urlscan.io logo urlscan.io
SecurityTrails logo

www.megamillions.com Open in urlscan Pro
172.67.24.141  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.megamillions.com/
Submission: On March 21 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 13 domains to perform 81 HTTP transactions. The main IP is 172.67.24.141, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.megamillions.com. The Cisco Umbrella rank of the primary domain is 258527.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 23rd 2022. Valid for: a year.
This is the only time www.megamillions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 172.67.24.141 13335 (CLOUDFLAR...)
2 74.125.200.154 15169 (GOOGLE)
7 142.250.4.156 15169 (GOOGLE)
1 69.16.175.10 20446 (STACKPATH...)
4 172.217.194.156 15169 (GOOGLE)
1 142.251.12.97 15169 (GOOGLE)
2 74.125.130.154 15169 (GOOGLE)
5 74.125.130.101 15169 (GOOGLE)
2 172.253.118.155 15169 (GOOGLE)
2 172.217.194.132 15169 (GOOGLE)
1 74.125.68.157 15169 (GOOGLE)
1 182.161.74.19 55569 (CRITEO-AS...)
1 182.161.73.148 55569 (CRITEO-AS...)
6 74.125.24.132 15169 (GOOGLE)
11 182.161.73.129 55569 (CRITEO-AS...)
1 182.161.73.132 55569 (CRITEO-AS...)
1 104.17.24.14 13335 (CLOUDFLAR...)
7 182.161.73.135 55569 (CRITEO-AS...)
2 182.161.73.142 55569 (CRITEO-AS...)
1 172.253.118.106 15169 (GOOGLE)
81 21
23    172.67.24.141 (United States)

ASN13335 (CLOUDFLARENET, US)
www.megamillions.com
2    74.125.200.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f154.1e100.net
www.googletagservices.com
7    142.250.4.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f156.1e100.net
pagead2.googlesyndication.com
1    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
4    172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net
securepubads.g.doubleclick.net
1    142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net
www.googletagmanager.com
2    74.125.130.154 (Nashville, United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f154.1e100.net
googleads.g.doubleclick.net
5    74.125.130.101 (Nashville, United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f101.1e100.net
www.google-analytics.com
2    172.253.118.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f155.1e100.net
adservice.google.com.au
adservice.google.com
2    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com
1    74.125.68.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f157.1e100.net
partner.googleadservices.com
1    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
1    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
6    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
tpc.googlesyndication.com
11    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
2    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
1    172.253.118.106 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f106.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
23 megamillions.com
www.megamillions.com — Cisco Umbrella Rank: 258527
434 KB
20 criteo.net
static.criteo.net — Cisco Umbrella Rank: 629
pix.as.criteo.net — Cisco Umbrella Rank: 16818
csm.as.criteo.net — Cisco Umbrella Rank: 15107
115 KB
15 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 134
224 KB
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
googleads.g.doubleclick.net — Cisco Umbrella Rank: 32
150 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25
20 KB
3 criteo.com
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 18939
ads.as.criteo.com — Cisco Umbrella Rank: 14878
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 15136
46 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 68
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
76 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
5 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 860
605 B
1 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 113671
531 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
55 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 686
30 KB
81 13
Domain Requested by
23 www.megamillions.com www.megamillions.com
code.jquery.com
11 static.criteo.net ads.as.criteo.com
cdnjs.cloudflare.com
static.criteo.net
7 pix.as.criteo.net ads.as.criteo.com
7 pagead2.googlesyndication.com www.megamillions.com
pagead2.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 tpc.googlesyndication.com 4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.megamillions.com
2 csm.as.criteo.net ads.as.criteo.com
2 4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.googletagservices.com www.megamillions.com
4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 cdnjs.cloudflare.com ads.as.criteo.com
1 cat.sg1.as.criteo.com ads.as.criteo.com
1 ads.as.criteo.com 4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com
1 rtb.jp2.as.criteo.com www.megamillions.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.com.au securepubads.g.doubleclick.net
1 www.googletagmanager.com www.megamillions.com
1 code.jquery.com www.megamillions.com
81 21

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-23 -
2023-05-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-04 -
2023-05-30		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-24 -
2023-05-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-15		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-27 -
2023-05-25		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-19 -
2023-04-16		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.megamillions.com/
Frame ID: 362D145CD01AE33E1D75C398B9D409E2
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230320/r20190131/zrt_lookup.html
Frame ID: 96EF33C115974ACFCD8800D1D242597D
Requests: 1 HTTP requests in this frame

Frame: https://4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8A0EE92116E32F5B223E86369C17F92C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1188353806003967&output=html&adk=1812271804&adf=3025194257&lmt=1679442131&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fwww.megamillions.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679442131254&bpp=4&bdt=2188&idt=506&shv=r20230320&mjsv=m202303150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6308205434711&frm=20&pv=2&ga_vid=1429621440.1679442132&ga_sid=1679442132&ga_hid=1566331510&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759875%2C44759926&oid=2&pvsid=1517477482301788&tmod=1594050585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=529
Frame ID: E5B14B4A1B2423181669B9F5E4CD6371
Requests: 1 HTTP requests in this frame

Frame: https://4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9B131ABD91FAF4CA7916F96FF1806ECE
Requests: 9 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=ZBpA0wAKCQoKK1SRAAaLazCRtVoAhHKnufx_hQ&u=%7CeU9wVE5QfOdxGAF2mfmsl9QEBRhq0pxJyghJDjd%2B2eg%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc27YizikpHZ3NBEVeSIsX0uwsCeC3op951ptRGCRbabi-ixNUdn4CCEdtTVPTwAY6FNDRolIjFhh8hP-ca0EOUGLTlhl28RwYflrsRZGwun-DTVBy5_T8G9qlTlN1XCkBDpz8eBso2_9HNC4fHYlFbfxoS09iAVL1RODGHUqFy85t88mXW5cVDB7PIbQSI5JTAqWbYrsaGRYqvnAR9SVdWrVcBGxb76mDNF8xyiZTNVKCBWBwXHlSQyXrA8ssUz3GtxqTyS7iYlgJ65fgp2RzlNu90pr_Oh9Yzlfvrax19LjkjNvkSrbMAo8rWGtvVJhvq-eggUilsK6Z615VPZdJxeLXSSh9MpIsWz_DEHk2E3554_EOFVqPurTB8Cpy4FXwtKARohAuijuJ1LcIm8Bgv_5AVPVKXhM_yMMKWu1oQOHLTcmrKNJeiw9YUruYN7tMNaocldFlGw5Xr0BOOokE2LjIJWhmuYdErftprJAy0r7hZsYVw_P32k30g6YNpFkwUyou14XvKTvD5Lv_CU24U-H_hIt50kAfUvMPi5uuEJm_JlBiyViHy4E6Bxza4pcbs2vRKD0E7EFxHRe_wyOyMxRO6jbAYj-Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6UgX00AaZIqSKJGprQHrlpqACpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTU3Njg3MTIyOTEzNjExNzLIAQmpAizS9MPEX6Y-4AIAqAMBqgSUAk_QR4W7LxdgLDzZCKYIBFOsqyESkXVF-8HcQx2pODCJF-ZYKR8Hjp00nVGIrbBF3hKPBH0deEtp1x2wwEf-pW5jB0mOPeKkfMmp82H4GGmdwk0tmEpB_XiB2XgrmJUvzLarmrsQc72ZYIQm3C373O9vEo2IpsokD1HMho-OyxR4hRVn45nzxZjCE0mvQqyxjAnXeR7uj5x9m-MaDaJuuEH8NikN3EtIRdL0kTMto5KAAfhjTznerJTJcaGT781NhYoAKPKOMA4aT3ZwzLrLj9BHu6UvQjh3D50aYO1Uyl_88--iodmwa1UszFjvplhUZhtgZfHmwRPzpHCq1_C6HfjHHwiN5L1UOnIFfCbf5NXByOkaAuAEAYAGwYn8yLu0odD8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XOFxWqolglu45DFl0LdFdSV4S_A%26client%3Dca-pub-5768712291361172%26adurl%3D
Frame ID: 4284C577404111C3B735476815A34AE2
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 63A12B3BE3BF038B11887360EFDE9D31
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AB8117049AB6C4BC32E8C660EC127442
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mega Millions

Detected technologies

Overall confidence: 100%
Detected patterns
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

81
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

21
Subdomains

21
IPs

3
Countries

1158 kB
Transfer

3538 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

81 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.megamillions.com/ 		19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.24.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
00ca317c7dc5b31b1392f6013451b2c1ba00c203e665aad1101472b5ef9c8ad3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7aba0cb51b00aae7-SYD
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 21 Mar 2023 23:42:09 GMT
expires
-1
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
x-ua-compatible
IE=Edge
stylesheet.min.css
www.megamillions.com/styles/css/ 		185 KB
76 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.24.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ce4ee855ad838bb8e93c16e43e92408b52af633204be155f2bf0d4d02cd8d171
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:10 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Wed, 24 Aug 2022 18:05:27 GMT
server
cloudflare
etag
"80dc716e4b7d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7aba0cbafa69aae7-SYD
content-length
77164
gpt.js
www.googletagservices.com/tag/js/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
sffe /
Resource Hash
8b999633b479860aa438754ca3f093e135b479f41067208c9949c25799f4274b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27136
x-xss-protection
0
server
sffe
etag
"1518 / 904 of 1000 / last-modified: 1679436494"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 21 Mar 2023 23:42:09 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		142 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
3f34c8adb473593f19bec5233dd482f56ff85cf87e31e254a7e912a87b83ff72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48679
x-xss-protection
0
server
cafe
etag
10418361819028194109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 21 Mar 2023 23:42:10 GMT
WebResource.axd
www.megamillions.com/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/WebResource.axd?d=ZIQniEr9Mywq2t6w0aFkmfevBKkcSs_6bpPr1WgPVOUlKh-_KfHL6_GLwG_j5wygKHT2Io177gD_3d9wGGzhTAdNM801&t=637823185705833095
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.24.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:09 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 08 Mar 2022 11:42:50 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public
cf-ray
7aba0cbafa6baae7-SYD
expires
Wed, 20 Mar 2024 22:19:00 GMT
ScriptResource.axd
www.megamillions.com/ 		100 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/ScriptResource.axd?d=brRkt1L0_30B7QS6tm7pqQt_F5EeFdvk5YVfxDqljjCdodU_QQ8Tb10b9vuvGEKsD3o792ejp_1xYU_sVqu1AvyRBofc8uLp8jFwNTZ2GKkJUSqDdlNQhtDsJVbuqA-m--yE_WD9ptrjC6d-6dIfL-gnr-E1&t=ffffffffaa493ab8
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.24.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:09 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 20 Mar 2023 19:28:00 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public
cf-ray
7aba0cbafa6daae7-SYD
content-length
25609
expires
Tue, 19 Mar 2024 19:28:00 GMT
ScriptResource.axd
www.megamillions.com/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/ScriptResource.axd?d=i6bzkVdG9d-PWMRGhCyhO_KGYvHpc647dfE4sb6HFu8IbYM5e_v3Np4HW-FaVLqMNyuVMWmbLM9gTkRyJQovHm5icSk4pkNqqfM_cWgtreN_AcKMH-xswtVFWKWtx_7aMra27TzZq2jjzpQq9ec6UEY1QiOs7zInnFE5PUnAcok_wx3d0&t=ffffffffaa493ab8
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.24.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:09 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 20 Mar 2023 19:28:00 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public
cf-ray
7aba0cbafa6faae7-SYD
content-length
9984
expires
Tue, 19 Mar 2024 19:28:00 GMT
logo_MM_233x110.png
www.megamillions.com/GLC-Megamillions/media/images/logos/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.megamillions.com/GLC-Megamillions/media/images/logos/logo_MM_233x110.png
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.24.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7c07f37793f58b1f6f7371465d9aa2a44a60f072658b3e320d63da269e098bd4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:11 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 12 Mar 2021 18:02:09 GMT
server
cloudflare
etag
"329b1cd26917d71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7aba0cc31d4caae7-SYD
content-length
32071
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://www.megamillions.com/
Origin
https://www.megamillions.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:10 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1679442130.dop233.la3.t,1679442130.cds104.la3.hn,1679442130.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
scripts.min.js
www.megamillions.com/scripts/ 		1017 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/scripts/scripts.min.js?v=20220701
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.24.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ddd3f525a6f64abee80be8f8887a7840c3b0ae84c0f998061bd921aae32dd3e3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:11 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 01 Jul 2022 14:16:54 GMT
server
cloudflare
etag
"0cfe236558dd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7aba0cc31d50aae7-SYD
content-length
74205
pubads_impl_2023031601.js
securepubads.g.doubleclick.net/gpt/ 		396 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
sffe /
Resource Hash
0355d3058b5c3b6d7e6f65a1c28ef32a2c758db1d57cbdb07ab8a21bbc135a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 14:49:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
291142
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136618
x-xss-protection
0
last-modified
Thu, 16 Mar 2023 08:37:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 17 Mar 2024 14:49:48 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		93 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.megamillions.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
2fdbcbd4f769c4a4f002c9ced89490753f099fe15be70c33dee9d251b0bd68b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65
x-xss-protection
0
expires
Tue, 21 Mar 2023 23:42:10 GMT
gtm.js
www.googletagmanager.com/ 		146 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5G7656B
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
77897f671e0c608375354abd197336120c413b1ad46f0ed0b1398ba3a89bc389
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56143
x-xss-protection
0
last-modified
Tue, 21 Mar 2023 21:26:44 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 21 Mar 2023 23:42:10 GMT
truncated
/ 		60 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
636cc1523f3c1d2b2c03edb0e47eacb4f597b91b773bc8b8be4c14fe2d4b8880

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
logo_MM_115x54.png
www.megamillions.com/GLC-Megamillions/media/images/logos/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.megamillions.com/GLC-Megamillions/media/images/logos/logo_MM_115x54.png
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.24.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
34cce832fafd4507ca484d1662ac1ff62f68a844f9adb362867c60688761238b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:10 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 12 Mar 2021 18:02:05 GMT
server
cloudflare
etag
"5ed99acf6917d71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7aba0cc32d68aae7-SYD
content-length
12493
montserrat-v12-latin-regular.woff2
www.megamillions.com/styles/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/styles/fonts/montserrat-v12-latin-regular.woff2
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.24.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin
https://www.megamillions.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:10 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 12 Dec 2018 00:10:00 GMT
server
cloudflare
etag
"0fc9b5af91d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7aba0cc32d71aae7-SYD
content-length
18684
montserrat-v12-latin-600.woff2
www.megamillions.com/styles/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/styles/fonts/montserrat-v12-latin-600.woff2
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.24.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
867222183f7b4fdace7636718acb18b75476fc82e388130e0c06d7ec1103273d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin
https://www.megamillions.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:11 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 12 Dec 2018 00:10:00 GMT
server
cloudflare
etag
"0fc9b5af91d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7aba0cc33d78aae7-SYD
content-length
18752
montserrat-v12-latin-700.woff2
www.megamillions.com/styles/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/styles/fonts/montserrat-v12-latin-700.woff2
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.24.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin
https://www.megamillions.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:11 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 12 Dec 2018 00:10:00 GMT
server
cloudflare
etag
"0fc9b5af91d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7aba0cc33d7baae7-SYD
content-length
18956
montserrat-v12-latin-900italic.woff2
www.megamillions.com/styles/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/styles/fonts/montserrat-v12-latin-900italic.woff2
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.24.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7c4dc0511bf663fdc5442fe187473916350a74a68341d87dbdd633c8d1cebd3f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin
https://www.megamillions.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:11 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 12 Dec 2018 00:10:00 GMT
server
cloudflare
etag
"0fc9b5af91d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7aba0cc33d7faae7-SYD
content-length
19104
montserrat-v12-latin-italic.woff2
www.megamillions.com/styles/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/styles/fonts/montserrat-v12-latin-italic.woff2
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.24.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a629a2424ad41d63e025ac8d0756268ddd76877ed1d4f3a7a24109f13047289a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin
https://www.megamillions.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:11 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 12 Dec 2018 00:10:00 GMT
server
cloudflare
etag
"0fc9b5af91d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7aba0cc33d81aae7-SYD
content-length
19164
montserrat-v12-latin-500.woff2
www.megamillions.com/styles/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/styles/fonts/montserrat-v12-latin-500.woff2
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.24.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin
https://www.megamillions.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:11 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 12 Dec 2018 00:10:00 GMT
server
cloudflare
etag
"0fc9b5af91d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7aba0cc33d82aae7-SYD
content-length
18728
montserrat-v12-latin-300.woff2
www.megamillions.com/styles/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/styles/fonts/montserrat-v12-latin-300.woff2
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.24.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ea23fa178c761c715a00c4ceaa9b93ed323da784a903df018a4fb04b10288ca3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin
https://www.megamillions.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:11 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 12 Dec 2018 00:10:00 GMT
server
cloudflare
etag
"0fc9b5af91d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7aba0cc33d84aae7-SYD
content-length
18444
Flaticon.woff
www.megamillions.com/styles/fonts/ 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/styles/fonts/Flaticon.woff
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.24.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
45f4c8f64c6bab2f4bf1c372bd075be57c67ff285ab0820ce4572f76a6968e1d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin
https://www.megamillions.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:10 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Thu, 01 Nov 2018 17:00:47 GMT
server
cloudflare
etag
W/"8091a6f472d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/font-woff
cache-control
public, max-age=691200
cf-ray
7aba0cc3be54aae7-SYD
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303150101/ 		350 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303150101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
57ae36cf7cc4bdf3a4300f074b1bb636a1fff61f8070d124081f48876bb18987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119454
x-xss-protection
0
server
cafe
etag
17601927231127156088
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Mar 2023 23:42:11 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230320/r20190131/ Frame 96EF 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230320/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.154 Nashville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f154.1e100.net
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.megamillions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
20743
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 21 Mar 2023 17:56:28 GMT
etag
2378337311435320485
expires
Tue, 04 Apr 2023 17:56:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5G7656B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.101 Nashville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 21 Mar 2023 22:20:37 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
4894
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Wed, 22 Mar 2023 00:20:37 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.megamillions.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.megamillions.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1517477482301788&correlator=711176764430688&eid=31072020%2C31073289%2C44785968&output=ldjh&gdfp_req=1&vrg=2023031601&ptt=17&impl=fifs&iu_parts=21814838932%2Cmmcglc_homepage_728x90%2Cmmcglc_300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C300x250&ifi=2&adks=537333458%2C1420342407&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1679442131522&lmt=1679442131&dlt=1679442129066&idt=2426&adxs=538%2C1055&adys=26%2C591&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.megamillions.com%2F&frm=20&vis=1&psz=1150x96%7C300x15&msz=837x0%7C300x0&fws=4%2C4&ohw=1150%2C1150&ga_vid=1429621440.1679442132&ga_sid=1679442132&ga_hid=1566331510&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
252772206bd09ba5c31018d5ebb74ed04b6da5c93c8e471e4c6a92816a09b7cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10488
x-xss-protection
0
google-lineitem-id
-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.megamillions.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8A0E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.megamillions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 21 Mar 2023 23:42:12 GMT
expires
Wed, 20 Mar 2024 23:42:12 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
GetLatestDrawData
www.megamillions.com/cmspages/utilservice.asmx/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/cmspages/utilservice.asmx/GetLatestDrawData
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.24.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
fefcda61d35886adccb7694b6dfa62c727af571a2ae61ead799a74bb621a0ffc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.megamillions.com/
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 21 Mar 2023 23:42:11 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
cf-ray
7aba0ccb58e3aae7-SYD
GetTopRandomWinners
www.megamillions.com/cmspages/utilservice.asmx/ 		1 KB
1012 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/cmspages/utilservice.asmx/GetTopRandomWinners
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.24.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2785a23295c9280a303ce6cdf41d75692b17d6a9123e918c10130cdfc8a714d4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.megamillions.com/
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 21 Mar 2023 23:42:12 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
cf-ray
7aba0ccb58e5aae7-SYD
GetLotteryStateData
www.megamillions.com/CMSPages/UtilService.asmx/ 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/CMSPages/UtilService.asmx/GetLotteryStateData
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.24.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
85a7e52415728ef33a76fbc4ee455149d71cc1b4c2867445264185ecaa53c598
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.megamillions.com/
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Tue, 21 Mar 2023 23:42:11 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
cf-ray
7aba0ccb58e6aae7-SYD
cookie.js
partner.googleadservices.com/gampad/ 		399 B
605 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.megamillions.com&callback=_gfp_s_&client=ca-pub-1188353806003967
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
5244d072bb98f137eac373059cef4a0a4f591a06d314b23f7c21a9a7c03243e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
253
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E5B1 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1188353806003967&output=html&adk=1812271804&adf=3025194257&lmt=1679442131&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fwww.megamillions.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679442131254&bpp=4&bdt=2188&idt=506&shv=r20230320&mjsv=m202303150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6308205434711&frm=20&pv=2&ga_vid=1429621440.1679442132&ga_sid=1679442132&ga_hid=1566331510&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44777877%2C44759837%2C44759875%2C44759926&oid=2&pvsid=1517477482301788&tmod=1594050585&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=529
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.154 Nashville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f154.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.megamillions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 21 Mar 2023 23:42:11 GMT
expires
Tue, 21 Mar 2023 23:42:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		3 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1566331510&t=pageview&_s=1&dl=https%3A%2F%2Fwww.megamillions.com%2F&ul=en-us&de=UTF-8&dt=Mega%20Millions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAAABAAAAAC~&jid=1372875104&gjid=435167335&cid=1429621440.1679442132&tid=UA-130954248-1&_gid=2046604907.1679442132&_r=1&_slc=1&gtm=45He33k0n815G7656B&z=1117600897
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.101 Nashville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.megamillions.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 21 Mar 2023 23:42:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.megamillions.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
montserrat-v12-latin-700italic.woff2
www.megamillions.com/styles/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/styles/fonts/montserrat-v12-latin-700italic.woff2
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.24.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
975707e0f84fdf7439284679f4ae53d7e244140753e5d1dbb50ddf9a30d1c1b8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin
https://www.megamillions.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:12 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 12 Dec 2018 00:10:00 GMT
server
cloudflare
etag
"0fc9b5af91d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7aba0ccd7b88aae7-SYD
content-length
19384
container.html
4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9B13 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.megamillions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 21 Mar 2023 23:42:12 GMT
expires
Wed, 20 Mar 2024 23:42:12 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
MD-Lottery-logo.jpg.aspx
www.megamillions.com/getmedia/a22aa17d-f8a2-4bb3-a775-201f8a9094f0/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.megamillions.com/getmedia/a22aa17d-f8a2-4bb3-a775-201f8a9094f0/MD-Lottery-logo.jpg.aspx?ext=.jpg&width=220
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.24.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a54425aa4c783f136e8f1649ec1b3bf719865b7104ec6b1051178405b7c91b26
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:12 GMT
cf-cache-status
EXPIRED
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-disposition
inline; filename="MD-Lottery-logo.jpg"
content-length
9480
last-modified
Wed, 10 Feb 2021 05:04:27 GMT
server
cloudflare
etag
"2/10/2021 5:04:27 AM"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7aba0ccecd87aae7-SYD
expires
Tue, 21 Mar 2023 23:42:12 GMT
Pickens_VA-winner.jpg.aspx
www.megamillions.com/getmedia/f699f4e0-8736-41cc-a408-ff3ba36e72f6/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.megamillions.com/getmedia/f699f4e0-8736-41cc-a408-ff3ba36e72f6/Pickens_VA-winner.jpg.aspx?ext=.jpg&width=220
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.24.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
652d9094a7eead0236e08a454ce890c830278eec9ffd8db33fd6e4785cac9ca3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:12 GMT
cf-cache-status
EXPIRED
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-disposition
inline; filename="Pickens_VA-winner.jpg"
content-length
9580
last-modified
Wed, 15 Mar 2023 01:17:12 GMT
server
cloudflare
etag
"3/15/2023 1:17:12 AM"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7aba0ccecd88aae7-SYD
expires
Tue, 21 Mar 2023 23:42:12 GMT
CALottery_MM.jpg.aspx
www.megamillions.com/getmedia/ccfbe197-8d3e-437c-bef9-b5b52e1d3375/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.megamillions.com/getmedia/ccfbe197-8d3e-437c-bef9-b5b52e1d3375/CALottery_MM.jpg.aspx?ext=.jpg&width=220
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.24.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
073fe185fa28589915800b70e79f3b64bf08a65919450ea7ccea535a0bed183c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:12 GMT
cf-cache-status
EXPIRED
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-disposition
inline; filename="CALottery_MM.jpg"
content-length
9740
last-modified
Mon, 31 Aug 2020 16:58:21 GMT
server
cloudflare
etag
"8/31/2020 4:58:21 PM"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7aba0ccecd89aae7-SYD
expires
Tue, 21 Mar 2023 23:42:12 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9B13 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C6jZ100AaZIqSKJGprQHrlpqACpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTU3Njg3MTIyOTEzNjExNzLIAQmpAizS9MPEX6Y-4AIAqAMBqgSRAk_QR4W7LxdgLDzZCKYIBFOsqyESkXVF-8HcQx2pODCJF-ZYKR8Hjp00nVGIrbBF3hKPBH0deEtp1x2wwEf-pW5jB0mOPeKkfMmp82H4GGmdwk0tmEpB_XiB2XgrmJUvzLarmrsQc72ZYIQm3C373O9vEo2IpsokD1HMho-OyxR4hRVn45nzxZjCE0mvQqyxjAnXeR7uj5x9m-MaDaJuuEH8NikN3EtIRdL0kTMto5KAAfhjTznerJTJcaGT781NhYoAKPKOMA4aT3ZwzLrLj9BHu6UvQjh3D50aYO1Uyl_88--iodmwa1UszFitpHnGg9XpGw5vsI0Y8upp_uSwivLpB-AFF-vO88wbUD44D0S_N-AEAYAGwYn8yLu0odD8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU3Njg3MTIyOTEzNjExNzIY2pJw&sigh=nwjHsbFw08s&uach_m=[UACH]&cid=CAQSSwDUE5ym1yFh3Vb5vnsfatHFKrmtffe29bACu4-5QU3LUFmMeCCxK0hGbXGcPFlD82wPnH0LIrTYhMA1m0_W1KVNlTem0ONcz9shEhgB
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 9B13 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k5mUFLmCMNgFWmL4LRICAAAAUcqo09VWsF9v3Gt4ALlJgBDTQBpkQ5j-Fq7f7fWnbgAAEgAACg5BUVVERFFZQkRRRUJEUQ&wp=ZBpA0wAKCQoKK1SRAAaLazCRtVoAhHKnufx_hQ
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:12 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
152004
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 4284 		135 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=ZBpA0wAKCQoKK1SRAAaLazCRtVoAhHKnufx_hQ&u=%7CeU9wVE5QfOdxGAF2mfmsl9QEBRhq0pxJyghJDjd%2B2eg%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc27YizikpHZ3NBEVeSIsX0uwsCeC3op951ptRGCRbabi-ixNUdn4CCEdtTVPTwAY6FNDRolIjFhh8hP-ca0EOUGLTlhl28RwYflrsRZGwun-DTVBy5_T8G9qlTlN1XCkBDpz8eBso2_9HNC4fHYlFbfxoS09iAVL1RODGHUqFy85t88mXW5cVDB7PIbQSI5JTAqWbYrsaGRYqvnAR9SVdWrVcBGxb76mDNF8xyiZTNVKCBWBwXHlSQyXrA8ssUz3GtxqTyS7iYlgJ65fgp2RzlNu90pr_Oh9Yzlfvrax19LjkjNvkSrbMAo8rWGtvVJhvq-eggUilsK6Z615VPZdJxeLXSSh9MpIsWz_DEHk2E3554_EOFVqPurTB8Cpy4FXwtKARohAuijuJ1LcIm8Bgv_5AVPVKXhM_yMMKWu1oQOHLTcmrKNJeiw9YUruYN7tMNaocldFlGw5Xr0BOOokE2LjIJWhmuYdErftprJAy0r7hZsYVw_P32k30g6YNpFkwUyou14XvKTvD5Lv_CU24U-H_hIt50kAfUvMPi5uuEJm_JlBiyViHy4E6Bxza4pcbs2vRKD0E7EFxHRe_wyOyMxRO6jbAYj-Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6UgX00AaZIqSKJGprQHrlpqACpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTU3Njg3MTIyOTEzNjExNzLIAQmpAizS9MPEX6Y-4AIAqAMBqgSUAk_QR4W7LxdgLDzZCKYIBFOsqyESkXVF-8HcQx2pODCJF-ZYKR8Hjp00nVGIrbBF3hKPBH0deEtp1x2wwEf-pW5jB0mOPeKkfMmp82H4GGmdwk0tmEpB_XiB2XgrmJUvzLarmrsQc72ZYIQm3C373O9vEo2IpsokD1HMho-OyxR4hRVn45nzxZjCE0mvQqyxjAnXeR7uj5x9m-MaDaJuuEH8NikN3EtIRdL0kTMto5KAAfhjTznerJTJcaGT781NhYoAKPKOMA4aT3ZwzLrLj9BHu6UvQjh3D50aYO1Uyl_88--iodmwa1UszFjvplhUZhtgZfHmwRPzpHCq1_C6HfjHHwiN5L1UOnIFfCbf5NXByOkaAuAEAYAGwYn8yLu0odD8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XOFxWqolglu45DFl0LdFdSV4S_A%26client%3Dca-pub-5768712291361172%26adurl%3D
Requested by
Host: 4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com
URL: https://4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
7a60126f3a5376218a9d7878aa033094291d30f3993594a11e865ddb434e5e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 21 Mar 2023 23:42:12 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=Nt6U3-DfD9wnlM3CTKCbEZ6Pq5zd73oQRKQ8UHpSQCgsWR8vWKZv0COwtXcunOkNTHWkGwGQx5y7M_t1sMJuiDPh3vroVXPAfToh8ciolu3KluqZ_z4EwXy32rs5b2Q7da8nAPfLNxAsMKobXKS_0H6zO5IZHK-Q9DuwbLDQdJotj2dx05FjELQ-E8Mc7Lnbn4loc_5QoclANJyxAc6PiKWz49T7_0sefB_WFJc9y9BS0gI5O7U3s7Wi6a8VTpIbF3Oz7A"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
57579038
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230320/r20110914/client/ Frame 9B13 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230320/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com
URL: https://4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:34:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
471
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Apr 2023 23:34:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230320/r20110914/client/ Frame 9B13 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230320/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com
URL: https://4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:34:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
471
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8627
x-xss-protection
0
server
cafe
etag
8620137988422272387
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 04 Apr 2023 23:34:21 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9B13 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com
URL: https://4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 22:18:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
350623
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 16 Mar 2024 22:18:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9B13 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com
URL: https://4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f154.1e100.net
Software
sffe /
Resource Hash
fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49540
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1679312138029146"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Mar 2023 23:42:12 GMT
truncated
/ Frame 9B13 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47d88dddbe18bc022dd0e047add99bc4050ffe23ee992462eada59889ff4eab1

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 4284 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZBpA0wAKCQoKK1SRAAaLazCRtVoAhHKnufx_hQ&u=%7CeU9wVE5QfOdxGAF2mfmsl9QEBRhq0pxJyghJDjd%2B2eg%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc27YizikpHZ3NBEVeSIsX0uwsCeC3op951ptRGCRbabi-ixNUdn4CCEdtTVPTwAY6FNDRolIjFhh8hP-ca0EOUGLTlhl28RwYflrsRZGwun-DTVBy5_T8G9qlTlN1XCkBDpz8eBso2_9HNC4fHYlFbfxoS09iAVL1RODGHUqFy85t88mXW5cVDB7PIbQSI5JTAqWbYrsaGRYqvnAR9SVdWrVcBGxb76mDNF8xyiZTNVKCBWBwXHlSQyXrA8ssUz3GtxqTyS7iYlgJ65fgp2RzlNu90pr_Oh9Yzlfvrax19LjkjNvkSrbMAo8rWGtvVJhvq-eggUilsK6Z615VPZdJxeLXSSh9MpIsWz_DEHk2E3554_EOFVqPurTB8Cpy4FXwtKARohAuijuJ1LcIm8Bgv_5AVPVKXhM_yMMKWu1oQOHLTcmrKNJeiw9YUruYN7tMNaocldFlGw5Xr0BOOokE2LjIJWhmuYdErftprJAy0r7hZsYVw_P32k30g6YNpFkwUyou14XvKTvD5Lv_CU24U-H_hIt50kAfUvMPi5uuEJm_JlBiyViHy4E6Bxza4pcbs2vRKD0E7EFxHRe_wyOyMxRO6jbAYj-Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6UgX00AaZIqSKJGprQHrlpqACpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTU3Njg3MTIyOTEzNjExNzLIAQmpAizS9MPEX6Y-4AIAqAMBqgSUAk_QR4W7LxdgLDzZCKYIBFOsqyESkXVF-8HcQx2pODCJF-ZYKR8Hjp00nVGIrbBF3hKPBH0deEtp1x2wwEf-pW5jB0mOPeKkfMmp82H4GGmdwk0tmEpB_XiB2XgrmJUvzLarmrsQc72ZYIQm3C373O9vEo2IpsokD1HMho-OyxR4hRVn45nzxZjCE0mvQqyxjAnXeR7uj5x9m-MaDaJuuEH8NikN3EtIRdL0kTMto5KAAfhjTznerJTJcaGT781NhYoAKPKOMA4aT3ZwzLrLj9BHu6UvQjh3D50aYO1Uyl_88--iodmwa1UszFjvplhUZhtgZfHmwRPzpHCq1_C6HfjHHwiN5L1UOnIFfCbf5NXByOkaAuAEAYAGwYn8yLu0odD8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XOFxWqolglu45DFl0LdFdSV4S_A%26client%3Dca-pub-5768712291361172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Mar 2024 23:42:13 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 4284 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZBpA0wAKCQoKK1SRAAaLazCRtVoAhHKnufx_hQ&u=%7CeU9wVE5QfOdxGAF2mfmsl9QEBRhq0pxJyghJDjd%2B2eg%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc27YizikpHZ3NBEVeSIsX0uwsCeC3op951ptRGCRbabi-ixNUdn4CCEdtTVPTwAY6FNDRolIjFhh8hP-ca0EOUGLTlhl28RwYflrsRZGwun-DTVBy5_T8G9qlTlN1XCkBDpz8eBso2_9HNC4fHYlFbfxoS09iAVL1RODGHUqFy85t88mXW5cVDB7PIbQSI5JTAqWbYrsaGRYqvnAR9SVdWrVcBGxb76mDNF8xyiZTNVKCBWBwXHlSQyXrA8ssUz3GtxqTyS7iYlgJ65fgp2RzlNu90pr_Oh9Yzlfvrax19LjkjNvkSrbMAo8rWGtvVJhvq-eggUilsK6Z615VPZdJxeLXSSh9MpIsWz_DEHk2E3554_EOFVqPurTB8Cpy4FXwtKARohAuijuJ1LcIm8Bgv_5AVPVKXhM_yMMKWu1oQOHLTcmrKNJeiw9YUruYN7tMNaocldFlGw5Xr0BOOokE2LjIJWhmuYdErftprJAy0r7hZsYVw_P32k30g6YNpFkwUyou14XvKTvD5Lv_CU24U-H_hIt50kAfUvMPi5uuEJm_JlBiyViHy4E6Bxza4pcbs2vRKD0E7EFxHRe_wyOyMxRO6jbAYj-Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6UgX00AaZIqSKJGprQHrlpqACpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTU3Njg3MTIyOTEzNjExNzLIAQmpAizS9MPEX6Y-4AIAqAMBqgSUAk_QR4W7LxdgLDzZCKYIBFOsqyESkXVF-8HcQx2pODCJF-ZYKR8Hjp00nVGIrbBF3hKPBH0deEtp1x2wwEf-pW5jB0mOPeKkfMmp82H4GGmdwk0tmEpB_XiB2XgrmJUvzLarmrsQc72ZYIQm3C373O9vEo2IpsokD1HMho-OyxR4hRVn45nzxZjCE0mvQqyxjAnXeR7uj5x9m-MaDaJuuEH8NikN3EtIRdL0kTMto5KAAfhjTznerJTJcaGT781NhYoAKPKOMA4aT3ZwzLrLj9BHu6UvQjh3D50aYO1Uyl_88--iodmwa1UszFjvplhUZhtgZfHmwRPzpHCq1_C6HfjHHwiN5L1UOnIFfCbf5NXByOkaAuAEAYAGwYn8yLu0odD8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XOFxWqolglu45DFl0LdFdSV4S_A%26client%3Dca-pub-5768712291361172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Mar 2024 23:42:13 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 4284 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZBpA0wAKCQoKK1SRAAaLazCRtVoAhHKnufx_hQ&u=%7CeU9wVE5QfOdxGAF2mfmsl9QEBRhq0pxJyghJDjd%2B2eg%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc27YizikpHZ3NBEVeSIsX0uwsCeC3op951ptRGCRbabi-ixNUdn4CCEdtTVPTwAY6FNDRolIjFhh8hP-ca0EOUGLTlhl28RwYflrsRZGwun-DTVBy5_T8G9qlTlN1XCkBDpz8eBso2_9HNC4fHYlFbfxoS09iAVL1RODGHUqFy85t88mXW5cVDB7PIbQSI5JTAqWbYrsaGRYqvnAR9SVdWrVcBGxb76mDNF8xyiZTNVKCBWBwXHlSQyXrA8ssUz3GtxqTyS7iYlgJ65fgp2RzlNu90pr_Oh9Yzlfvrax19LjkjNvkSrbMAo8rWGtvVJhvq-eggUilsK6Z615VPZdJxeLXSSh9MpIsWz_DEHk2E3554_EOFVqPurTB8Cpy4FXwtKARohAuijuJ1LcIm8Bgv_5AVPVKXhM_yMMKWu1oQOHLTcmrKNJeiw9YUruYN7tMNaocldFlGw5Xr0BOOokE2LjIJWhmuYdErftprJAy0r7hZsYVw_P32k30g6YNpFkwUyou14XvKTvD5Lv_CU24U-H_hIt50kAfUvMPi5uuEJm_JlBiyViHy4E6Bxza4pcbs2vRKD0E7EFxHRe_wyOyMxRO6jbAYj-Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6UgX00AaZIqSKJGprQHrlpqACpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTU3Njg3MTIyOTEzNjExNzLIAQmpAizS9MPEX6Y-4AIAqAMBqgSUAk_QR4W7LxdgLDzZCKYIBFOsqyESkXVF-8HcQx2pODCJF-ZYKR8Hjp00nVGIrbBF3hKPBH0deEtp1x2wwEf-pW5jB0mOPeKkfMmp82H4GGmdwk0tmEpB_XiB2XgrmJUvzLarmrsQc72ZYIQm3C373O9vEo2IpsokD1HMho-OyxR4hRVn45nzxZjCE0mvQqyxjAnXeR7uj5x9m-MaDaJuuEH8NikN3EtIRdL0kTMto5KAAfhjTznerJTJcaGT781NhYoAKPKOMA4aT3ZwzLrLj9BHu6UvQjh3D50aYO1Uyl_88--iodmwa1UszFjvplhUZhtgZfHmwRPzpHCq1_C6HfjHHwiN5L1UOnIFfCbf5NXByOkaAuAEAYAGwYn8yLu0odD8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XOFxWqolglu45DFl0LdFdSV4S_A%26client%3Dca-pub-5768712291361172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 15 Mar 2024 23:42:13 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 4284 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZBpA0wAKCQoKK1SRAAaLazCRtVoAhHKnufx_hQ&u=%7CeU9wVE5QfOdxGAF2mfmsl9QEBRhq0pxJyghJDjd%2B2eg%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc27YizikpHZ3NBEVeSIsX0uwsCeC3op951ptRGCRbabi-ixNUdn4CCEdtTVPTwAY6FNDRolIjFhh8hP-ca0EOUGLTlhl28RwYflrsRZGwun-DTVBy5_T8G9qlTlN1XCkBDpz8eBso2_9HNC4fHYlFbfxoS09iAVL1RODGHUqFy85t88mXW5cVDB7PIbQSI5JTAqWbYrsaGRYqvnAR9SVdWrVcBGxb76mDNF8xyiZTNVKCBWBwXHlSQyXrA8ssUz3GtxqTyS7iYlgJ65fgp2RzlNu90pr_Oh9Yzlfvrax19LjkjNvkSrbMAo8rWGtvVJhvq-eggUilsK6Z615VPZdJxeLXSSh9MpIsWz_DEHk2E3554_EOFVqPurTB8Cpy4FXwtKARohAuijuJ1LcIm8Bgv_5AVPVKXhM_yMMKWu1oQOHLTcmrKNJeiw9YUruYN7tMNaocldFlGw5Xr0BOOokE2LjIJWhmuYdErftprJAy0r7hZsYVw_P32k30g6YNpFkwUyou14XvKTvD5Lv_CU24U-H_hIt50kAfUvMPi5uuEJm_JlBiyViHy4E6Bxza4pcbs2vRKD0E7EFxHRe_wyOyMxRO6jbAYj-Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6UgX00AaZIqSKJGprQHrlpqACpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTU3Njg3MTIyOTEzNjExNzLIAQmpAizS9MPEX6Y-4AIAqAMBqgSUAk_QR4W7LxdgLDzZCKYIBFOsqyESkXVF-8HcQx2pODCJF-ZYKR8Hjp00nVGIrbBF3hKPBH0deEtp1x2wwEf-pW5jB0mOPeKkfMmp82H4GGmdwk0tmEpB_XiB2XgrmJUvzLarmrsQc72ZYIQm3C373O9vEo2IpsokD1HMho-OyxR4hRVn45nzxZjCE0mvQqyxjAnXeR7uj5x9m-MaDaJuuEH8NikN3EtIRdL0kTMto5KAAfhjTznerJTJcaGT781NhYoAKPKOMA4aT3ZwzLrLj9BHu6UvQjh3D50aYO1Uyl_88--iodmwa1UszFjvplhUZhtgZfHmwRPzpHCq1_C6HfjHHwiN5L1UOnIFfCbf5NXByOkaAuAEAYAGwYn8yLu0odD8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XOFxWqolglu45DFl0LdFdSV4S_A%26client%3Dca-pub-5768712291361172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 15 Mar 2024 23:42:13 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 4284 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=UuJ7y9H6E6cOeYoJBdhEUM9XSiFeaKjx45jvtsno27mm4Q9o27NXgRRqvJhVJ_zqxI8sncpQMvY_aBqnW9jBbWDerCBYyDD7As9VDVtddg0NCRRbxJncdrTszEc6rTuRYQz45d6wBapDEwERWYHHZVKcAsiamc09Rm_w-PaUPp6H2Xo2u1Lg34YhkfGf_JNTM5HRjYZ8kHL1wRlJTZ12DIjcJWnQoyFNuULO_soZ2u0FYUlK-XM9BVy3wRtG2Yk6udgl8-ft0OrYsLcTNxMKqvNQOjiBPmaARDzIEP0ptPkmF_SoiaeXbgXVUn2FlfUxXx7GiP8UMZBbDy4ExDAZJ7ib6ORZP7no7WrkGZOQYLmf4i6jl8qsB8JJEehF6wpttvx7LmmwyjQ5D7EBvlUg-hSfni6pGblAlbNN3PN9fZLqT4v6XVh6I-0oEC7ti7gGWOJWXg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZBpA0wAKCQoKK1SRAAaLazCRtVoAhHKnufx_hQ&u=%7CeU9wVE5QfOdxGAF2mfmsl9QEBRhq0pxJyghJDjd%2B2eg%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc27YizikpHZ3NBEVeSIsX0uwsCeC3op951ptRGCRbabi-ixNUdn4CCEdtTVPTwAY6FNDRolIjFhh8hP-ca0EOUGLTlhl28RwYflrsRZGwun-DTVBy5_T8G9qlTlN1XCkBDpz8eBso2_9HNC4fHYlFbfxoS09iAVL1RODGHUqFy85t88mXW5cVDB7PIbQSI5JTAqWbYrsaGRYqvnAR9SVdWrVcBGxb76mDNF8xyiZTNVKCBWBwXHlSQyXrA8ssUz3GtxqTyS7iYlgJ65fgp2RzlNu90pr_Oh9Yzlfvrax19LjkjNvkSrbMAo8rWGtvVJhvq-eggUilsK6Z615VPZdJxeLXSSh9MpIsWz_DEHk2E3554_EOFVqPurTB8Cpy4FXwtKARohAuijuJ1LcIm8Bgv_5AVPVKXhM_yMMKWu1oQOHLTcmrKNJeiw9YUruYN7tMNaocldFlGw5Xr0BOOokE2LjIJWhmuYdErftprJAy0r7hZsYVw_P32k30g6YNpFkwUyou14XvKTvD5Lv_CU24U-H_hIt50kAfUvMPi5uuEJm_JlBiyViHy4E6Bxza4pcbs2vRKD0E7EFxHRe_wyOyMxRO6jbAYj-Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6UgX00AaZIqSKJGprQHrlpqACpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTU3Njg3MTIyOTEzNjExNzLIAQmpAizS9MPEX6Y-4AIAqAMBqgSUAk_QR4W7LxdgLDzZCKYIBFOsqyESkXVF-8HcQx2pODCJF-ZYKR8Hjp00nVGIrbBF3hKPBH0deEtp1x2wwEf-pW5jB0mOPeKkfMmp82H4GGmdwk0tmEpB_XiB2XgrmJUvzLarmrsQc72ZYIQm3C373O9vEo2IpsokD1HMho-OyxR4hRVn45nzxZjCE0mvQqyxjAnXeR7uj5x9m-MaDaJuuEH8NikN3EtIRdL0kTMto5KAAfhjTznerJTJcaGT781NhYoAKPKOMA4aT3ZwzLrLj9BHu6UvQjh3D50aYO1Uyl_88--iodmwa1UszFjvplhUZhtgZfHmwRPzpHCq1_C6HfjHHwiN5L1UOnIFfCbf5NXByOkaAuAEAYAGwYn8yLu0odD8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XOFxWqolglu45DFl0LdFdSV4S_A%26client%3Dca-pub-5768712291361172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Mar 2023 23:42:13 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2621306
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 4284 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZBpA0wAKCQoKK1SRAAaLazCRtVoAhHKnufx_hQ&u=%7CeU9wVE5QfOdxGAF2mfmsl9QEBRhq0pxJyghJDjd%2B2eg%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc27YizikpHZ3NBEVeSIsX0uwsCeC3op951ptRGCRbabi-ixNUdn4CCEdtTVPTwAY6FNDRolIjFhh8hP-ca0EOUGLTlhl28RwYflrsRZGwun-DTVBy5_T8G9qlTlN1XCkBDpz8eBso2_9HNC4fHYlFbfxoS09iAVL1RODGHUqFy85t88mXW5cVDB7PIbQSI5JTAqWbYrsaGRYqvnAR9SVdWrVcBGxb76mDNF8xyiZTNVKCBWBwXHlSQyXrA8ssUz3GtxqTyS7iYlgJ65fgp2RzlNu90pr_Oh9Yzlfvrax19LjkjNvkSrbMAo8rWGtvVJhvq-eggUilsK6Z615VPZdJxeLXSSh9MpIsWz_DEHk2E3554_EOFVqPurTB8Cpy4FXwtKARohAuijuJ1LcIm8Bgv_5AVPVKXhM_yMMKWu1oQOHLTcmrKNJeiw9YUruYN7tMNaocldFlGw5Xr0BOOokE2LjIJWhmuYdErftprJAy0r7hZsYVw_P32k30g6YNpFkwUyou14XvKTvD5Lv_CU24U-H_hIt50kAfUvMPi5uuEJm_JlBiyViHy4E6Bxza4pcbs2vRKD0E7EFxHRe_wyOyMxRO6jbAYj-Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6UgX00AaZIqSKJGprQHrlpqACpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTU3Njg3MTIyOTEzNjExNzLIAQmpAizS9MPEX6Y-4AIAqAMBqgSUAk_QR4W7LxdgLDzZCKYIBFOsqyESkXVF-8HcQx2pODCJF-ZYKR8Hjp00nVGIrbBF3hKPBH0deEtp1x2wwEf-pW5jB0mOPeKkfMmp82H4GGmdwk0tmEpB_XiB2XgrmJUvzLarmrsQc72ZYIQm3C373O9vEo2IpsokD1HMho-OyxR4hRVn45nzxZjCE0mvQqyxjAnXeR7uj5x9m-MaDaJuuEH8NikN3EtIRdL0kTMto5KAAfhjTznerJTJcaGT781NhYoAKPKOMA4aT3ZwzLrLj9BHu6UvQjh3D50aYO1Uyl_88--iodmwa1UszFjvplhUZhtgZfHmwRPzpHCq1_C6HfjHHwiN5L1UOnIFfCbf5NXByOkaAuAEAYAGwYn8yLu0odD8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XOFxWqolglu45DFl0LdFdSV4S_A%26client%3Dca-pub-5768712291361172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
427646
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJrTGDLRkfabPSdhTXs1gp5KNR3bjT2YSGLlX6jwx4DtgSkp%2Bbaqs578%2FST9yU3d9byfSboJi%2F79Y9RqKigfWqK5yB8yz56j58fx71HONchMJ%2Bvh4Nne2Ts7u4MZkwic9neX%2FcAN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7aba0cd6cd58a94f-SYD
expires
Sun, 10 Mar 2024 23:42:13 GMT
animejs.js
static.criteo.net/animejs/ Frame 4284 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZBpA0wAKCQoKK1SRAAaLazCRtVoAhHKnufx_hQ&u=%7CeU9wVE5QfOdxGAF2mfmsl9QEBRhq0pxJyghJDjd%2B2eg%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc27YizikpHZ3NBEVeSIsX0uwsCeC3op951ptRGCRbabi-ixNUdn4CCEdtTVPTwAY6FNDRolIjFhh8hP-ca0EOUGLTlhl28RwYflrsRZGwun-DTVBy5_T8G9qlTlN1XCkBDpz8eBso2_9HNC4fHYlFbfxoS09iAVL1RODGHUqFy85t88mXW5cVDB7PIbQSI5JTAqWbYrsaGRYqvnAR9SVdWrVcBGxb76mDNF8xyiZTNVKCBWBwXHlSQyXrA8ssUz3GtxqTyS7iYlgJ65fgp2RzlNu90pr_Oh9Yzlfvrax19LjkjNvkSrbMAo8rWGtvVJhvq-eggUilsK6Z615VPZdJxeLXSSh9MpIsWz_DEHk2E3554_EOFVqPurTB8Cpy4FXwtKARohAuijuJ1LcIm8Bgv_5AVPVKXhM_yMMKWu1oQOHLTcmrKNJeiw9YUruYN7tMNaocldFlGw5Xr0BOOokE2LjIJWhmuYdErftprJAy0r7hZsYVw_P32k30g6YNpFkwUyou14XvKTvD5Lv_CU24U-H_hIt50kAfUvMPi5uuEJm_JlBiyViHy4E6Bxza4pcbs2vRKD0E7EFxHRe_wyOyMxRO6jbAYj-Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6UgX00AaZIqSKJGprQHrlpqACpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTU3Njg3MTIyOTEzNjExNzLIAQmpAizS9MPEX6Y-4AIAqAMBqgSUAk_QR4W7LxdgLDzZCKYIBFOsqyESkXVF-8HcQx2pODCJF-ZYKR8Hjp00nVGIrbBF3hKPBH0deEtp1x2wwEf-pW5jB0mOPeKkfMmp82H4GGmdwk0tmEpB_XiB2XgrmJUvzLarmrsQc72ZYIQm3C373O9vEo2IpsokD1HMho-OyxR4hRVn45nzxZjCE0mvQqyxjAnXeR7uj5x9m-MaDaJuuEH8NikN3EtIRdL0kTMto5KAAfhjTznerJTJcaGT781NhYoAKPKOMA4aT3ZwzLrLj9BHu6UvQjh3D50aYO1Uyl_88--iodmwa1UszFjvplhUZhtgZfHmwRPzpHCq1_C6HfjHHwiN5L1UOnIFfCbf5NXByOkaAuAEAYAGwYn8yLu0odD8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XOFxWqolglu45DFl0LdFdSV4S_A%26client%3Dca-pub-5768712291361172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Mar 2024 23:42:13 GMT
img
pix.as.criteo.net/img/ Frame 4284 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=176&m=0&partner=72675&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F72675%2F220818%2F4ab912b571b54645936e34ea957e674e_logo_all_square.png&v=3&w=256&s=zQ6F7rwMoZbZdrsyDHt3MCnH
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZBpA0wAKCQoKK1SRAAaLazCRtVoAhHKnufx_hQ&u=%7CeU9wVE5QfOdxGAF2mfmsl9QEBRhq0pxJyghJDjd%2B2eg%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc27YizikpHZ3NBEVeSIsX0uwsCeC3op951ptRGCRbabi-ixNUdn4CCEdtTVPTwAY6FNDRolIjFhh8hP-ca0EOUGLTlhl28RwYflrsRZGwun-DTVBy5_T8G9qlTlN1XCkBDpz8eBso2_9HNC4fHYlFbfxoS09iAVL1RODGHUqFy85t88mXW5cVDB7PIbQSI5JTAqWbYrsaGRYqvnAR9SVdWrVcBGxb76mDNF8xyiZTNVKCBWBwXHlSQyXrA8ssUz3GtxqTyS7iYlgJ65fgp2RzlNu90pr_Oh9Yzlfvrax19LjkjNvkSrbMAo8rWGtvVJhvq-eggUilsK6Z615VPZdJxeLXSSh9MpIsWz_DEHk2E3554_EOFVqPurTB8Cpy4FXwtKARohAuijuJ1LcIm8Bgv_5AVPVKXhM_yMMKWu1oQOHLTcmrKNJeiw9YUruYN7tMNaocldFlGw5Xr0BOOokE2LjIJWhmuYdErftprJAy0r7hZsYVw_P32k30g6YNpFkwUyou14XvKTvD5Lv_CU24U-H_hIt50kAfUvMPi5uuEJm_JlBiyViHy4E6Bxza4pcbs2vRKD0E7EFxHRe_wyOyMxRO6jbAYj-Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6UgX00AaZIqSKJGprQHrlpqACpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTU3Njg3MTIyOTEzNjExNzLIAQmpAizS9MPEX6Y-4AIAqAMBqgSUAk_QR4W7LxdgLDzZCKYIBFOsqyESkXVF-8HcQx2pODCJF-ZYKR8Hjp00nVGIrbBF3hKPBH0deEtp1x2wwEf-pW5jB0mOPeKkfMmp82H4GGmdwk0tmEpB_XiB2XgrmJUvzLarmrsQc72ZYIQm3C373O9vEo2IpsokD1HMho-OyxR4hRVn45nzxZjCE0mvQqyxjAnXeR7uj5x9m-MaDaJuuEH8NikN3EtIRdL0kTMto5KAAfhjTznerJTJcaGT781NhYoAKPKOMA4aT3ZwzLrLj9BHu6UvQjh3D50aYO1Uyl_88--iodmwa1UszFjvplhUZhtgZfHmwRPzpHCq1_C6HfjHHwiN5L1UOnIFfCbf5NXByOkaAuAEAYAGwYn8yLu0odD8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XOFxWqolglu45DFl0LdFdSV4S_A%26client%3Dca-pub-5768712291361172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
9bbb4b92876eba3c591b3fb5c5eb1ec9ea3a4440bdeed07015be8544f66f6e40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28612568
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13069
expires
Fri, 16 Feb 2024 03:38:22 GMT
img
pix.as.criteo.net/img/ Frame 4284 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72675&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0580%2F9052%2F0735%2Fproducts%2FEG-D3030-SG.png%3Fv%3D1677557429&v=3&w=400&s=NF_Vev8qSKwgtitWnGFMdtJj&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZBpA0wAKCQoKK1SRAAaLazCRtVoAhHKnufx_hQ&u=%7CeU9wVE5QfOdxGAF2mfmsl9QEBRhq0pxJyghJDjd%2B2eg%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc27YizikpHZ3NBEVeSIsX0uwsCeC3op951ptRGCRbabi-ixNUdn4CCEdtTVPTwAY6FNDRolIjFhh8hP-ca0EOUGLTlhl28RwYflrsRZGwun-DTVBy5_T8G9qlTlN1XCkBDpz8eBso2_9HNC4fHYlFbfxoS09iAVL1RODGHUqFy85t88mXW5cVDB7PIbQSI5JTAqWbYrsaGRYqvnAR9SVdWrVcBGxb76mDNF8xyiZTNVKCBWBwXHlSQyXrA8ssUz3GtxqTyS7iYlgJ65fgp2RzlNu90pr_Oh9Yzlfvrax19LjkjNvkSrbMAo8rWGtvVJhvq-eggUilsK6Z615VPZdJxeLXSSh9MpIsWz_DEHk2E3554_EOFVqPurTB8Cpy4FXwtKARohAuijuJ1LcIm8Bgv_5AVPVKXhM_yMMKWu1oQOHLTcmrKNJeiw9YUruYN7tMNaocldFlGw5Xr0BOOokE2LjIJWhmuYdErftprJAy0r7hZsYVw_P32k30g6YNpFkwUyou14XvKTvD5Lv_CU24U-H_hIt50kAfUvMPi5uuEJm_JlBiyViHy4E6Bxza4pcbs2vRKD0E7EFxHRe_wyOyMxRO6jbAYj-Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6UgX00AaZIqSKJGprQHrlpqACpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTU3Njg3MTIyOTEzNjExNzLIAQmpAizS9MPEX6Y-4AIAqAMBqgSUAk_QR4W7LxdgLDzZCKYIBFOsqyESkXVF-8HcQx2pODCJF-ZYKR8Hjp00nVGIrbBF3hKPBH0deEtp1x2wwEf-pW5jB0mOPeKkfMmp82H4GGmdwk0tmEpB_XiB2XgrmJUvzLarmrsQc72ZYIQm3C373O9vEo2IpsokD1HMho-OyxR4hRVn45nzxZjCE0mvQqyxjAnXeR7uj5x9m-MaDaJuuEH8NikN3EtIRdL0kTMto5KAAfhjTznerJTJcaGT781NhYoAKPKOMA4aT3ZwzLrLj9BHu6UvQjh3D50aYO1Uyl_88--iodmwa1UszFjvplhUZhtgZfHmwRPzpHCq1_C6HfjHHwiN5L1UOnIFfCbf5NXByOkaAuAEAYAGwYn8yLu0odD8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XOFxWqolglu45DFl0LdFdSV4S_A%26client%3Dca-pub-5768712291361172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
703ea003a4eae28b4afbfefdc57d2c7bfd6320da0cbbba9530382782b67488e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29723571
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8688
expires
Thu, 29 Feb 2024 00:15:05 GMT
img
pix.as.criteo.net/img/ Frame 4284 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72675&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0580%2F9052%2F0735%2Fproducts%2FESTM-3023-SC.png%3Fv%3D1677558950&v=3&w=400&s=VJ4uq3l9D5dHbzwsJU2V8Pbg&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZBpA0wAKCQoKK1SRAAaLazCRtVoAhHKnufx_hQ&u=%7CeU9wVE5QfOdxGAF2mfmsl9QEBRhq0pxJyghJDjd%2B2eg%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc27YizikpHZ3NBEVeSIsX0uwsCeC3op951ptRGCRbabi-ixNUdn4CCEdtTVPTwAY6FNDRolIjFhh8hP-ca0EOUGLTlhl28RwYflrsRZGwun-DTVBy5_T8G9qlTlN1XCkBDpz8eBso2_9HNC4fHYlFbfxoS09iAVL1RODGHUqFy85t88mXW5cVDB7PIbQSI5JTAqWbYrsaGRYqvnAR9SVdWrVcBGxb76mDNF8xyiZTNVKCBWBwXHlSQyXrA8ssUz3GtxqTyS7iYlgJ65fgp2RzlNu90pr_Oh9Yzlfvrax19LjkjNvkSrbMAo8rWGtvVJhvq-eggUilsK6Z615VPZdJxeLXSSh9MpIsWz_DEHk2E3554_EOFVqPurTB8Cpy4FXwtKARohAuijuJ1LcIm8Bgv_5AVPVKXhM_yMMKWu1oQOHLTcmrKNJeiw9YUruYN7tMNaocldFlGw5Xr0BOOokE2LjIJWhmuYdErftprJAy0r7hZsYVw_P32k30g6YNpFkwUyou14XvKTvD5Lv_CU24U-H_hIt50kAfUvMPi5uuEJm_JlBiyViHy4E6Bxza4pcbs2vRKD0E7EFxHRe_wyOyMxRO6jbAYj-Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6UgX00AaZIqSKJGprQHrlpqACpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTU3Njg3MTIyOTEzNjExNzLIAQmpAizS9MPEX6Y-4AIAqAMBqgSUAk_QR4W7LxdgLDzZCKYIBFOsqyESkXVF-8HcQx2pODCJF-ZYKR8Hjp00nVGIrbBF3hKPBH0deEtp1x2wwEf-pW5jB0mOPeKkfMmp82H4GGmdwk0tmEpB_XiB2XgrmJUvzLarmrsQc72ZYIQm3C373O9vEo2IpsokD1HMho-OyxR4hRVn45nzxZjCE0mvQqyxjAnXeR7uj5x9m-MaDaJuuEH8NikN3EtIRdL0kTMto5KAAfhjTznerJTJcaGT781NhYoAKPKOMA4aT3ZwzLrLj9BHu6UvQjh3D50aYO1Uyl_88--iodmwa1UszFjvplhUZhtgZfHmwRPzpHCq1_C6HfjHHwiN5L1UOnIFfCbf5NXByOkaAuAEAYAGwYn8yLu0odD8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XOFxWqolglu45DFl0LdFdSV4S_A%26client%3Dca-pub-5768712291361172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
0b6dc48edd771a983089c3459ff18682e585d02d861dda98fda5cb497e3104ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29723487
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11464
expires
Thu, 29 Feb 2024 00:13:41 GMT
img
pix.as.criteo.net/img/ Frame 4284 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72675&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0580%2F9052%2F0735%2Fproducts%2FEG-D3023-MG_df867fb9-3131-459c-bf98-8ce0500b26db.png%3Fv%3D1677557388&v=3&w=400&s=ZJNsgUjagJPUDv7_zRGpTgCZ&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZBpA0wAKCQoKK1SRAAaLazCRtVoAhHKnufx_hQ&u=%7CeU9wVE5QfOdxGAF2mfmsl9QEBRhq0pxJyghJDjd%2B2eg%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc27YizikpHZ3NBEVeSIsX0uwsCeC3op951ptRGCRbabi-ixNUdn4CCEdtTVPTwAY6FNDRolIjFhh8hP-ca0EOUGLTlhl28RwYflrsRZGwun-DTVBy5_T8G9qlTlN1XCkBDpz8eBso2_9HNC4fHYlFbfxoS09iAVL1RODGHUqFy85t88mXW5cVDB7PIbQSI5JTAqWbYrsaGRYqvnAR9SVdWrVcBGxb76mDNF8xyiZTNVKCBWBwXHlSQyXrA8ssUz3GtxqTyS7iYlgJ65fgp2RzlNu90pr_Oh9Yzlfvrax19LjkjNvkSrbMAo8rWGtvVJhvq-eggUilsK6Z615VPZdJxeLXSSh9MpIsWz_DEHk2E3554_EOFVqPurTB8Cpy4FXwtKARohAuijuJ1LcIm8Bgv_5AVPVKXhM_yMMKWu1oQOHLTcmrKNJeiw9YUruYN7tMNaocldFlGw5Xr0BOOokE2LjIJWhmuYdErftprJAy0r7hZsYVw_P32k30g6YNpFkwUyou14XvKTvD5Lv_CU24U-H_hIt50kAfUvMPi5uuEJm_JlBiyViHy4E6Bxza4pcbs2vRKD0E7EFxHRe_wyOyMxRO6jbAYj-Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6UgX00AaZIqSKJGprQHrlpqACpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTU3Njg3MTIyOTEzNjExNzLIAQmpAizS9MPEX6Y-4AIAqAMBqgSUAk_QR4W7LxdgLDzZCKYIBFOsqyESkXVF-8HcQx2pODCJF-ZYKR8Hjp00nVGIrbBF3hKPBH0deEtp1x2wwEf-pW5jB0mOPeKkfMmp82H4GGmdwk0tmEpB_XiB2XgrmJUvzLarmrsQc72ZYIQm3C373O9vEo2IpsokD1HMho-OyxR4hRVn45nzxZjCE0mvQqyxjAnXeR7uj5x9m-MaDaJuuEH8NikN3EtIRdL0kTMto5KAAfhjTznerJTJcaGT781NhYoAKPKOMA4aT3ZwzLrLj9BHu6UvQjh3D50aYO1Uyl_88--iodmwa1UszFjvplhUZhtgZfHmwRPzpHCq1_C6HfjHHwiN5L1UOnIFfCbf5NXByOkaAuAEAYAGwYn8yLu0odD8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XOFxWqolglu45DFl0LdFdSV4S_A%26client%3Dca-pub-5768712291361172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
646f23ecee620c93d0858750283dedc632c1c38c29d7ef5d6fb42b439b35ed47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29723574
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8398
expires
Thu, 29 Feb 2024 00:15:08 GMT
img
pix.as.criteo.net/img/ Frame 4284 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72675&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0580%2F9052%2F0735%2Fproducts%2FEGAR-6030-MM.png%3Fv%3D1677558395&v=3&w=400&s=brvf7Sepq8xF31dHWAYGUwwM&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZBpA0wAKCQoKK1SRAAaLazCRtVoAhHKnufx_hQ&u=%7CeU9wVE5QfOdxGAF2mfmsl9QEBRhq0pxJyghJDjd%2B2eg%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc27YizikpHZ3NBEVeSIsX0uwsCeC3op951ptRGCRbabi-ixNUdn4CCEdtTVPTwAY6FNDRolIjFhh8hP-ca0EOUGLTlhl28RwYflrsRZGwun-DTVBy5_T8G9qlTlN1XCkBDpz8eBso2_9HNC4fHYlFbfxoS09iAVL1RODGHUqFy85t88mXW5cVDB7PIbQSI5JTAqWbYrsaGRYqvnAR9SVdWrVcBGxb76mDNF8xyiZTNVKCBWBwXHlSQyXrA8ssUz3GtxqTyS7iYlgJ65fgp2RzlNu90pr_Oh9Yzlfvrax19LjkjNvkSrbMAo8rWGtvVJhvq-eggUilsK6Z615VPZdJxeLXSSh9MpIsWz_DEHk2E3554_EOFVqPurTB8Cpy4FXwtKARohAuijuJ1LcIm8Bgv_5AVPVKXhM_yMMKWu1oQOHLTcmrKNJeiw9YUruYN7tMNaocldFlGw5Xr0BOOokE2LjIJWhmuYdErftprJAy0r7hZsYVw_P32k30g6YNpFkwUyou14XvKTvD5Lv_CU24U-H_hIt50kAfUvMPi5uuEJm_JlBiyViHy4E6Bxza4pcbs2vRKD0E7EFxHRe_wyOyMxRO6jbAYj-Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6UgX00AaZIqSKJGprQHrlpqACpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTU3Njg3MTIyOTEzNjExNzLIAQmpAizS9MPEX6Y-4AIAqAMBqgSUAk_QR4W7LxdgLDzZCKYIBFOsqyESkXVF-8HcQx2pODCJF-ZYKR8Hjp00nVGIrbBF3hKPBH0deEtp1x2wwEf-pW5jB0mOPeKkfMmp82H4GGmdwk0tmEpB_XiB2XgrmJUvzLarmrsQc72ZYIQm3C373O9vEo2IpsokD1HMho-OyxR4hRVn45nzxZjCE0mvQqyxjAnXeR7uj5x9m-MaDaJuuEH8NikN3EtIRdL0kTMto5KAAfhjTznerJTJcaGT781NhYoAKPKOMA4aT3ZwzLrLj9BHu6UvQjh3D50aYO1Uyl_88--iodmwa1UszFjvplhUZhtgZfHmwRPzpHCq1_C6HfjHHwiN5L1UOnIFfCbf5NXByOkaAuAEAYAGwYn8yLu0odD8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XOFxWqolglu45DFl0LdFdSV4S_A%26client%3Dca-pub-5768712291361172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e33cfbdd941b8ff4902d7b24cd21c53f31375b1da63a6a12edcf5cfad44b1b59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29723491
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11298
expires
Thu, 29 Feb 2024 00:13:45 GMT
img
pix.as.criteo.net/img/ Frame 4284 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72675&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0580%2F9052%2F0735%2Fproducts%2FENSL-S2308-SC.png%3Fv%3D1677558485&v=3&w=400&s=Ontvhd-8TC9KWRk0YsQQRyrc&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZBpA0wAKCQoKK1SRAAaLazCRtVoAhHKnufx_hQ&u=%7CeU9wVE5QfOdxGAF2mfmsl9QEBRhq0pxJyghJDjd%2B2eg%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc27YizikpHZ3NBEVeSIsX0uwsCeC3op951ptRGCRbabi-ixNUdn4CCEdtTVPTwAY6FNDRolIjFhh8hP-ca0EOUGLTlhl28RwYflrsRZGwun-DTVBy5_T8G9qlTlN1XCkBDpz8eBso2_9HNC4fHYlFbfxoS09iAVL1RODGHUqFy85t88mXW5cVDB7PIbQSI5JTAqWbYrsaGRYqvnAR9SVdWrVcBGxb76mDNF8xyiZTNVKCBWBwXHlSQyXrA8ssUz3GtxqTyS7iYlgJ65fgp2RzlNu90pr_Oh9Yzlfvrax19LjkjNvkSrbMAo8rWGtvVJhvq-eggUilsK6Z615VPZdJxeLXSSh9MpIsWz_DEHk2E3554_EOFVqPurTB8Cpy4FXwtKARohAuijuJ1LcIm8Bgv_5AVPVKXhM_yMMKWu1oQOHLTcmrKNJeiw9YUruYN7tMNaocldFlGw5Xr0BOOokE2LjIJWhmuYdErftprJAy0r7hZsYVw_P32k30g6YNpFkwUyou14XvKTvD5Lv_CU24U-H_hIt50kAfUvMPi5uuEJm_JlBiyViHy4E6Bxza4pcbs2vRKD0E7EFxHRe_wyOyMxRO6jbAYj-Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6UgX00AaZIqSKJGprQHrlpqACpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTU3Njg3MTIyOTEzNjExNzLIAQmpAizS9MPEX6Y-4AIAqAMBqgSUAk_QR4W7LxdgLDzZCKYIBFOsqyESkXVF-8HcQx2pODCJF-ZYKR8Hjp00nVGIrbBF3hKPBH0deEtp1x2wwEf-pW5jB0mOPeKkfMmp82H4GGmdwk0tmEpB_XiB2XgrmJUvzLarmrsQc72ZYIQm3C373O9vEo2IpsokD1HMho-OyxR4hRVn45nzxZjCE0mvQqyxjAnXeR7uj5x9m-MaDaJuuEH8NikN3EtIRdL0kTMto5KAAfhjTznerJTJcaGT781NhYoAKPKOMA4aT3ZwzLrLj9BHu6UvQjh3D50aYO1Uyl_88--iodmwa1UszFjvplhUZhtgZfHmwRPzpHCq1_C6HfjHHwiN5L1UOnIFfCbf5NXByOkaAuAEAYAGwYn8yLu0odD8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XOFxWqolglu45DFl0LdFdSV4S_A%26client%3Dca-pub-5768712291361172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
12901bf713eabb68cf4724664b9904ca00a69ff57692c4de0f80fb43ba8fc66f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29723493
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7550
expires
Thu, 29 Feb 2024 00:13:47 GMT
img
pix.as.criteo.net/img/ Frame 4284 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=72675&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0580%2F9052%2F0735%2Fproducts%2FET-D4523-AG.png%3Fv%3D1659292158&v=3&w=400&s=f80Vhd_nxi0GUGYutYvtis_y&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZBpA0wAKCQoKK1SRAAaLazCRtVoAhHKnufx_hQ&u=%7CeU9wVE5QfOdxGAF2mfmsl9QEBRhq0pxJyghJDjd%2B2eg%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc27YizikpHZ3NBEVeSIsX0uwsCeC3op951ptRGCRbabi-ixNUdn4CCEdtTVPTwAY6FNDRolIjFhh8hP-ca0EOUGLTlhl28RwYflrsRZGwun-DTVBy5_T8G9qlTlN1XCkBDpz8eBso2_9HNC4fHYlFbfxoS09iAVL1RODGHUqFy85t88mXW5cVDB7PIbQSI5JTAqWbYrsaGRYqvnAR9SVdWrVcBGxb76mDNF8xyiZTNVKCBWBwXHlSQyXrA8ssUz3GtxqTyS7iYlgJ65fgp2RzlNu90pr_Oh9Yzlfvrax19LjkjNvkSrbMAo8rWGtvVJhvq-eggUilsK6Z615VPZdJxeLXSSh9MpIsWz_DEHk2E3554_EOFVqPurTB8Cpy4FXwtKARohAuijuJ1LcIm8Bgv_5AVPVKXhM_yMMKWu1oQOHLTcmrKNJeiw9YUruYN7tMNaocldFlGw5Xr0BOOokE2LjIJWhmuYdErftprJAy0r7hZsYVw_P32k30g6YNpFkwUyou14XvKTvD5Lv_CU24U-H_hIt50kAfUvMPi5uuEJm_JlBiyViHy4E6Bxza4pcbs2vRKD0E7EFxHRe_wyOyMxRO6jbAYj-Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6UgX00AaZIqSKJGprQHrlpqACpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTU3Njg3MTIyOTEzNjExNzLIAQmpAizS9MPEX6Y-4AIAqAMBqgSUAk_QR4W7LxdgLDzZCKYIBFOsqyESkXVF-8HcQx2pODCJF-ZYKR8Hjp00nVGIrbBF3hKPBH0deEtp1x2wwEf-pW5jB0mOPeKkfMmp82H4GGmdwk0tmEpB_XiB2XgrmJUvzLarmrsQc72ZYIQm3C373O9vEo2IpsokD1HMho-OyxR4hRVn45nzxZjCE0mvQqyxjAnXeR7uj5x9m-MaDaJuuEH8NikN3EtIRdL0kTMto5KAAfhjTznerJTJcaGT781NhYoAKPKOMA4aT3ZwzLrLj9BHu6UvQjh3D50aYO1Uyl_88--iodmwa1UszFjvplhUZhtgZfHmwRPzpHCq1_C6HfjHHwiN5L1UOnIFfCbf5NXByOkaAuAEAYAGwYn8yLu0odD8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XOFxWqolglu45DFl0LdFdSV4S_A%26client%3Dca-pub-5768712291361172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
b85697f87fa4b245d39bf725e3cd494f2b30feb15b6bb23bc1f9f80b17cd6b2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:13 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29032359
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8792
expires
Wed, 21 Feb 2024 00:14:53 GMT
all
csm.as.criteo.net/ Frame 4284 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=Nt6U3-DfD9wnlM3CTKCbEZ6Pq5zd73oQRKQ8UHpSQCgsWR8vWKZv0COwtXcunOkNTHWkGwGQx5y7M_t1sMJuiDPh3vroVXPAfToh8ciolu3KluqZ_z4EwXy32rs5b2Q7da8nAPfLNxAsMKobXKS_0H6zO5IZHK-Q9DuwbLDQdJotj2dx05FjELQ-E8Mc7Lnbn4loc_5QoclANJyxAc6PiKWz49T7_0sefB_WFJc9y9BS0gI5O7U3s7Wi6a8VTpIbF3Oz7A&sds=2&rev=85392&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZBpA0wAKCQoKK1SRAAaLazCRtVoAhHKnufx_hQ&u=%7CeU9wVE5QfOdxGAF2mfmsl9QEBRhq0pxJyghJDjd%2B2eg%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc27YizikpHZ3NBEVeSIsX0uwsCeC3op951ptRGCRbabi-ixNUdn4CCEdtTVPTwAY6FNDRolIjFhh8hP-ca0EOUGLTlhl28RwYflrsRZGwun-DTVBy5_T8G9qlTlN1XCkBDpz8eBso2_9HNC4fHYlFbfxoS09iAVL1RODGHUqFy85t88mXW5cVDB7PIbQSI5JTAqWbYrsaGRYqvnAR9SVdWrVcBGxb76mDNF8xyiZTNVKCBWBwXHlSQyXrA8ssUz3GtxqTyS7iYlgJ65fgp2RzlNu90pr_Oh9Yzlfvrax19LjkjNvkSrbMAo8rWGtvVJhvq-eggUilsK6Z615VPZdJxeLXSSh9MpIsWz_DEHk2E3554_EOFVqPurTB8Cpy4FXwtKARohAuijuJ1LcIm8Bgv_5AVPVKXhM_yMMKWu1oQOHLTcmrKNJeiw9YUruYN7tMNaocldFlGw5Xr0BOOokE2LjIJWhmuYdErftprJAy0r7hZsYVw_P32k30g6YNpFkwUyou14XvKTvD5Lv_CU24U-H_hIt50kAfUvMPi5uuEJm_JlBiyViHy4E6Bxza4pcbs2vRKD0E7EFxHRe_wyOyMxRO6jbAYj-Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6UgX00AaZIqSKJGprQHrlpqACpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTU3Njg3MTIyOTEzNjExNzLIAQmpAizS9MPEX6Y-4AIAqAMBqgSUAk_QR4W7LxdgLDzZCKYIBFOsqyESkXVF-8HcQx2pODCJF-ZYKR8Hjp00nVGIrbBF3hKPBH0deEtp1x2wwEf-pW5jB0mOPeKkfMmp82H4GGmdwk0tmEpB_XiB2XgrmJUvzLarmrsQc72ZYIQm3C373O9vEo2IpsokD1HMho-OyxR4hRVn45nzxZjCE0mvQqyxjAnXeR7uj5x9m-MaDaJuuEH8NikN3EtIRdL0kTMto5KAAfhjTznerJTJcaGT781NhYoAKPKOMA4aT3ZwzLrLj9BHu6UvQjh3D50aYO1Uyl_88--iodmwa1UszFjvplhUZhtgZfHmwRPzpHCq1_C6HfjHHwiN5L1UOnIFfCbf5NXByOkaAuAEAYAGwYn8yLu0odD8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XOFxWqolglu45DFl0LdFdSV4S_A%26client%3Dca-pub-5768712291361172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 21 Mar 2023 23:42:13 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4284 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZBpA0wAKCQoKK1SRAAaLazCRtVoAhHKnufx_hQ&u=%7CeU9wVE5QfOdxGAF2mfmsl9QEBRhq0pxJyghJDjd%2B2eg%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc27YizikpHZ3NBEVeSIsX0uwsCeC3op951ptRGCRbabi-ixNUdn4CCEdtTVPTwAY6FNDRolIjFhh8hP-ca0EOUGLTlhl28RwYflrsRZGwun-DTVBy5_T8G9qlTlN1XCkBDpz8eBso2_9HNC4fHYlFbfxoS09iAVL1RODGHUqFy85t88mXW5cVDB7PIbQSI5JTAqWbYrsaGRYqvnAR9SVdWrVcBGxb76mDNF8xyiZTNVKCBWBwXHlSQyXrA8ssUz3GtxqTyS7iYlgJ65fgp2RzlNu90pr_Oh9Yzlfvrax19LjkjNvkSrbMAo8rWGtvVJhvq-eggUilsK6Z615VPZdJxeLXSSh9MpIsWz_DEHk2E3554_EOFVqPurTB8Cpy4FXwtKARohAuijuJ1LcIm8Bgv_5AVPVKXhM_yMMKWu1oQOHLTcmrKNJeiw9YUruYN7tMNaocldFlGw5Xr0BOOokE2LjIJWhmuYdErftprJAy0r7hZsYVw_P32k30g6YNpFkwUyou14XvKTvD5Lv_CU24U-H_hIt50kAfUvMPi5uuEJm_JlBiyViHy4E6Bxza4pcbs2vRKD0E7EFxHRe_wyOyMxRO6jbAYj-Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6UgX00AaZIqSKJGprQHrlpqACpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTU3Njg3MTIyOTEzNjExNzLIAQmpAizS9MPEX6Y-4AIAqAMBqgSUAk_QR4W7LxdgLDzZCKYIBFOsqyESkXVF-8HcQx2pODCJF-ZYKR8Hjp00nVGIrbBF3hKPBH0deEtp1x2wwEf-pW5jB0mOPeKkfMmp82H4GGmdwk0tmEpB_XiB2XgrmJUvzLarmrsQc72ZYIQm3C373O9vEo2IpsokD1HMho-OyxR4hRVn45nzxZjCE0mvQqyxjAnXeR7uj5x9m-MaDaJuuEH8NikN3EtIRdL0kTMto5KAAfhjTznerJTJcaGT781NhYoAKPKOMA4aT3ZwzLrLj9BHu6UvQjh3D50aYO1Uyl_88--iodmwa1UszFjvplhUZhtgZfHmwRPzpHCq1_C6HfjHHwiN5L1UOnIFfCbf5NXByOkaAuAEAYAGwYn8yLu0odD8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XOFxWqolglu45DFl0LdFdSV4S_A%26client%3Dca-pub-5768712291361172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Mar 2024 23:42:13 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 4284 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZBpA0wAKCQoKK1SRAAaLazCRtVoAhHKnufx_hQ&u=%7CeU9wVE5QfOdxGAF2mfmsl9QEBRhq0pxJyghJDjd%2B2eg%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc27YizikpHZ3NBEVeSIsX0uwsCeC3op951ptRGCRbabi-ixNUdn4CCEdtTVPTwAY6FNDRolIjFhh8hP-ca0EOUGLTlhl28RwYflrsRZGwun-DTVBy5_T8G9qlTlN1XCkBDpz8eBso2_9HNC4fHYlFbfxoS09iAVL1RODGHUqFy85t88mXW5cVDB7PIbQSI5JTAqWbYrsaGRYqvnAR9SVdWrVcBGxb76mDNF8xyiZTNVKCBWBwXHlSQyXrA8ssUz3GtxqTyS7iYlgJ65fgp2RzlNu90pr_Oh9Yzlfvrax19LjkjNvkSrbMAo8rWGtvVJhvq-eggUilsK6Z615VPZdJxeLXSSh9MpIsWz_DEHk2E3554_EOFVqPurTB8Cpy4FXwtKARohAuijuJ1LcIm8Bgv_5AVPVKXhM_yMMKWu1oQOHLTcmrKNJeiw9YUruYN7tMNaocldFlGw5Xr0BOOokE2LjIJWhmuYdErftprJAy0r7hZsYVw_P32k30g6YNpFkwUyou14XvKTvD5Lv_CU24U-H_hIt50kAfUvMPi5uuEJm_JlBiyViHy4E6Bxza4pcbs2vRKD0E7EFxHRe_wyOyMxRO6jbAYj-Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6UgX00AaZIqSKJGprQHrlpqACpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTU3Njg3MTIyOTEzNjExNzLIAQmpAizS9MPEX6Y-4AIAqAMBqgSUAk_QR4W7LxdgLDzZCKYIBFOsqyESkXVF-8HcQx2pODCJF-ZYKR8Hjp00nVGIrbBF3hKPBH0deEtp1x2wwEf-pW5jB0mOPeKkfMmp82H4GGmdwk0tmEpB_XiB2XgrmJUvzLarmrsQc72ZYIQm3C373O9vEo2IpsokD1HMho-OyxR4hRVn45nzxZjCE0mvQqyxjAnXeR7uj5x9m-MaDaJuuEH8NikN3EtIRdL0kTMto5KAAfhjTznerJTJcaGT781NhYoAKPKOMA4aT3ZwzLrLj9BHu6UvQjh3D50aYO1Uyl_88--iodmwa1UszFjvplhUZhtgZfHmwRPzpHCq1_C6HfjHHwiN5L1UOnIFfCbf5NXByOkaAuAEAYAGwYn8yLu0odD8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XOFxWqolglu45DFl0LdFdSV4S_A%26client%3Dca-pub-5768712291361172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Mar 2024 23:42:13 GMT
roboto-700.css
static.criteo.net/design/googlefont/roboto/ Frame 4284 		2 KB
841 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13d-807"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Mar 2024 23:42:13 GMT
roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame 4284 		2 KB
842 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-807"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Mar 2024 23:42:13 GMT
roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 4284 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-3d80"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Mar 2024 23:42:14 GMT
roboto-700-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 4284 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13d-3df4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Mar 2024 23:42:14 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9B13 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJenskBZ0FlIfhWaY1JMGwBzeGis3MRBNhttiajreMYN2DmhDvCzLRM8KPAwAElrM20udKLX0w9ZZ6_Y0ltevzSit6&sig=Cg0ArKJSzHZtP5V1req2EAE&id=lidar2&mcvt=1000&p=26,538,116,1266&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=537333458&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679442132217&rpt=880&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Mar 2023 23:42:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame 4284 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=Nt6U3-DfD9wnlM3CTKCbEZ6Pq5zd73oQRKQ8UHpSQCgsWR8vWKZv0COwtXcunOkNTHWkGwGQx5y7M_t1sMJuiDPh3vroVXPAfToh8ciolu3KluqZ_z4EwXy32rs5b2Q7da8nAPfLNxAsMKobXKS_0H6zO5IZHK-Q9DuwbLDQdJotj2dx05FjELQ-E8Mc7Lnbn4loc_5QoclANJyxAc6PiKWz49T7_0sefB_WFJc9y9BS0gI5O7U3s7Wi6a8VTpIbF3Oz7A&sds=2&rev=85392&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=ZBpA0wAKCQoKK1SRAAaLazCRtVoAhHKnufx_hQ&u=%7CeU9wVE5QfOdxGAF2mfmsl9QEBRhq0pxJyghJDjd%2B2eg%3D%7C&c1=2P_wVlUbBFsw5yK-nUdqc27YizikpHZ3NBEVeSIsX0uwsCeC3op951ptRGCRbabi-ixNUdn4CCEdtTVPTwAY6FNDRolIjFhh8hP-ca0EOUGLTlhl28RwYflrsRZGwun-DTVBy5_T8G9qlTlN1XCkBDpz8eBso2_9HNC4fHYlFbfxoS09iAVL1RODGHUqFy85t88mXW5cVDB7PIbQSI5JTAqWbYrsaGRYqvnAR9SVdWrVcBGxb76mDNF8xyiZTNVKCBWBwXHlSQyXrA8ssUz3GtxqTyS7iYlgJ65fgp2RzlNu90pr_Oh9Yzlfvrax19LjkjNvkSrbMAo8rWGtvVJhvq-eggUilsK6Z615VPZdJxeLXSSh9MpIsWz_DEHk2E3554_EOFVqPurTB8Cpy4FXwtKARohAuijuJ1LcIm8Bgv_5AVPVKXhM_yMMKWu1oQOHLTcmrKNJeiw9YUruYN7tMNaocldFlGw5Xr0BOOokE2LjIJWhmuYdErftprJAy0r7hZsYVw_P32k30g6YNpFkwUyou14XvKTvD5Lv_CU24U-H_hIt50kAfUvMPi5uuEJm_JlBiyViHy4E6Bxza4pcbs2vRKD0E7EFxHRe_wyOyMxRO6jbAYj-Jw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6UgX00AaZIqSKJGprQHrlpqACpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTU3Njg3MTIyOTEzNjExNzLIAQmpAizS9MPEX6Y-4AIAqAMBqgSUAk_QR4W7LxdgLDzZCKYIBFOsqyESkXVF-8HcQx2pODCJF-ZYKR8Hjp00nVGIrbBF3hKPBH0deEtp1x2wwEf-pW5jB0mOPeKkfMmp82H4GGmdwk0tmEpB_XiB2XgrmJUvzLarmrsQc72ZYIQm3C373O9vEo2IpsokD1HMho-OyxR4hRVn45nzxZjCE0mvQqyxjAnXeR7uj5x9m-MaDaJuuEH8NikN3EtIRdL0kTMto5KAAfhjTznerJTJcaGT781NhYoAKPKOMA4aT3ZwzLrLj9BHu6UvQjh3D50aYO1Uyl_88--iodmwa1UszFjvplhUZhtgZfHmwRPzpHCq1_C6HfjHHwiN5L1UOnIFfCbf5NXByOkaAuAEAYAGwYn8yLu0odD8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2XOFxWqolglu45DFl0LdFdSV4S_A%26client%3Dca-pub-5768712291361172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 21 Mar 2023 23:42:14 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023031601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
f9994dfcaaed1413d4a1e783ab4b43dc0d1a81821fa3d143fbe25706cea8eaf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11131
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1566331510&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.megamillions.com%2F&ul=en-us&de=UTF-8&dt=Mega%20Millions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=Percentage&el=25%25&_u=aAjAAAABAAAAAC~&jid=&gjid=&cid=1429621440.1679442132&tid=UA-130954248-1&_gid=2046604907.1679442132&gtm=45He33k0n815G7656B&z=26413322
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.101 Nashville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Mar 2023 13:20:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
37323
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1566331510&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.megamillions.com%2F&ul=en-us&de=UTF-8&dt=Mega%20Millions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=Percentage&el=50%25&_u=aAjAAAABAAAAAC~&jid=&gjid=&cid=1429621440.1679442132&tid=UA-130954248-1&_gid=2046604907.1679442132&gtm=45He33k0n815G7656B&z=1523810873
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.101 Nashville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Mar 2023 13:20:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
37323
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1566331510&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.megamillions.com%2F&ul=en-us&de=UTF-8&dt=Mega%20Millions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=Percentage&el=75%25&_u=aAjAAAABAAAAAC~&jid=&gjid=&cid=1429621440.1679442132&tid=UA-130954248-1&_gid=2046604907.1679442132&gtm=45He33k0n815G7656B&z=1985854309
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.101 Nashville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f101.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Mar 2023 13:20:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
37323
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 21 Mar 2023 23:42:15 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 63A1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.megamillions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
354741
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 21:09:54 GMT
expires
Sat, 16 Mar 2024 21:09:54 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AB81 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f106.1e100.net
Software
GSE /
Resource Hash
07d1d703338489446f14af6cf69233ec7b8eed377ee00ecae6e49c8bc11a9e70
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HGb-IyGXKTAQyU18tsySAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.megamillions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-HGb-IyGXKTAQyU18tsySAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 21 Mar 2023 23:42:15 GMT
expires
Tue, 21 Mar 2023 23:42:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js
pagead2.googlesyndication.com/bg/ Frame 63A1 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KyjXC9Dx9uMdK4CVFqApFSHrXMqYgfemPqOIhuZsvtM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
sffe /
Resource Hash
2b28d70bd0f1f6e31d2b809516a0291521eb5cca9881f7a63ea38886e66cbed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 18:02:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
538777
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14123
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Mar 2024 18:02:38 GMT
generate_204
tpc.googlesyndication.com/ Frame 63A1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?X7FYAg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 23:42:15 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame AB81 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023031601&jk=1517477482301788&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023031601&jk=1517477482301788&bg=!mpmlmc3NAAZEjmHWZI47ADkAdvg8Wmlonra6c_wEQa588QXDcFRiJi0FUtTzko6-OIRDpbjMY4puLOlb4K-Tjvzxs7far2HZrJYCAAAASlIAAAACaAEHCgAE_FHedpkCr25CLM-52fCcS-SXAB9ZhUxeRLBtnDSRmVobu7Jz9q5A6aZ8lIp2BKyYX5SBzVCPuUNcKe7WU1cmjJDQ-GBBDpLN9sajauB-SRSmeRU6V_ejd9t3PEHw6c5Ni-ktcNxN7uVFGUtoCqfLf93XeoYADZIibBsfEacRAT1r4ud_vCEcw4zrkmhcniYHvHhDmu4DF5WpcOQyjUWQEAK3hvF2cwjlN8PDeoPANuliDi9GPdBhBDXqPX4vErigJ6o4qaTJJINxP6ZkMwwnEA7GxLb5Fn9bhgaQRULgOagNu58ke8ytBk7nAg7xNmC0VntegKGTfb3xgtZdfCrbHdWoYCV4DgwW4L9QD-J8WKITbKwOonJlAXenQzWqokWlm7mSNR2sTEM9c-xlzjhgYObAf5S1I8rO1KVV1GOT35QsvRu8FkKz1y1mVq5Xh5LqqkV-ZXsfRDIHBPZBVNMh20YpFmhQYM0bI6dI6LMmQPDj3-Bf3DjTlHzNXF3dHdEbPL3U2zt-EhzHTFXIPVu-wyS1_H7rtTz0rmEFbS0XokeA0OTQI7OPDrLszG-ZPHTHhZcf8wuHXN0jLIPhMbdnjEfvpAJqTfj171uvGhwMR_coN_uj4ysfOylEmlf8mgc2xtO7RRZ2q1ecjfAtjcGkzOPbjgzXgonbiWFvgz5_wGWPl37wJ2d_HUSII_GZYJsGwpdxSOwxckEHUYhw-VUuKIgPh6nMFGw0nY0LwyfHZ-wnF-4I2RHc9z6rDw6k90BHo9B97NcclXWj8Ucwj9x9IVod7CE-Mw_8E6JLTbmkfiSfOo1gbhN22_FxuIVoaUWo-ISG_GjnsaQXGPfmUzntGnTK4XU7PM7jXof0HrCn6xRAikNyMMUeTWG4fl5xUMw11jd3TdldJrYfkBMuljbuS3kOg6J1cQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 boolean| credentialless object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| gptadslots object| dataLayer object| adsbygoogle object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| PM_Postback function| PM_Callback function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find function| Type object| Sys object| _events object| CMS function| $ function| jQuery number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| googleToken object| googleIMState function| processGoogleToken object| gaGlobal function| nativeSplit boolean| compliantExecNpcg object| MMFunctions function| thousands_separators function| getQuerystringValue function| setCookie function| getCookie number| pageLoadCount function| pageLoad function| moment function| Picker boolean| isDropdown function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| stateResults number| decimals object| GoogleGcLKhOms object| google_image_requests

12 Cookies

Domain/Path Name / Value
www.megamillions.com/ Name: CMSPreferredCulture
Value: en-US
www.megamillions.com/ Name: CMSCsrfCookie
Value: BwQclJ5CbHy6FWjg2KwlE48f7dcl9XgIujeU317Q
www.megamillions.com/ Name: ASP.NET_SessionId
Value: 0ehpcbxxjii3fdbqvtmijtmo
www.megamillions.com/ Name: __cflb
Value: 04dToR4AC4wcCE4urZzR1GyV6AzFjqbMhPmaV55raH
.megamillions.com/ Name: _gcl_au
Value: 1.1.1821819433.1679442131
.megamillions.com/ Name: _ga
Value: GA1.2.1429621440.1679442132
.megamillions.com/ Name: _gid
Value: GA1.2.2046604907.1679442132
.megamillions.com/ Name: _gat_UA-130954248-1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUlsmu3aiNcNT0WKsEVAWnMFHCvBFjBF96lkX-E5j9K7WqEr3WjpDir5sunsK_4
.megamillions.com/ Name: __gads
Value: ID=824bb28370606626-22b8f626d5de0066:T=1679442132:RT=1679442132:S=ALNI_MbVODMiqkjmj7iSGNH-qlGoIwyb_w
.megamillions.com/ Name: __gpi
Value: UID=00000bdcc540da5a:T=1679442132:RT=1679442132:S=ALNI_MYzRUAPfds4uILwcFBfgqVdpuhdug
www.megamillions.com/ Name: __cfwaitingroom
Value: ChgrREFmRnZkSVVGaU1tc2tDTCtSY3NBPT0SlAJNSkYxY25aSUE0K3ZVL3hBeVNSODZEZzNqSlphY21EZ3lNMWhSNitwMy9sNUNza3RBRE9nbTVFQXE3cWtYMzdKMVJiUVFSbEFGM29nTTNYSUw2OHZhVnBqUUJkN01XTW9LSXR2bmk1NjMxOEc5Q0FJRHBrek1ZQlFGWEN5TmtUbW8vTXM2MUw2b2JKdjdjNXFMU21jR3pZYStMYUd1Y0JGbklBU3pPbll5WGhOTkx5R3hrdGEraXVlYlVtbTduNkpNbzR5WElTYUJ3Q2ZyOWtmcEJSdWFaYkhXTTgxRUJFQllsM2FkZXRIdE5IK1RNNnFDMGZpcDI4b2dYUVpEeVdtWFFSSEI5WGJNaDEwbStCUW0xaz0%3D

1 Console Messages

Source Level URL
Text
other warning URL: https://4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4d788f8602ede056b8f77cd2a3b10fa2.safeframe.googlesyndication.com
ads.as.criteo.com
adservice.google.com
adservice.google.com.au
cat.sg1.as.criteo.com
cdnjs.cloudflare.com
code.jquery.com
csm.as.criteo.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pix.as.criteo.net
rtb.jp2.as.criteo.com
securepubads.g.doubleclick.net
static.criteo.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.megamillions.com
104.17.24.14
142.250.4.156
142.251.12.97
172.217.194.132
172.217.194.156
172.253.118.106
172.253.118.155
172.67.24.141
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.142
182.161.73.148
182.161.74.19
69.16.175.10
74.125.130.101
74.125.130.154
74.125.200.154
74.125.24.132
74.125.68.157
00ca317c7dc5b31b1392f6013451b2c1ba00c203e665aad1101472b5ef9c8ad3
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0355d3058b5c3b6d7e6f65a1c28ef32a2c758db1d57cbdb07ab8a21bbc135a40
073fe185fa28589915800b70e79f3b64bf08a65919450ea7ccea535a0bed183c
07d1d703338489446f14af6cf69233ec7b8eed377ee00ecae6e49c8bc11a9e70
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b6dc48edd771a983089c3459ff18682e585d02d861dda98fda5cb497e3104ee
12901bf713eabb68cf4724664b9904ca00a69ff57692c4de0f80fb43ba8fc66f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
252772206bd09ba5c31018d5ebb74ed04b6da5c93c8e471e4c6a92816a09b7cb
2785a23295c9280a303ce6cdf41d75692b17d6a9123e918c10130cdfc8a714d4
2b28d70bd0f1f6e31d2b809516a0291521eb5cca9881f7a63ea38886e66cbed3
2fdbcbd4f769c4a4f002c9ced89490753f099fe15be70c33dee9d251b0bd68b4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34cce832fafd4507ca484d1662ac1ff62f68a844f9adb362867c60688761238b
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb
3f34c8adb473593f19bec5233dd482f56ff85cf87e31e254a7e912a87b83ff72
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
45f4c8f64c6bab2f4bf1c372bd075be57c67ff285ab0820ce4572f76a6968e1d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47d88dddbe18bc022dd0e047add99bc4050ffe23ee992462eada59889ff4eab1
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5244d072bb98f137eac373059cef4a0a4f591a06d314b23f7c21a9a7c03243e2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ae36cf7cc4bdf3a4300f074b1bb636a1fff61f8070d124081f48876bb18987
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
636cc1523f3c1d2b2c03edb0e47eacb4f597b91b773bc8b8be4c14fe2d4b8880
646f23ecee620c93d0858750283dedc632c1c38c29d7ef5d6fb42b439b35ed47
652d9094a7eead0236e08a454ce890c830278eec9ffd8db33fd6e4785cac9ca3
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
703ea003a4eae28b4afbfefdc57d2c7bfd6320da0cbbba9530382782b67488e0
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
77897f671e0c608375354abd197336120c413b1ad46f0ed0b1398ba3a89bc389
7a60126f3a5376218a9d7878aa033094291d30f3993594a11e865ddb434e5e11
7c07f37793f58b1f6f7371465d9aa2a44a60f072658b3e320d63da269e098bd4
7c4dc0511bf663fdc5442fe187473916350a74a68341d87dbdd633c8d1cebd3f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff
85a7e52415728ef33a76fbc4ee455149d71cc1b4c2867445264185ecaa53c598
867222183f7b4fdace7636718acb18b75476fc82e388130e0c06d7ec1103273d
8b999633b479860aa438754ca3f093e135b479f41067208c9949c25799f4274b
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
975707e0f84fdf7439284679f4ae53d7e244140753e5d1dbb50ddf9a30d1c1b8
9bbb4b92876eba3c591b3fb5c5eb1ec9ea3a4440bdeed07015be8544f66f6e40
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a54425aa4c783f136e8f1649ec1b3bf719865b7104ec6b1051178405b7c91b26
a629a2424ad41d63e025ac8d0756268ddd76877ed1d4f3a7a24109f13047289a
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b85697f87fa4b245d39bf725e3cd494f2b30feb15b6bb23bc1f9f80b17cd6b2c
ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ce4ee855ad838bb8e93c16e43e92408b52af633204be155f2bf0d4d02cd8d171
ddd3f525a6f64abee80be8f8887a7840c3b0ae84c0f998061bd921aae32dd3e3
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e33cfbdd941b8ff4902d7b24cd21c53f31375b1da63a6a12edcf5cfad44b1b59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea23fa178c761c715a00c4ceaa9b93ed323da784a903df018a4fb04b10288ca3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
f9994dfcaaed1413d4a1e783ab4b43dc0d1a81821fa3d143fbe25706cea8eaf4
fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2
fefcda61d35886adccb7694b6dfa62c727af571a2ae61ead799a74bb621a0ffc
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e