 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48
2 KB
36 8
Domain Requested by
27 lottery.broadwaydirect.com 1 redirects lottery.broadwaydirect.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com lottery.broadwaydirect.com
www.googletagmanager.com
2 links.engage.ticketmaster.com 2 redirects
1 www.google.de lottery.broadwaydirect.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 www.google.com lottery.broadwaydirect.com
1 fonts.googleapis.com lottery.broadwaydirect.com
36 10
Subject Issuer Validity Valid
broadwaydirect.com
Cloudflare Inc ECC CA-3		 2023-05-31 -
2024-05-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Frame ID: 3E735F78EAD8261657531AB3C902B255
Requests: 34 HTTP requests in this frame

Frame: https://lottery.broadwaydirect.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
Frame ID: C07A798ACC7BDE5488062CC23F82E31E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WICKED (OKLAHOMA CITY) – Broadway Direct LotteryFacebookInstagramYouTubeTwitterOfficial Airlines: American AirlinesFacebookInstagramYouTubeTwitterAmerican Airlines

Page URL History Show full URLs

  1. http://links.engage.ticketmaster.com/els/v2/-LwdS93RkYJ~/NDRjNzBrRmFWbW1kWVlqY1dLTTlBT1pvVmVOSDdlZXUvOGp2K2V0Tkp3... HTTP 301
    https://links.engage.ticketmaster.com/els/v2/-LwdS93RkYJ~/NDRjNzBrRmFWbW1kWVlqY1dLTTlBT1pvVmVOSDdlZXUvOGp2K2V0Tkp3... HTTP 302
    https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=19... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

36
Requests

97 %
HTTPS

82 %
IPv6

8
Domains

10
Subdomains

9
IPs

3
Countries

869 kB
Transfer

1924 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.engage.ticketmaster.com/els/v2/-LwdS93RkYJ~/NDRjNzBrRmFWbW1kWVlqY1dLTTlBT1pvVmVOSDdlZXUvOGp2K2V0Tkp3cktDV05INVR4NERVTGZPVWtSMWpMa0xPOGV3a0M5Uys0WnY4Q1NUNzJLcUxKbFA2Mm9sd1JKWmdrbk1aN3VDVFk9S0/ HTTP 301
    https://links.engage.ticketmaster.com/els/v2/-LwdS93RkYJ~/NDRjNzBrRmFWbW1kWVlqY1dLTTlBT1pvVmVOSDdlZXUvOGp2K2V0Tkp3cktDV05INVR4NERVTGZPVWtSMWpMa0xPOGV3a0M5Uys0WnY4Q1NUNzJLcUxKbFA2Mm9sd1JKWmdrbk1aN3VDVFk9S0/ HTTP 302
    https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://lottery.broadwaydirect.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://lottery.broadwaydirect.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
lottery.broadwaydirect.com/show/wicked-okc/
Redirect Chain
  • http://links.engage.ticketmaster.com/els/v2/-LwdS93RkYJ~/NDRjNzBrRmFWbW1kWVlqY1dLTTlBT1pvVmVOSDdlZXUvOGp2K2V0Tkp3cktDV05INVR4NERVTGZPVWtSMWpMa0xPOGV3a0M5Uys0WnY4Q1NUNzJLcUxKbFA2Mm9sd1JKWmdrbk1aN3VD...
  • https://links.engage.ticketmaster.com/els/v2/-LwdS93RkYJ~/NDRjNzBrRmFWbW1kWVlqY1dLTTlBT1pvVmVOSDdlZXUvOGp2K2V0Tkp3cktDV05INVR4NERVTGZPVWtSMWpMa0xPOGV3a0M5Uys0WnY4Q1NUNzJLcUxKbFA2Mm9sd1JKWmdrbk1aN3V...
  • https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
85 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470bbfd18a525c06a50860e4346bcf5269becd946748081cd73208475200a3b7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
cache-control
max-age=3600
cf-apo-via
origin,host
cf-cache-status
DYNAMIC
cf-ray
8581835b6990364f-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 19 Feb 2024 21:13:21 GMT
expect-ct
max-age=86400, enforce
expires
Mon, 19 Feb 2024 21:13:20 GMT
link
<https://lottery.broadwaydirect.com/wp-json/>; rel="https://api.w.org/", <https://lottery.broadwaydirect.com/?p=768332>; rel=shortlink
referrer-policy
same-origin
retry-after
86400
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish-v4
x-cache
MISS
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-varnish
44641006
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store
content-language
de-DE
content-length
0
date
Mon, 19 Feb 2024 21:13:19 GMT
location
https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 e46f362ef9260e60e122406168399f5c.cloudfront.net (CloudFront)
x-amz-cf-id
v9IHp0kHsqGxSrPyHtWPJSvc9PNiDDKtcJKGEEwnRkLb2kc2OFEt1A==
x-amz-cf-pop
MUC50-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
style.min.css
lottery.broadwaydirect.com/wp-includes/css/dist/block-library/ 		108 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lottery.broadwaydirect.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:21 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
strict-transport-security
max-age=31536000
x-cache
HIT
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 19 Feb 2024 11:34:52 GMT
server
cloudflare
etag
W/"65d33cdc-1ae43"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-varnish
76522113 76615085
cache-control
public, max-age=2591902
cf-ray
8581836318c3364f-FRA
expires
Wed, 20 Mar 2024 21:11:43 GMT
main.css
lottery.broadwaydirect.com/wp-content/plugins/dls-lottery/assets/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lottery.broadwaydirect.com/wp-content/plugins/dls-lottery/assets/main.css?ver=1.0.4.3
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
930233434aff8094c78f385f774ea30a4bba3578a3524f1f2e194145b9418fbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:21 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
strict-transport-security
max-age=31536000
cf-polished
origSize=5179
x-cache
HIT
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Thu, 23 May 2019 21:18:52 GMT
server
cloudflare
etag
W/"5ce70e3c-143b"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-varnish
75752309 75847962
cache-control
public, max-age=2591945
cf-ray
8581836318c5364f-FRA
expires
Wed, 20 Mar 2024 21:12:26 GMT
font-awesome.min.css
lottery.broadwaydirect.com/wp-content/plugins/dls-lottery/assets/font-awesome-4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lottery.broadwaydirect.com/wp-content/plugins/dls-lottery/assets/font-awesome-4.7.0/css/font-awesome.min.css?ver=4.7.0
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:21 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
strict-transport-security
max-age=31536000
x-cache
HIT
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 23 May 2019 21:18:52 GMT
server
cloudflare
etag
W/"5ce70e3c-7918"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-varnish
43415498 43912624
cache-control
public, max-age=2590094
cf-ray
8581836318c7364f-FRA
expires
Wed, 20 Mar 2024 20:41:35 GMT
css
fonts.googleapis.com/ 		33 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i&ver=202307110639
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
39b2acc818832d5839445e69d857add6e15c8993209a857147c2376fb93f886a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 19 Feb 2024 21:13:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 21:08:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Feb 2024 21:13:21 GMT
formsmain.min.css
lottery.broadwaydirect.com/wp-content/plugins/gravityforms/legacy/css/ 		78 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lottery.broadwaydirect.com/wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.8.3
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f6d999687ed3e80d57c678ecb473f017175794537ff250d3480eb0841c0abf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:21 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
strict-transport-security
max-age=31536000
age
1966
x-cache
HIT
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 20 Nov 2023 14:40:47 GMT
server
cloudflare
etag
W/"655b6fef-13986"
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
content-type
text/css
x-varnish
44641008 44640440
cache-control
max-age=3600
cf-ray
8581836318ca364f-FRA
expires
Wed, 20 Mar 2024 20:40:34 GMT
style.css
lottery.broadwaydirect.com/wp-content/themes/broadway-direct/ 		48 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lottery.broadwaydirect.com/wp-content/themes/broadway-direct/style.css?ver=202307110639
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd38da1d8f91b8a9be032724ba8390e7ab9a2c63fb29bdead2fed460b0d54cc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:21 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
strict-transport-security
max-age=31536000
cf-polished
origSize=67031
x-cache
HIT
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 12 Jul 2023 09:18:58 GMT
server
cloudflare
etag
W/"64ae7002-105d7"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-varnish
2656623 2536676
cache-control
public, max-age=2590682
cf-ray
8581836318cb364f-FRA
expires
Wed, 20 Mar 2024 20:51:23 GMT
jquery.fancybox.css
lottery.broadwaydirect.com/wp-content/themes/broadway-direct/assets/fancybox/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lottery.broadwaydirect.com/wp-content/themes/broadway-direct/assets/fancybox/jquery.fancybox.css?ver=2.1.5
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:21 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
strict-transport-security
max-age=31536000
cf-polished
origSize=4895
x-cache
HIT
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 15 Feb 2017 21:54:27 GMT
server
cloudflare
etag
W/"58a4ce13-131f"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-varnish
73689100 73256177
cache-control
public, max-age=2588409
cf-ray
8581836318ce364f-FRA
expires
Wed, 20 Mar 2024 20:13:30 GMT
custom-webfont.css
lottery.broadwaydirect.com/wp-content/themes/broadway-direct/webfonts/ 		166 B
471 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lottery.broadwaydirect.com/wp-content/themes/broadway-direct/webfonts/custom-webfont.css?ver=6.4.3
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a437572673e33280aecf2b449481d0f2a2c478d4a0c4de4b244ace3ca7c03e8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:21 GMT
content-security-policy
upgrade-insecure-requests
via
1.1 varnish-v4
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
content-encoding
br
cf-polished
origSize=212
x-cache
HIT
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 12 Jul 2023 09:18:58 GMT
x-accel-version
0.01
server
cloudflare
etag
W/"d4-60046b49f5ac1-gzip"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-varnish
76522114 76365154
cache-control
public, max-age=2590095
cf-ray
8581836318cf364f-FRA
retry-after
86400
expires
Wed, 20 Mar 2024 20:41:36 GMT
jquery.min.js
lottery.broadwaydirect.com/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lottery.broadwaydirect.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:21 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
strict-transport-security
max-age=31536000
x-cache
HIT
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 19 Feb 2024 11:34:52 GMT
server
cloudflare
etag
W/"65d33cdc-15601"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
44634937 44696418
cache-control
public, max-age=31533557
cf-ray
8581836318d0364f-FRA
expires
Tue, 18 Feb 2025 20:32:38 GMT
jquery-migrate.min.js
lottery.broadwaydirect.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lottery.broadwaydirect.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:21 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
strict-transport-security
max-age=31536000
x-cache
HIT
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 20 Sep 2023 08:58:35 GMT
server
cloudflare
etag
W/"650ab43b-3509"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
75752310 75455374
cache-control
public, max-age=31534048
cf-ray
8581836318d2364f-FRA
expires
Tue, 18 Feb 2025 20:40:49 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?ver=1.0.4.3
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d1366169a5911b46848e8e9a44be326ccf46950c96be143a42145a17247aee06
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 19 Feb 2024 21:13:21 GMT
logo-full.png
lottery.broadwaydirect.com/wp-content/themes/broadway-direct/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lottery.broadwaydirect.com/wp-content/themes/broadway-direct/images/logo-full.png
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f3c87ba47b56f47598b859329db45ed981071aaf2f887e0f385e5745af16118
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:21 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000
age
519
cf-polished
origFmt=png, origSize=4543
x-cache
HIT
content-disposition
inline; filename="logo-full.webp"
content-length
3372
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
imgq:100,h2pri
last-modified
Fri, 20 Jul 2018 13:27:24 GMT
server
cloudflare
etag
"5b51e33c-11bf"
expect-ct
max-age=86400, enforce
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
x-varnish
73689104 73688551
cache-control
public, max-age=2589407
accept-ranges
bytes
cf-ray
8581836318d4364f-FRA
expires
Wed, 20 Mar 2024 20:30:08 GMT
240207-Wicked-980x150-1-950x150.jpg
lottery.broadwaydirect.com/wp-content/uploads/2024/02/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lottery.broadwaydirect.com/wp-content/uploads/2024/02/240207-Wicked-980x150-1-950x150.jpg
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
764fdbfd1a2dedae75b593da4da024d3c1c2a5a9580f1ad698b5da2b1eee239b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:21 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000
x-cache
MISS
content-length
104325
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 14 Feb 2024 15:22:45 GMT
server
cloudflare
etag
"65ccdac5-19785"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-varnish
44641009 44641010
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
85818363591a364f-FRA
expires
Wed, 20 Mar 2024 21:13:21 GMT
240207-Wicked-400x116-1.jpg
lottery.broadwaydirect.com/wp-content/uploads/2024/02/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lottery.broadwaydirect.com/wp-content/uploads/2024/02/240207-Wicked-400x116-1.jpg
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c685fe7760495068ea05b6ebc641d86d91c390b13feb9a27f69dc80c3a0953e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:21 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000
x-cache
MISS
content-length
22861
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 14 Feb 2024 15:22:32 GMT
server
cloudflare
etag
"65ccdab8-594d"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-varnish
3275647 3275648
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
858183637938364f-FRA
expires
Wed, 20 Mar 2024 21:13:21 GMT
logo.png
lottery.broadwaydirect.com/wp-content/themes/broadway-direct/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lottery.broadwaydirect.com/wp-content/themes/broadway-direct/images/logo.png
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ea8681d41fc94b481f4619822620a98e9efcd12236183d9ac0bfd1d79a634e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:21 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000
age
519
cf-polished
origFmt=png, origSize=2385
x-cache
HIT
content-disposition
inline; filename="logo.webp"
content-length
2020
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
imgq:100,h2pri
last-modified
Fri, 20 Jul 2018 13:27:24 GMT
server
cloudflare
etag
"5b51e33c-951"
expect-ct
max-age=86400, enforce
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
x-varnish
2625697 2448412
cache-control
public, max-age=2589299
accept-ranges
bytes
cf-ray
85818366bc9b364f-FRA
expires
Wed, 20 Mar 2024 20:28:20 GMT
jquery.validate.min.js
lottery.broadwaydirect.com/wp-content/plugins/dls-lottery/assets/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lottery.broadwaydirect.com/wp-content/plugins/dls-lottery/assets/jquery.validate.min.js?ver=1.14.0
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:22 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
strict-transport-security
max-age=31536000
x-cache
HIT
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 15 Feb 2017 21:54:26 GMT
server
cloudflare
etag
W/"58a4ce12-5262"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
73689102 75761418
cache-control
public, max-age=31535288
cf-ray
858183670ce8364f-FRA
expires
Tue, 18 Feb 2025 21:01:30 GMT
jquery.validate.additional-methods.min.js
lottery.broadwaydirect.com/wp-content/plugins/dls-lottery/assets/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lottery.broadwaydirect.com/wp-content/plugins/dls-lottery/assets/jquery.validate.additional-methods.min.js?ver=1.14.0
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b9a658314baccfef5f3b1d279571f0c1dbe62e6f71735828dd7606e426ba798
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:22 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
strict-transport-security
max-age=31536000
x-cache
HIT
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Mon, 26 Oct 2015 06:17:24 GMT
server
cloudflare
etag
W/"562dc574-433a"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
73689103 75492909
cache-control
public, max-age=31536000
cf-ray
858183670cf3364f-FRA
expires
Tue, 18 Feb 2025 21:13:22 GMT
bodyScrollLock.js
lottery.broadwaydirect.com/wp-content/plugins/dls-lottery/assets/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lottery.broadwaydirect.com/wp-content/plugins/dls-lottery/assets/bodyScrollLock.js?ver=1.0.4.3
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75a5ebfbfbea225139d6bf07a7b26c563f544c979430561e27fa02f8d62bd298
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:22 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
strict-transport-security
max-age=31536000
cf-polished
origSize=8840
x-cache
HIT
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Thu, 23 May 2019 21:18:52 GMT
server
cloudflare
etag
W/"5ce70e3c-2288"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
43415499 43414537
cache-control
public, max-age=31535690
cf-ray
858183670cf4364f-FRA
expires
Tue, 18 Feb 2025 21:08:12 GMT
main.js
lottery.broadwaydirect.com/wp-content/plugins/dls-lottery/assets/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lottery.broadwaydirect.com/wp-content/plugins/dls-lottery/assets/main.js?ver=1.0.4.3
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b4f58888e6d713df349625479f65c1476f479386e065d206a79ce06802b3ef9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:21 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
strict-transport-security
max-age=31536000
cf-polished
origSize=6762
x-cache
HIT
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Thu, 23 May 2019 21:18:52 GMT
server
cloudflare
etag
W/"5ce70e3c-1a6a"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
73689101 75524905
cache-control
public, max-age=31535261
cf-ray
858183670cf5364f-FRA
expires
Tue, 18 Feb 2025 21:01:02 GMT
navigation.js
lottery.broadwaydirect.com/wp-content/themes/broadway-direct/js/ 		1 KB
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lottery.broadwaydirect.com/wp-content/themes/broadway-direct/js/navigation.js?ver=202307110639
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
975fcd769077c94bff0b689fbe3ad59e461ea7c948870bd979d21ad4716ecee9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:22 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
strict-transport-security
max-age=31536000
cf-polished
origSize=2279
x-cache
HIT
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Thu, 22 Oct 2015 19:16:53 GMT
server
cloudflare
etag
W/"56293625-8e7"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
43415500 43762853
cache-control
public, max-age=31533268
cf-ray
858183670cf6364f-FRA
expires
Tue, 18 Feb 2025 20:27:50 GMT
skip-link-focus-fix.js
lottery.broadwaydirect.com/wp-content/themes/broadway-direct/js/ 		588 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lottery.broadwaydirect.com/wp-content/themes/broadway-direct/js/skip-link-focus-fix.js?ver=202307110639
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2ff39ccfc80daf66110e4b104956bc70911dec5c51764de1c19422439a34ba5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:22 GMT
content-security-policy
upgrade-insecure-requests
via
1.1 varnish-v4
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
content-encoding
br
cf-polished
origSize=914
x-cache
HIT
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Thu, 22 Oct 2015 19:16:53 GMT
x-accel-version
0.01
server
cloudflare
etag
W/"392-522b6566e1340-gzip"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
2656624 2373653
cache-control
public, max-age=31532408
cf-ray
858183670cf8364f-FRA
retry-after
86400
expires
Tue, 18 Feb 2025 20:13:30 GMT
jquery.fancybox.js
lottery.broadwaydirect.com/wp-content/themes/broadway-direct/assets/fancybox/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lottery.broadwaydirect.com/wp-content/themes/broadway-direct/assets/fancybox/jquery.fancybox.js?ver=2.1.5
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:22 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
strict-transport-security
max-age=31536000
cf-polished
origSize=48706
x-cache
HIT
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 15 Feb 2017 21:54:27 GMT
server
cloudflare
etag
W/"58a4ce13-be42"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
43415501 43512176
cache-control
public, max-age=31534872
cf-ray
858183670cfa364f-FRA
expires
Tue, 18 Feb 2025 20:54:34 GMT
main.js
lottery.broadwaydirect.com/wp-content/themes/broadway-direct/js/ 		2 KB
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lottery.broadwaydirect.com/wp-content/themes/broadway-direct/js/main.js?ver=202307110639
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b331dc83f3752d3cddcad8c4abd32444b774732d26d8513bcbf791ce7435c1b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:22 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
strict-transport-security
max-age=31536000
cf-polished
origSize=4080
x-cache
HIT
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Fri, 30 Jun 2023 12:42:57 GMT
server
cloudflare
etag
W/"649ecdd1-ff0"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
2656625 2573575
cache-control
public, max-age=31534094
cf-ray
858183670cfb364f-FRA
expires
Tue, 18 Feb 2025 20:41:36 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/ 		492 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?ver=1.0.4.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f73b574d1f2ea3ca1551ec864077fa60535b48e64a20f39930d5bab098181f6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://lottery.broadwaydirect.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 14:30:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201084
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 03:00:37 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 18 Feb 2025 14:30:43 GMT
gtm.js
www.googletagmanager.com/ 		205 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WP8XDKV
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
336902141b22343d89443a65495b084099a6a5e10101fb6bd0600dbe667d8773
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73224
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 19 Feb 2024 21:13:21 GMT
240207-Wicked-1920x1080-BD-Background.jpg
lottery.broadwaydirect.com/wp-content/uploads/2024/02/ 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lottery.broadwaydirect.com/wp-content/uploads/2024/02/240207-Wicked-1920x1080-BD-Background.jpg
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b96827515024fc625efd1da05f9457198149155a4d3729e899e3a4b32f1826fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:22 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000
x-cache
HIT
content-length
124326
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 14 Feb 2024 15:22:56 GMT
server
cloudflare
etag
"65ccdad0-1e5a6"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-varnish
3275650 2947712
cache-control
public, max-age=2590318
accept-ranges
bytes
cf-ray
858183674d28364f-FRA
expires
Wed, 20 Mar 2024 20:45:20 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i&ver=202307110639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lottery.broadwaydirect.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 03:51:57 GMT
x-content-type-options
nosniff
age
494484
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Feb 2025 03:51:57 GMT
ClarityCity-Regular.woff2
lottery.broadwaydirect.com/wp-content/themes/broadway-direct/webfonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lottery.broadwaydirect.com/wp-content/themes/broadway-direct/webfonts/ClarityCity-Regular.woff2
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/wp-content/themes/broadway-direct/webfonts/custom-webfont.css?ver=6.4.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
656d37063eabc2b869dd05b34417d92d093262212aabb3aa1d4b9617cd405841
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lottery.broadwaydirect.com/wp-content/themes/broadway-direct/webfonts/custom-webfont.css?ver=6.4.3
Origin
https://lottery.broadwaydirect.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:21 GMT
via
1.1 varnish-v4
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
strict-transport-security
max-age=31536000
x-cache
HIT
content-length
16856
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 12 Jul 2023 09:18:58 GMT
server
cloudflare
etag
"64ae7002-41d8"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
x-varnish
73409411 76104464
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
858183674d29364f-FRA
expires
Tue, 20 Feb 2024 01:13:21 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C600%2C600i%2C700%2C700i&ver=202307110639
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lottery.broadwaydirect.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 09:06:26 GMT
x-content-type-options
nosniff
age
562015
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50296
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:10:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 09:06:26 GMT
js
www.googletagmanager.com/gtag/ 		284 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y4Z8911974&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP8XDKV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aa22a9673bd3bd8c21e753311a1ca9c46afe34ae22d5fd54fd1ca0353bc410e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96030
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 19 Feb 2024 21:13:22 GMT
collect
region1.analytics.google.com/g/ 		0
261 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-Y4Z8911974&gtm=45je42e0v883041692z8847989416za200&_p=1708377201766&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1761799852.1708377202&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1708377202&sct=1&seg=0&dl=https%3A%2F%2Flottery.broadwaydirect.com%2Fshow%2Fwicked-okc%2F%3FspMailingID%3D10626685%26spUserID%3DNTUyMDc2NTYzNTY0S0%26spJobID%3D1920359222%26spReportId%3DMTkyMDM1OTIyMgS2&dt=WICKED%20(OKLAHOMA%20CITY)%20%E2%80%93%20Broadway%20Direct%20Lottery&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2837
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y4Z8911974&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Feb 2024 21:13:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lottery.broadwaydirect.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y4Z8911974&cid=1761799852.1708377202&gtm=45je42e0v883041692z8847989416za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y4Z8911974&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Feb 2024 21:13:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lottery.broadwaydirect.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y4Z8911974&cid=1761799852.1708377202&gtm=45je42e0v883041692z8847989416za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=1445053149
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Feb 2024 21:13:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.js
lottery.broadwaydirect.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/ Frame C07A
Redirect Chain
  • https://lottery.broadwaydirect.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://lottery.broadwaydirect.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lottery.broadwaydirect.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/show/wicked-okc/?spMailingID=10626685&spUserID=NTUyMDc2NTYzNTY0S0&spJobID=1920359222&spReportId=MTkyMDM1OTIyMgS2
Protocol
H2
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02276cec2d389d9549b941918769083ef2df027bbf38993a970e3f51521cc114
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:13:22 GMT
strict-transport-security
max-age=31536000
referrer-policy
same-origin
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
expect-ct
max-age=86400, enforce
vary
accept-encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8581836a2805364f-FRA
x-xss-protection
1; mode=block

Redirect headers

date
Mon, 19 Feb 2024 21:13:22 GMT
strict-transport-security
max-age=31536000
referrer-policy
same-origin
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=86400, enforce
vary
accept-encoding
x-frame-options
SAMEORIGIN
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
cache-control
max-age=300, public
cf-ray
85818369df9d364f-FRA
x-xss-protection
1; mode=block
8581835b6990364f
lottery.broadwaydirect.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame C07A 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lottery.broadwaydirect.com/cdn-cgi/challenge-platform/h/b/jsd/r/8581835b6990364f
Requested by
Host: lottery.broadwaydirect.com
URL: https://lottery.broadwaydirect.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ce6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Feb 2024 21:13:22 GMT
strict-transport-security
max-age=31536000
referrer-policy
same-origin
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
expect-ct
max-age=86400, enforce
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
cf-ray
8581836b198b364f-FRA
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| dataLayer function| bdSetViewPortBasedOnWidth object| google_tag_manager object| google_tag_data object| recaptcha function| onYouTubeIframeAPIReady object| gaGlobal object| bodyScrollLock

4 Cookies

Domain/Path Name / Value
.broadwaydirect.com/ Name: __cf_bm
Value: N3oV5h35InLZO1GXh06hwAz82t2u.XcJPtIGZLUZk4o-1708377201-1.0-AZQ164fVvnPIhQ7sLi1fer9e0wYfGtrq89r9QpSqvVyGpKPVdXmkXdrOvw67J1RG4Ux73YxBXrsHK3peZuzOcMQ=
.broadwaydirect.com/ Name: broadwaydirect_ga
Value: GA1.1.1761799852.1708377202
.broadwaydirect.com/ Name: broadwaydirect_ga_Y4Z8911974
Value: GS1.1.1708377202.1.0.1708377202.60.0.0
.broadwaydirect.com/ Name: cf_clearance
Value: u7JxwwaikcZ5Wpj3WoqDw_cYgw4fK1rcaYhul1ek.0I-1708377202-1.0-AbJ79YBpOQ/HKiHLn9cB6f9aJa7T6Tpevt9Jfwj/4DkjeoxMvrNmeTOf4XkHgEa1/2vczxD3uGK7LGgPa6bcOOY=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
links.engage.ticketmaster.com
lottery.broadwaydirect.com
region1.analytics.google.com
stats.g.doubleclick.net
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
18.173.187.71
18.173.187.92
2001:4860:4802:34::36
2606:4700::6812:ce6
2a00:1450:4001:801::200a
2a00:1450:4001:806::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2003
2a00:1450:400c:c06::9b
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
02276cec2d389d9549b941918769083ef2df027bbf38993a970e3f51521cc114
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
1f3c87ba47b56f47598b859329db45ed981071aaf2f887e0f385e5745af16118
2b9a658314baccfef5f3b1d279571f0c1dbe62e6f71735828dd7606e426ba798
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
336902141b22343d89443a65495b084099a6a5e10101fb6bd0600dbe667d8773
36ea8681d41fc94b481f4619822620a98e9efcd12236183d9ac0bfd1d79a634e
39b2acc818832d5839445e69d857add6e15c8993209a857147c2376fb93f886a
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
470bbfd18a525c06a50860e4346bcf5269becd946748081cd73208475200a3b7
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5a437572673e33280aecf2b449481d0f2a2c478d4a0c4de4b244ace3ca7c03e8
656d37063eabc2b869dd05b34417d92d093262212aabb3aa1d4b9617cd405841
6b4f58888e6d713df349625479f65c1476f479386e065d206a79ce06802b3ef9
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
75a5ebfbfbea225139d6bf07a7b26c563f544c979430561e27fa02f8d62bd298
764fdbfd1a2dedae75b593da4da024d3c1c2a5a9580f1ad698b5da2b1eee239b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8c685fe7760495068ea05b6ebc641d86d91c390b13feb9a27f69dc80c3a0953e
930233434aff8094c78f385f774ea30a4bba3578a3524f1f2e194145b9418fbc
975fcd769077c94bff0b689fbe3ad59e461ea7c948870bd979d21ad4716ecee9
9f6d999687ed3e80d57c678ecb473f017175794537ff250d3480eb0841c0abf8
aa22a9673bd3bd8c21e753311a1ca9c46afe34ae22d5fd54fd1ca0353bc410e3
b2ff39ccfc80daf66110e4b104956bc70911dec5c51764de1c19422439a34ba5
b331dc83f3752d3cddcad8c4abd32444b774732d26d8513bcbf791ce7435c1b1
b96827515024fc625efd1da05f9457198149155a4d3729e899e3a4b32f1826fe
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d1366169a5911b46848e8e9a44be326ccf46950c96be143a42145a17247aee06
dd38da1d8f91b8a9be032724ba8390e7ab9a2c63fb29bdead2fed460b0d54cc3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f73b574d1f2ea3ca1551ec864077fa60535b48e64a20f39930d5bab098181f6c