www.megamillions.com Open in urlscan Pro
2606:4700:10::ac43:188d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.megamillions.com/how-to-play
Submission: On July 28 via manual (July 28th 2022, 4:52:49 pm UTC) from US — Scanned from DE

Summary HTTP 87 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 20 domains to perform 87 HTTP transactions. The main IP is 2606:4700:10::ac43:188d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.megamillions.com. The Cisco Umbrella rank of the primary domain is 91103.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 23rd 2022. Valid for: a year.

This is the only time www.megamillions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2606:4700:10:... 2606:4700:10::ac43:188d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
3 8	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
3 5	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.211.132 185.89.211.132	29990 (ASN-APPNEX) (ASN-APPNEX)
9	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1 1	18.192.108.196 18.192.108.196	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:8e6d:8fd7:763c:360f	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
87	22

18 2606:4700:10::ac43:188d (United States)

ASN13335 (CLOUDFLARENET, US)

www.megamillions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.18.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.132 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.108.196 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-108-196.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:8e6d:8fd7:763c:360f (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 159	280 KB
18	megamillions.com www.megamillions.com — Cisco Umbrella Rank: 91103	413 KB
17	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211 googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 296	180 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	81 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 460	5 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 96 www.google.com — Cisco Umbrella Rank: 10	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 234	3 KB
2	gstatic.com fonts.gstatic.com	32 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8252	914 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	71 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	1 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1431	297 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 333	463 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1686	350 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 568	761 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1090	464 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 873	422 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	52 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
87	20

	Domain	Requested by
18	www.megamillions.com	www.megamillions.com
13	pagead2.googlesyndication.com	www.megamillions.com pagead2.googlesyndication.com tpc.googlesyndication.com 97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
9	s0.2mdn.net	www.megamillions.com s0.2mdn.net
8	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net 97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
7	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com 97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com 97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com www.megamillions.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	googleads4.g.doubleclick.net	www.megamillions.com
2	www.google.com	tpc.googlesyndication.com 97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
2	97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	www.googletagservices.com	www.megamillions.com 97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
1	fonts.googleapis.com	s0.2mdn.net
1	ag.innovid.com	97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
1	ssum-sec.casalemedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
1	d.agkn.com	1 redirects
1	cms.quantserve.com	97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.megamillions.com
0	googlecm.hit.gemius.pl Failed	97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
87	27

This site contains links to these domains. Also see Links.

Domain
www.calottery.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-23` - `2023-05-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.megamillions.com/how-to-play
Frame ID: 04939972E2BCFC0CD042DAB1F5316608
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220726/r20190131/zrt_lookup.html
Frame ID: B63FB2C287D818EB0DC0758EDB594C55
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1188353806003967&output=html&adk=1812271804&adf=3025194257&lmt=1659027164&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.megamillions.com%2Fhow-to-play&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659027163883&bpp=3&bdt=280&idt=108&shv=r20220726&mjsv=m202207250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4361835008486&frm=20&pv=2&ga_vid=592764621.1659027164&ga_sid=1659027164&ga_hid=1838630118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C44761792%2C31068638%2C44766067%2C42531608%2C31067825&oid=2&pvsid=445500775861648&tmod=8891013&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=121
Frame ID: 52F67D8E53E3F8E516BEFE769A8D95AE
Requests: 1 HTTP requests in this frame

Frame: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EAAAEA027BA2377D4B42B68E4C5C106B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3A5CDD0D5433051CA8FCCF6A66D892AD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8B71096990F4E3BB25D307AEC106D02B
Requests: 2 HTTP requests in this frame

Frame: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2F3EC3B1EE2AA64CFF4BE7EFA2AB5EC3
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNVWrjP0kDjcHHIDV1f9tZ_ybyfBGKyXJsZ5cn3v0QxYS55M-lcWn4jMHj7mFO99fUeBGnpiShqYvi-tw9FiMRbZfE2yuk_8k3mYojDoyJdQPQF9prVUKCJHPg2zlhLy3MkcP-guiYJisDfBrDf2B-0Qu0QMrdIBB0ENfAziaOtQtXBfGWA
Frame ID: 1A3584C21289E3910CBD654A25E52A28
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4EBA8A997DD481AA3DD2AF4A36D4768A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EE1ECB2A31F25CB80CA7C722F129E362
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10542794862352680631/index.html
Frame ID: 444AC4E7AA473E11C1950C9D5FD587ED
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mega Millions

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

87
Requests

91 %
HTTPS

65 %
IPv6

20
Domains

27
Subdomains

22
IPs

4
Countries

1135 kB
Transfer

3640 kB
Size

22
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.calottery.com/draw-games/mega-millions
Title: California

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjKfxgNHEifUF9T4YzKsFw&google_cver=1

Request Chain 53

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YuK.3ZggJziG.EBHNTq88AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjKfxgNHEifUF9T4YzKsFw&google_cver=1&google_hm=2

Request Chain 54

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGPfbrGmLDxNWt_UEpodONI&google_cver=1

Request Chain 55

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA1ODUzMjg5MjgzMDI2MjQ1Nw%3D%3D

Request Chain 64

https://d.agkn.com/pixel/2175/?google_gid=CAESECLVgieZeevI7Ih3qljzzI4&google_cver=1&google_push=AehlK4CwhhO0B3kelgpJW6UV20qogv_3aDaOFszig40CmHfD-siyp6syQlxHe_m9ZkmZQE8GlUPFTUxC1bJsXrmEM5Cq6OozbF-d9g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4CwhhO0B3kelgpJW6UV20qogv_3aDaOFszig40CmHfD-siyp6syQlxHe_m9ZkmZQE8GlUPFTUxC1bJsXrmEM5Cq6OozbF-d9g&google_hm=Q0FFU0VDTFZnaWVaZWV2STdJaDNxbGp6ekk0

Request Chain 66

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDg9IQKNloneMG_2aF16TiE&google_cver=1&google_push=AehlK4BhR63Tp_SCR9gp6Qsh1rCJTckDEQi_q5u0e2g4955VQQOWpo0CDo7bur_5HBt2AoodcIIrBmLo6EUevs8f2fDzSmByoad9Mg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDY1OVhUTEYtMjYtSVE5Wg==&google_push=AehlK4BhR63Tp_SCR9gp6Qsh1rCJTckDEQi_q5u0e2g4955VQQOWpo0CDo7bur_5HBt2AoodcIIrBmLo6EUevs8f2fDzSmByoad9Mg

Request Chain 67

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECHAwZzXESpSSdKESoCq9f8&google_cver=1&google_push=AehlK4DLlNIeAmO24VEM_9JaAdM2EP6GgYySMRmwLRFT-p_3smMfUuFJ9Xdh4z1PTFy5P5Of6eGam6ZhQGwG7if5r3udzmIhCamBLw HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECHAwZzXESpSSdKESoCq9f8&google_hm=YuK-3ZggJziG-EBHNTq88AAAFDgAAAAB&google_nid=index&google_push=AehlK4DLlNIeAmO24VEM_9JaAdM2EP6GgYySMRmwLRFT-p_3smMfUuFJ9Xdh4z1PTFy5P5Of6eGam6ZhQGwG7if5r3udzmIhCamBLw

87 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request how-to-play Show response
www.megamillions.com/ 38 KB
9 KB 671ms
611ms Document
text/html 2606:4700:10::ac43:188d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.megamillions.com/how-to-play

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e71e913f9757ed8a74b247d64129a540a19bdffc7336cd91e77ee2a778194cdc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 731f2078b94f9a0c-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 28 Jul 2022 16:52:43 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: -1
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
x-ua-compatible: IE=Edge

GET
H2 200 stylesheet.min.css
www.megamillions.com/styles/css/ 184 KB
76 KB 81ms
79ms Stylesheet
text/css 2606:4700:10::ac43:188d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325

Requested by

Host: www.megamillions.com
URL: https://www.megamillions.com/how-to-play

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f9ee29c56d828bf172d5b08eebe5a3bfcfc51e9e3e2cc6358f870af489b7db7d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/how-to-play
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:43 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1922
x-powered-by: ASP.NET
content-length: 77073
last-modified: Wed, 17 Feb 2021 15:48:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "0f8be44445d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 731f207c98019a0c-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 81ms
29ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.megamillions.com
URL: https://www.megamillions.com/how-to-play

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5342bd6fc93fb86a23359482300105a25ca44266fd6b71df3e58acd161dc8a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28305
x-xss-protection: 0
server: sffe
etag: "1286 / 446 of 1000 / last-modified: 1659006320"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 28 Jul 2022 16:52:43 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
56 KB 110ms
60ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.megamillions.com
URL: https://www.megamillions.com/how-to-play

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0aa02cde317130ce4b066136a2e4d2d7d08eb2314788999c9e6677a4bea8af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56855
x-xss-protection: 0
server: cafe
etag: 15036253867459006545
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 16:52:43 GMT

GET
H2 200 WebResource.axd Show response
www.megamillions.com/ 23 KB
5 KB 527ms
525ms Script
application/x-javascript 2606:4700:10::ac43:188d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.megamillions.com/WebResource.axd?d=ZIQniEr9Mywq2t6w0aFkmfevBKkcSs_6bpPr1WgPVOUlKh-_KfHL6_GLwG_j5wygKHT2Io177gD_3d9wGGzhTAdNM801&t=637823185705833095

Requested by

Host: www.megamillions.com
URL: https://www.megamillions.com/how-to-play

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/how-to-play
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 08 Mar 2022 11:42:50 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
cf-ray: 731f207c98049a0c-FRA
expires: Fri, 28 Jul 2023 16:14:43 GMT

GET
H2 200 ScriptResource.axd Show response
www.megamillions.com/ 100 KB
26 KB 548ms
547ms Script
application/x-javascript 2606:4700:10::ac43:188d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.megamillions.com/ScriptResource.axd?d=brRkt1L0_30B7QS6tm7pqQt_F5EeFdvk5YVfxDqljjCdodU_QQ8Tb10b9vuvGEKsD3o792ejp_1xYU_sVqu1AvyRBofc8uLp8jFwNTZ2GKkJUSqDdlNQhtDsJVbuqA-m--yE_WD9ptrjC6d-6dIfL-gnr-E1&t=ffffffffaa493ab8

Requested by

Host: www.megamillions.com
URL: https://www.megamillions.com/how-to-play

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/how-to-play
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 28 Jul 2022 16:14:43 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
cf-ray: 731f207c98069a0c-FRA
content-length: 25609
expires: Fri, 28 Jul 2023 16:14:43 GMT

GET
H2 200 ScriptResource.axd Show response
www.megamillions.com/ 39 KB
10 KB 549ms
548ms Script
application/x-javascript 2606:4700:10::ac43:188d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.megamillions.com/ScriptResource.axd?d=i6bzkVdG9d-PWMRGhCyhO_KGYvHpc647dfE4sb6HFu8IbYM5e_v3Np4HW-FaVLqMNyuVMWmbLM9gTkRyJQovHm5icSk4pkNqqfM_cWgtreN_AcKMH-xswtVFWKWtx_7aMra27TzZq2jjzpQq9ec6UEY1QiOs7zInnFE5PUnAcok_wx3d0&t=ffffffffaa493ab8

Requested by

Host: www.megamillions.com
URL: https://www.megamillions.com/how-to-play

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/how-to-play
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 28 Jul 2022 16:14:43 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
cf-ray: 731f207c98099a0c-FRA
content-length: 9984
expires: Fri, 28 Jul 2023 16:14:43 GMT

GET
H2 200 logo_MM_233x110.png
www.megamillions.com/GLC-Megamillions/media/images/logos/ 31 KB
32 KB 79ms
77ms Image
image/png 2606:4700:10::ac43:188d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.megamillions.com/GLC-Megamillions/media/images/logos/logo_MM_233x110.png

Requested by

Host: www.megamillions.com
URL: https://www.megamillions.com/how-to-play

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

7c07f37793f58b1f6f7371465d9aa2a44a60f072658b3e320d63da269e098bd4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/how-to-play
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:43 GMT
etag: "894610db6917d71:0"
cf-cache-status: HIT
last-modified: Fri, 12 Mar 2021 18:02:24 GMT
server: cloudflare
age: 1922
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 731f207d597e9a0c-FRA
vary: Accept-Encoding
content-length: 32071

GET
H2 200 jquery.3.3.1.min.js Show response
www.megamillions.com/scripts/ 85 KB
30 KB 70ms
68ms Script
application/javascript 2606:4700:10::ac43:188d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.megamillions.com/scripts/jquery.3.3.1.min.js

Requested by

Host: www.megamillions.com
URL: https://www.megamillions.com/how-to-play

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/how-to-play
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:43 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1922
x-powered-by: ASP.NET
content-length: 30401
last-modified: Thu, 13 Dec 2018 15:18:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "04a28f792d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 731f207d59789a0c-FRA

GET
H2 200 scripts.min.js Show response
www.megamillions.com/scripts/ 1018 KB
73 KB 83ms
82ms Script
application/javascript 2606:4700:10::ac43:188d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.megamillions.com/scripts/scripts.min.js?v=20220422

Requested by

Host: www.megamillions.com
URL: https://www.megamillions.com/how-to-play

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

8b965349059a3fa71b19416b65823a121fadcbb52945d0375e69d2f5a9120a45

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/how-to-play
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:43 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1922
x-powered-by: ASP.NET
content-length: 74273
last-modified: Mon, 18 Apr 2022 21:38:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "06c48936c53d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 731f207d59819a0c-FRA

GET
H2 200 pubads_impl_2022071801.js Show response
securepubads.g.doubleclick.net/gpt/ 377 KB
129 KB 73ms
21ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

6f761aab3bf051efa97b8361efb44ec6aeab54bbdd9605bf673c401164fc9a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 12:49:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14566
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131644
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 08:35:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 28 Jul 2023 12:49:57 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 83 B
716 B 86ms
30ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.megamillions.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

facc0aec71b192c1f236ecb44fe6db2281306f3ba98ae5a62fde643dab7587c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Jul 2022 16:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80
x-xss-protection: 0
expires: Thu, 28 Jul 2022 16:52:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 139 KB
52 KB 84ms
33ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5G7656B

Requested by

Host: www.megamillions.com
URL: https://www.megamillions.com/how-to-play

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9fd7f2a8374caa75ba25d2c32655fed6a5a9d8fa756ff9c569c92146540c1f0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52877
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 16:04:08 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Jul 2022 16:52:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5G7656B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6643
date: Thu, 28 Jul 2022 15:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 28 Jul 2022 17:02:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207250101/ 341 KB
121 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1188353806003967&plah=www.megamillions.com&bust=31068638

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85b07acbf52104295acca3385d5029534998d22b1cbc41fc88dba69cc7c77a62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123392
x-xss-protection: 0
server: cafe
etag: 511449960686748977
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 16:52:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220726/r20190131/ Frame B63F 10 KB
5 KB 70ms
20ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220726/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.megamillions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15251
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 12:38:32 GMT
etag: 8616628553774171045
expires: Thu, 11 Aug 2022 12:38:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 72ms
29ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1838630118&t=pageview&_s=1&dl=https%3A%2F%2Fwww.megamillions.com%2Fhow-to-play&ul=en-us&de=UTF-8&dt=Mega%20Millions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=718129405&gjid=2071138423&cid=592764621.1659027164&tid=UA-130954248-1&_gid=1027947212.1659027164&_r=1&gtm=2wg7p05G7656B&z=826128336

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.megamillions.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 16:52:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.megamillions.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 220 B
422 B 50ms
28ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.megamillions.com&callback=_gfp_s_&client=ca-pub-1188353806003967

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1188353806003967&plah=www.megamillions.com&bust=31068638

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

97fcbef82bd374a9f5a0b3f2bd8c3a62f2c493e28f05c43a24539d5b923032cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 207
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 84ms
31ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.megamillions.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Jul 2022 16:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 79ms
30ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.megamillions.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Jul 2022 16:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 52F6 603 B
68 B 89ms
45ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1188353806003967&output=html&adk=1812271804&adf=3025194257&lmt=1659027164&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.megamillions.com%2Fhow-to-play&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659027163883&bpp=3&bdt=280&idt=108&shv=r20220726&mjsv=m202207250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4361835008486&frm=20&pv=2&ga_vid=592764621.1659027164&ga_sid=1659027164&ga_hid=1838630118&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763505%2C44761792%2C31068638%2C44766067%2C42531608%2C31067825&oid=2&pvsid=445500775861648&tmod=8891013&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=121

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.megamillions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 16:52:44 GMT
expires: Thu, 28 Jul 2022 16:52:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 montserrat-v12-latin-regular.woff2
www.megamillions.com/styles/fonts/ 18 KB
19 KB 61ms
61ms Font
application/font-woff2 2606:4700:10::ac43:188d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.megamillions.com/styles/fonts/montserrat-v12-latin-regular.woff2

Requested by

Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin: https://www.megamillions.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:44 GMT
etag: "0fc9b5af91d41:0"
cf-cache-status: HIT
last-modified: Wed, 12 Dec 2018 00:10:00 GMT
server: cloudflare
age: 1922
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 731f2080ceb79a0c-FRA
vary: Accept-Encoding
content-length: 18684

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 80ms
34ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.megamillions.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Jul 2022 16:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 71ms
29ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.megamillions.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Jul 2022 16:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 406ms
363ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=445500775861648&correlator=4054247959151663&eid=31068589%2C42531608%2C31067825&output=ldjh&gdfp_req=1&vrg=2022071801&ptt=17&impl=fifs&iu_parts=21814838932%2Cmmcglc_homepage_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&adks=3207684569&sfv=1-0-38&ecs=20220728&fsapi=false&sc=1&cookie=ID%3D45a9a12dd712e372-22755749ddcd00e2%3AT%3D1659027164%3ART%3D1659027164%3AS%3DALNI_MbHOj_Bra-V2RJUFMr_rpUKFJuCEg&abxe=1&dt=1659027164295&lmt=1659027164&dlt=1659027163603&idt=263&adxs=593&adys=11&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.megamillions.com%2Fhow-to-play&frm=20&vis=1&psz=1150x96&msz=728x-1&fws=4&ohw=1150&ga_vid=592764621.1659027164&ga_sid=1659027164&ga_hid=1838630118&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

dad4bb3c449bb3356ff14cade123016be1ce45114279cad653a51f101f9cfffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9426
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.megamillions.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EAAA 6 KB
4 KB 119ms
29ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.megamillions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 16:52:44 GMT
expires: Fri, 28 Jul 2023 16:52:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 60 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 636cc1523f3c1d2b2c03edb0e47eacb4f597b91b773bc8b8be4c14fe2d4b8880

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 montserrat-v12-latin-600.woff2
www.megamillions.com/styles/fonts/ 18 KB
19 KB 62ms
62ms Font
application/font-woff2 2606:4700:10::ac43:188d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.megamillions.com/styles/fonts/montserrat-v12-latin-600.woff2

Requested by

Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

867222183f7b4fdace7636718acb18b75476fc82e388130e0c06d7ec1103273d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin: https://www.megamillions.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:44 GMT
etag: "0fc9b5af91d41:0"
cf-cache-status: HIT
last-modified: Wed, 12 Dec 2018 00:10:00 GMT
server: cloudflare
age: 1922
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 731f2080fef19a0c-FRA
vary: Accept-Encoding
content-length: 18752

GET
H2 200 Flaticon.woff
www.megamillions.com/styles/fonts/ 4 KB
5 KB 62ms
62ms Font
application/font-woff 2606:4700:10::ac43:188d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.megamillions.com/styles/fonts/Flaticon.woff

Requested by

Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

45f4c8f64c6bab2f4bf1c372bd075be57c67ff285ab0820ce4572f76a6968e1d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin: https://www.megamillions.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:44 GMT
content-encoding: gzip
etag: W/"b52967e7b27dd41:0"
cf-cache-status: HIT
last-modified: Fri, 16 Nov 2018 13:47:24 GMT
server: cloudflare
age: 1922
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/font-woff
cache-control: public, max-age=691200
cf-ray: 731f2080ff029a0c-FRA
vary: Accept-Encoding

GET
H2 200 montserrat-v12-latin-700.woff2
www.megamillions.com/styles/fonts/ 19 KB
19 KB 64ms
64ms Font
application/font-woff2 2606:4700:10::ac43:188d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.megamillions.com/styles/fonts/montserrat-v12-latin-700.woff2

Requested by

Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin: https://www.megamillions.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:44 GMT
etag: "0fc9b5af91d41:0"
cf-cache-status: HIT
last-modified: Wed, 12 Dec 2018 00:10:00 GMT
server: cloudflare
age: 1922
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 731f20810f129a0c-FRA
vary: Accept-Encoding
content-length: 18956

GET
H2 200 montserrat-v12-latin-300.woff2
www.megamillions.com/styles/fonts/ 18 KB
19 KB 65ms
65ms Font
application/font-woff2 2606:4700:10::ac43:188d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.megamillions.com/styles/fonts/montserrat-v12-latin-300.woff2

Requested by

Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ea23fa178c761c715a00c4ceaa9b93ed323da784a903df018a4fb04b10288ca3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin: https://www.megamillions.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:44 GMT
etag: "0fc9b5af91d41:0"
cf-cache-status: HIT
last-modified: Wed, 12 Dec 2018 00:10:00 GMT
server: cloudflare
age: 1922
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 731f20810f139a0c-FRA
vary: Accept-Encoding
content-length: 18444

GET
H2 200 montserrat-v12-latin-900italic.woff2
www.megamillions.com/styles/fonts/ 19 KB
19 KB 63ms
62ms Font
application/font-woff2 2606:4700:10::ac43:188d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.megamillions.com/styles/fonts/montserrat-v12-latin-900italic.woff2

Requested by

Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

7c4dc0511bf663fdc5442fe187473916350a74a68341d87dbdd633c8d1cebd3f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin: https://www.megamillions.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:44 GMT
etag: "0fc9b5af91d41:0"
cf-cache-status: HIT
last-modified: Wed, 12 Dec 2018 00:10:00 GMT
server: cloudflare
age: 1921
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 731f20810f169a0c-FRA
vary: Accept-Encoding
content-length: 19104

GET
H2 200 montserrat-v12-latin-500.woff2
www.megamillions.com/styles/fonts/ 18 KB
19 KB 69ms
69ms Font
application/font-woff2 2606:4700:10::ac43:188d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.megamillions.com/styles/fonts/montserrat-v12-latin-500.woff2

Requested by

Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin: https://www.megamillions.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:44 GMT
etag: "0fc9b5af91d41:0"
cf-cache-status: HIT
last-modified: Wed, 12 Dec 2018 00:10:00 GMT
server: cloudflare
age: 1769
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 731f20812f419a0c-FRA
vary: Accept-Encoding
content-length: 18728

GET
H2 200 logo_MM_115x54.png
www.megamillions.com/GLC-Megamillions/media/images/logos/ 12 KB
13 KB 68ms
68ms Image
image/png 2606:4700:10::ac43:188d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.megamillions.com/GLC-Megamillions/media/images/logos/logo_MM_115x54.png

Requested by

Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

34cce832fafd4507ca484d1662ac1ff62f68a844f9adb362867c60688761238b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:44 GMT
etag: "5ed99acf6917d71:0"
cf-cache-status: HIT
last-modified: Fri, 12 Mar 2021 18:02:05 GMT
server: cloudflare
age: 1747
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 731f20814f689a0c-FRA
vary: Accept-Encoding
content-length: 12493

POST
H2 200 GetLatestDrawData Show response
www.megamillions.com/cmspages/utilservice.asmx/ 5 KB
2 KB 509ms
508ms XHR
application/json 2606:4700:10::ac43:188d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.megamillions.com/cmspages/utilservice.asmx/GetLatestDrawData

Requested by

Host: www.megamillions.com
URL: https://www.megamillions.com/scripts/jquery.3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

5edb7ff7c2bed3295563961d024c7dfa0e060ff12ecd9913897c42b9173eada7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.megamillions.com/how-to-play
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 28 Jul 2022 16:52:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
cf-ray: 731f20819fdc9a0c-FRA

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 79ms
35ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220726&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56fd191ceda581ffa1004d8a689664af5887ac8bd1a2d370d775e61b0bc7fce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Jul 2022 16:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10774
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
21ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1838630118&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.megamillions.com%2Fhow-to-play&ul=en-us&de=UTF-8&dt=Mega%20Millions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=Percentage&el=25%25&_u=aEDAAAABAAAAAC~&jid=&gjid=&cid=592764621.1659027164&tid=UA-130954248-1&_gid=1027947212.1659027164&gtm=2wg7p05G7656B&z=1599754201

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 20:53:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71978
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
22ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1838630118&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.megamillions.com%2Fhow-to-play&ul=en-us&de=UTF-8&dt=Mega%20Millions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=Percentage&el=50%25&_u=aEDAAAABAAAAAC~&jid=&gjid=&cid=592764621.1659027164&tid=UA-130954248-1&_gid=1027947212.1659027164&gtm=2wg7p05G7656B&z=1808012027

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 20:53:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71978
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 89ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 28 Jul 2022 16:52:44 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3A5C 13 KB
5 KB 67ms
21ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.megamillions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 887
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 16:37:57 GMT
expires: Fri, 28 Jul 2023 16:37:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8B71 783 B
1 KB 87ms
34ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ef909be58a5c40c47459071a29aa5d7ecdebc10e04acd9aecde6c6273c0e4010

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MdTZrOz-7VBN2UIgl1-XFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.megamillions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-MdTZrOz-7VBN2UIgl1-XFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 16:52:44 GMT
expires: Thu, 28 Jul 2022 16:52:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 container.html Show response
97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2F3E 6 KB
3 KB 64ms
22ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.megamillions.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 16:52:44 GMT
expires: Fri, 28 Jul 2023 16:52:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8B71 0
0 72ms
71ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220726&jk=445500775861648&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 200 sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A5C 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 10:14:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Jul 2023 10:14:42 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3A5C 0
9 B 19ms
19ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?sE6Ezw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 montserrat-v12-latin-700italic.woff2
www.megamillions.com/styles/fonts/ 19 KB
19 KB 65ms
64ms Font
application/font-woff2 2606:4700:10::ac43:188d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.megamillions.com/styles/fonts/montserrat-v12-latin-700italic.woff2

Requested by

Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

975707e0f84fdf7439284679f4ae53d7e244140753e5d1dbb50ddf9a30d1c1b8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin: https://www.megamillions.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:45 GMT
etag: "0fc9b5af91d41:0"
cf-cache-status: HIT
last-modified: Wed, 12 Dec 2018 00:10:00 GMT
server: cloudflare
age: 1922
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 731f20865eef9a0c-FRA
vary: Accept-Encoding
content-length: 19384

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1A35 624 B
297 B 34ms
33ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNVWrjP0kDjcHHIDV1f9tZ_ybyfBGKyXJsZ5cn3v0QxYS55M-lcWn4jMHj7mFO99fUeBGnpiShqYvi-tw9FiMRbZfE2yuk_8k3mYojDoyJdQPQF9prVUKCJHPg2zlhLy3MkcP-guiYJisDfBrDf2B-0Qu0QMrdIBB0ENfAziaOtQtXBfGWA

Requested by

Host: 97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
URL: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 16:52:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2F3E 80 KB
33 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-COxoJRo38ne3lGKCpowQuqng5OzgRoDczmfcSFQYToAvEX3BdfJ_48QcSxfw7w_l5IKNCt3tcFDtU8Di5oqRNS5mvUxg&cry=1&dbm_d=AKAmf-AjPT55oUEHGwWOMB9OOoSZitH4LZj625Sfr7sFPkvmxie_q2czSJJuEYGLD08YKgkaVQ_NBJS325YF04-no601sb-YIr2JsDRDXWKlUmY0WR_9SsS2PSJRe_T5NH6yshjoH5GDjPQVKkzG_5lA9fX-NhxNGv9AwvDZ6Lm0ceuLNh8PqwpDHlGcT7NjhxLmlwRda_tokX-6NakfRlukLNGcKlbfEW5Nu37eRS8BMdrr1_0ne1OSOgbVdQCLauzDq1vO7HSu_FqN58urxeduQWuLQYCcyTykPHv8y6pVkfYPThNeA1b8pSx3vyexTvWnqEYjtrbmZYXkeeXXwbtRvron1QWn3YKKdzngAC6BKvQrlwn-RAX5NWO8L46nReazjp_rwpV1EqrycMmeO_az3fzqk_yKU6yo7oI6iulWxTyopB2wndeGy-ucx3ju4dqJC4kenkR238OhxggF9E4rXhnTL_RmcP5xKJSnD_4DCbbn91tlv0jv--m5AWx_g2NTZC_TUlmdz6s78gafNvj7ogzQ-P9xIKVZLmCKBRwOHmROcHjRCpwqGkYiLd7KDTfQdWHd-R7sPGzcrCkdlCOObCnrUCNjHMnEajW5S0jEGYxxQmOkLem1bWHdERtinuK_ylFvv4LFaf6UOTrx07i4J2C8oYTcegAz0k_Se9XHpsZsbVNqeJgZdtLD1iAlJ4L1A5wxxy4ZoAPKfHgiNRczwpkwe045Mhj3i6M69RIk20-jEqCQ1uGCbbFVFGYy9gR89HiyfzZTULK0I2txwAztBxbWvt1N1p1B-eEZwpFC5-RxPhJhpNiEkVEyE2Yebj0HlGHC83rN3cL5oM86dHXaxe7cyx_EaDZEI-XtNEMHs1B9PEdYwd2XJLHeCbNd3hP7i7EyffiqfdEMgZrQD8YjgezjhMajmtTXBIoLlGeouZY-9JLSwCacS19KJPvD79cA5NTgSjr3AzYiFsvj1Zj7OK93EqCUhwl3OdbgybbSIuB47_9-4otJHzPxVIQg25-ICdLwUGGRQnxgCyPbvvHhacoyTV7k9KDAMBLYmN740r8Wkrb1Mw3VcDTzHFDJSKmDuXKqLrOlQLMy7U6FpvbZkNm4wKJUvPAHxyNn_320LceqE1FuExo_OpodiSVWpfsN8ipaqjq-Z5UghAeXwGEbfkKLCm1ohVqSalBi7tdexUZdqLeGxNarfjYTpjKum2ggYPGuHo8lzEADxC9U5rqIN_g9w-uSJp6CY30yEEv1_B_uGMrcWzmAyshdJ8fLXoVDKfbKs96GUd4OhQ-vGxHO7VkxlkzE4Rto88aLbIOetLxTWTT2EAUtdq_hWCTOdBwPGb0cSzKUqYc2wp_k1dj3DnB0DKAUldU2M-ewNOp7PeNubFoCoKymV6PCjV6E7maFXQtVlEOIB_HrSfeM8a0lL4fzdTbhGWRDfV83BfSByUvEmkGBDmXzM2iU2wgn--X9dLmyFXQTZX2EMGfmhaqoN9el4ogB05Ag_0lHUH5yyd_d2Ny_vcfxoiI5Wbi9IsZhoLtyi8ghz1dJSOxLR3rgXK5NHzghcXI-bIo0GDJlJLRCSxi5Oj6E11cOq_VYjS8xMnVoceHdKQbal287BNmXQHdaZJHKz66IFzmjZ4I9uL6ZprLa3sMyKG5LYiPtXqOjIyI7h56AnYpCv9XMQqY6j3AbklRKxlUVkExHvEBeJLWnlvCg96n0aJurYLwn40amJ7M07yxFOwXCklB4AAD2D6paxW05nZtt83ceFYOaYwyngmr-NxOaj1QVVcJAi4670q2DPnklnY6Dmf7ZHQf0dyxyvCe2Ffk2sQtznil_2PLhaGllXYbGREUvbsS_p2idfM9KhQMGuC1vWTP5jrsuCBAj7fdUgY8XrS6bCuuvOE_IwXY8yTJv-SB49r82SMhMnepPi20LA2GbBmbHxFTDNLQznwSErGl13RYcnCyEpKntPg9ri5kPEl1l0bNZJBo3guKrIqEWlqFSuvjA1RvFnDGWpPi-JLaEx2i0OxRUEl_LeNRY7YlMALvdBjhY5H1vjH4uEDBBMZfvGVexfAkfI--yP1OWbxz021CXj6ayJjdgfqYbzaAJm64ZsxGfNQN3_3X6AY7Yqg2IsvGHBpuETvYpEyFTHlhYmvI4zays_kTY5xnQdy0uRDLPoTLMoxw327Pl9Mk17mkZC4bXacDPu_wHFs71D9e9YQQe300xmd3rNvBaoW5aO0TmTdd9JjiMxKW0gQqkxfR4BYA6A2uMXAs1ca111KXcphcMSwwxrygugplwSCKPS2dLstzFbyWPaPj3S9FxVrxsYe5yeLj5kepW-yYyA6ETqQ_TsL4avTnRauQ96WEMt0oFF9WvmXdKvePzO6D2m9f3HCmuphB7DtqbJuaWvf0kV2vOZNAVPXCFOExn6xJUr_thiXW48aDD1-q3zj8BoSjSyXxcngjJMKnHuYJz5TXPHu7HkG3pml-LiE6z4uK4dAbq1FWBHoqyJk6JGysb-MbEgY2AXgyl6Jz5rndLbXoXLcEp2Z1mJdcghIS9IxAs7jPjZzgA8OanCh5rw6HFWqcvouO4uUZaKSlpa7jWtb95I64uZ59R3Dpbj96dalLa2vh_nYb-nSP8oah-tuP3Ozu5pZtvOg8HyTLK4-warVDIuP1Q_S7CXRB0x_92W0gBTQRHim74FuQktADqiRAoBYxYNhQK7wY6kEk01wmVYKdPrQZbTq5a-MdwXJMQsWrTiX0XsIq4TGWETRaEYY2KJrnsryri4hZ3sJ4sUVaW749KAJFyTWcjyU20hi-g6QlIE6CjDC3aEoxsi5TabUZ2dX4m0c4qDwyqvTIMT0iXSxoP_sfaFErIA-PxB3-8vsdTNo12ip-U_Ukjas5d5ybv1QhBYUacxeKb8yk_A3y3DL52f8q9SqKY2p98QhOcpw1YpKsOvkkyYElEKFrhrSw8o-4qIq62qMKPIaY6V2-_WI091H-_zC03yx6nbNL4Tjtaj0kBuQYmTrh3Rl3QrT_rcxtuQWLO2IJOzbB_386v3LbGPHlPoUMzgeJQPEmL_wgHsBIsPuyZh798pjsn9GiDRy-bg-7Djzy73PzoM-kPk9MViUg5SSdUl5rfi0KCToM18xwXn_TXKRhiBGPNxQwZ&cid=CAASJORos_05PDlaQiE0PQlrgZueDH2Q9wS89I69XkZ6D0mjoe4GAw&rfl=1%2Chttps%253A%252F%252Fwww.megamillions.com%252F%240

Requested by

Host: www.megamillions.com
URL: https://www.megamillions.com/how-to-play

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f6b411ff1a84c15ee06af050f007a928cfb511565d0286aae01f05469aa5116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 16:52:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34081
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F3E 42 B
63 B 55ms
54ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C89eGvh67SlDl19JQRsROXYoz5NgyngPmyHHdAkXd7Qdw23Yorczi75OXrmbTnnss-UxSUCwH7MIqmKoEcWE635YIEmsOLbwaZVwocjP_TWK6FtRY

Requested by

Host: 97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
URL: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 16:52:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/ Frame 2F3E 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/window_focus_fy2021.js

Requested by

Host: 97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
URL: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 16:44:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2F3E 138 KB
42 KB 80ms
38ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
URL: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5ce8ecc153c4e51d77a8480af2c1ceeb0c94a94f30b78d23151cacef80e6e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43394
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658749242091060"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 28 Jul 2022 16:52:45 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/ Frame 2F3E 17 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
URL: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b13b8f89a79c883eb205b34adf7ea6afad13e4e7834f0487a3e9335dcaf09d24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:51:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7476
x-xss-protection: 0
server: cafe
etag: 17790590548613106194
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 16:51:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2F3E 0
0 74ms
28ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_OUSKOCk1nHsS4YL-iMfyltRn7itWQlYqbYx4c8peTrH2ZrvOan-uVGkxR5AVGEfbMEEx80WsJckZks7j0FpoesVeqQ
Requested by: Host: 97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
URL: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1A35
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjKfxgNHEifUF9T4YzKsFw&google_cver=1

43 B
906 B

83ms
61ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjKfxgNHEifUF9T4YzKsFw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNVWrjP0kDjcHHIDV1f9tZ_ybyfBGKyXJsZ5cn3v0QxYS55M-lcWn4jMHj7mFO99fUeBGnpiShqYvi-tw9FiMRbZfE2yuk_8k3mYojDoyJdQPQF9prVUKCJHPg2zlhLy3MkcP-guiYJisDfBrDf2B-0Qu0QMrdIBB0ENfAziaOtQtXBfGWA
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 731f208798f79a1b-FRA
pragma: no-cache
date: Thu, 28 Jul 2022 16:52:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1NB3KZ20pYzuqf47tnlYZoTXAyaE92ezDrrPRHqt25UXtO2ERS569v1RAPLj4jqHKPK1UfTlVMiDD0wqoVENqxjXQBRnRZ7cHGyootbAx5NIoM94wcE5P72byaYzcukAmbsjd8Kd%2BkIJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 28 Jul 2022 16:52:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjKfxgNHEifUF9T4YzKsFw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1A35
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YuK.3ZggJziG.EBHNTq88AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjKfxgNHEifUF9T4YzKsFw&google_cver=1&google_hm=2

43 B
912 B

44ms
44ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjKfxgNHEifUF9T4YzKsFw&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNVWrjP0kDjcHHIDV1f9tZ_ybyfBGKyXJsZ5cn3v0QxYS55M-lcWn4jMHj7mFO99fUeBGnpiShqYvi-tw9FiMRbZfE2yuk_8k3mYojDoyJdQPQF9prVUKCJHPg2zlhLy3MkcP-guiYJisDfBrDf2B-0Qu0QMrdIBB0ENfAziaOtQtXBfGWA
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray: 731f208839c29a1b-FRA
pragma: no-cache
date: Thu, 28 Jul 2022 16:52:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOJmn9oad470zWx0FGOClov93pe6VxDwQLbYcgZTtfU%2FqD9QG%2BCVT5t4JM8VU3P6c2T0TW%2FqGCuwdpMznRz6RPQv%2FIG%2Fw3m6kfjtu6uFstayn%2BZH8aLsoBQawa7ZhuQ5mmCF5Rjk3taf8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 28 Jul 2022 16:52:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPjKfxgNHEifUF9T4YzKsFw&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1A35
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGPfbrGmLDxNWt_UEpodONI&google_cver=1

43 B
1018 B

53ms
30ms

Image
image/gif

185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGPfbrGmLDxNWt_UEpodONI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNVWrjP0kDjcHHIDV1f9tZ_ybyfBGKyXJsZ5cn3v0QxYS55M-lcWn4jMHj7mFO99fUeBGnpiShqYvi-tw9FiMRbZfE2yuk_8k3mYojDoyJdQPQF9prVUKCJHPg2zlhLy3MkcP-guiYJisDfBrDf2B-0Qu0QMrdIBB0ENfAziaOtQtXBfGWA

Protocol

HTTP/1.1

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 28 Jul 2022 16:52:45 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 88d876ce-0c37-40dc-b771-35c67c85b93a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Jul 2022 16:52:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGPfbrGmLDxNWt_UEpodONI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A35
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA1ODUzMjg5MjgzMDI2MjQ1Nw%3D%3D

170 B
188 B

63ms
32ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA1ODUzMjg5MjgzMDI2MjQ1Nw%3D%3D

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 16:52:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 28 Jul 2022 16:52:45 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 75b21144-9759-47e5-96c8-49316c459846
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA1ODUzMjg5MjgzMDI2MjQ1Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 2F3E 106 KB
38 KB 70ms
20ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.megamillions.com
URL: https://www.megamillions.com/how-to-play

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/
Origin: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 08:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Jul 2022 08:39:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220726/r20110914/elements/html/ Frame 2F3E 8 KB
3 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220726/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-COxoJRo38ne3lGKCpowQuqng5OzgRoDczmfcSFQYToAvEX3BdfJ_48QcSxfw7w_l5IKNCt3tcFDtU8Di5oqRNS5mvUxg&cry=1&dbm_d=AKAmf-AjPT55oUEHGwWOMB9OOoSZitH4LZj625Sfr7sFPkvmxie_q2czSJJuEYGLD08YKgkaVQ_NBJS325YF04-no601sb-YIr2JsDRDXWKlUmY0WR_9SsS2PSJRe_T5NH6yshjoH5GDjPQVKkzG_5lA9fX-NhxNGv9AwvDZ6Lm0ceuLNh8PqwpDHlGcT7NjhxLmlwRda_tokX-6NakfRlukLNGcKlbfEW5Nu37eRS8BMdrr1_0ne1OSOgbVdQCLauzDq1vO7HSu_FqN58urxeduQWuLQYCcyTykPHv8y6pVkfYPThNeA1b8pSx3vyexTvWnqEYjtrbmZYXkeeXXwbtRvron1QWn3YKKdzngAC6BKvQrlwn-RAX5NWO8L46nReazjp_rwpV1EqrycMmeO_az3fzqk_yKU6yo7oI6iulWxTyopB2wndeGy-ucx3ju4dqJC4kenkR238OhxggF9E4rXhnTL_RmcP5xKJSnD_4DCbbn91tlv0jv--m5AWx_g2NTZC_TUlmdz6s78gafNvj7ogzQ-P9xIKVZLmCKBRwOHmROcHjRCpwqGkYiLd7KDTfQdWHd-R7sPGzcrCkdlCOObCnrUCNjHMnEajW5S0jEGYxxQmOkLem1bWHdERtinuK_ylFvv4LFaf6UOTrx07i4J2C8oYTcegAz0k_Se9XHpsZsbVNqeJgZdtLD1iAlJ4L1A5wxxy4ZoAPKfHgiNRczwpkwe045Mhj3i6M69RIk20-jEqCQ1uGCbbFVFGYy9gR89HiyfzZTULK0I2txwAztBxbWvt1N1p1B-eEZwpFC5-RxPhJhpNiEkVEyE2Yebj0HlGHC83rN3cL5oM86dHXaxe7cyx_EaDZEI-XtNEMHs1B9PEdYwd2XJLHeCbNd3hP7i7EyffiqfdEMgZrQD8YjgezjhMajmtTXBIoLlGeouZY-9JLSwCacS19KJPvD79cA5NTgSjr3AzYiFsvj1Zj7OK93EqCUhwl3OdbgybbSIuB47_9-4otJHzPxVIQg25-ICdLwUGGRQnxgCyPbvvHhacoyTV7k9KDAMBLYmN740r8Wkrb1Mw3VcDTzHFDJSKmDuXKqLrOlQLMy7U6FpvbZkNm4wKJUvPAHxyNn_320LceqE1FuExo_OpodiSVWpfsN8ipaqjq-Z5UghAeXwGEbfkKLCm1ohVqSalBi7tdexUZdqLeGxNarfjYTpjKum2ggYPGuHo8lzEADxC9U5rqIN_g9w-uSJp6CY30yEEv1_B_uGMrcWzmAyshdJ8fLXoVDKfbKs96GUd4OhQ-vGxHO7VkxlkzE4Rto88aLbIOetLxTWTT2EAUtdq_hWCTOdBwPGb0cSzKUqYc2wp_k1dj3DnB0DKAUldU2M-ewNOp7PeNubFoCoKymV6PCjV6E7maFXQtVlEOIB_HrSfeM8a0lL4fzdTbhGWRDfV83BfSByUvEmkGBDmXzM2iU2wgn--X9dLmyFXQTZX2EMGfmhaqoN9el4ogB05Ag_0lHUH5yyd_d2Ny_vcfxoiI5Wbi9IsZhoLtyi8ghz1dJSOxLR3rgXK5NHzghcXI-bIo0GDJlJLRCSxi5Oj6E11cOq_VYjS8xMnVoceHdKQbal287BNmXQHdaZJHKz66IFzmjZ4I9uL6ZprLa3sMyKG5LYiPtXqOjIyI7h56AnYpCv9XMQqY6j3AbklRKxlUVkExHvEBeJLWnlvCg96n0aJurYLwn40amJ7M07yxFOwXCklB4AAD2D6paxW05nZtt83ceFYOaYwyngmr-NxOaj1QVVcJAi4670q2DPnklnY6Dmf7ZHQf0dyxyvCe2Ffk2sQtznil_2PLhaGllXYbGREUvbsS_p2idfM9KhQMGuC1vWTP5jrsuCBAj7fdUgY8XrS6bCuuvOE_IwXY8yTJv-SB49r82SMhMnepPi20LA2GbBmbHxFTDNLQznwSErGl13RYcnCyEpKntPg9ri5kPEl1l0bNZJBo3guKrIqEWlqFSuvjA1RvFnDGWpPi-JLaEx2i0OxRUEl_LeNRY7YlMALvdBjhY5H1vjH4uEDBBMZfvGVexfAkfI--yP1OWbxz021CXj6ayJjdgfqYbzaAJm64ZsxGfNQN3_3X6AY7Yqg2IsvGHBpuETvYpEyFTHlhYmvI4zays_kTY5xnQdy0uRDLPoTLMoxw327Pl9Mk17mkZC4bXacDPu_wHFs71D9e9YQQe300xmd3rNvBaoW5aO0TmTdd9JjiMxKW0gQqkxfR4BYA6A2uMXAs1ca111KXcphcMSwwxrygugplwSCKPS2dLstzFbyWPaPj3S9FxVrxsYe5yeLj5kepW-yYyA6ETqQ_TsL4avTnRauQ96WEMt0oFF9WvmXdKvePzO6D2m9f3HCmuphB7DtqbJuaWvf0kV2vOZNAVPXCFOExn6xJUr_thiXW48aDD1-q3zj8BoSjSyXxcngjJMKnHuYJz5TXPHu7HkG3pml-LiE6z4uK4dAbq1FWBHoqyJk6JGysb-MbEgY2AXgyl6Jz5rndLbXoXLcEp2Z1mJdcghIS9IxAs7jPjZzgA8OanCh5rw6HFWqcvouO4uUZaKSlpa7jWtb95I64uZ59R3Dpbj96dalLa2vh_nYb-nSP8oah-tuP3Ozu5pZtvOg8HyTLK4-warVDIuP1Q_S7CXRB0x_92W0gBTQRHim74FuQktADqiRAoBYxYNhQK7wY6kEk01wmVYKdPrQZbTq5a-MdwXJMQsWrTiX0XsIq4TGWETRaEYY2KJrnsryri4hZ3sJ4sUVaW749KAJFyTWcjyU20hi-g6QlIE6CjDC3aEoxsi5TabUZ2dX4m0c4qDwyqvTIMT0iXSxoP_sfaFErIA-PxB3-8vsdTNo12ip-U_Ukjas5d5ybv1QhBYUacxeKb8yk_A3y3DL52f8q9SqKY2p98QhOcpw1YpKsOvkkyYElEKFrhrSw8o-4qIq62qMKPIaY6V2-_WI091H-_zC03yx6nbNL4Tjtaj0kBuQYmTrh3Rl3QrT_rcxtuQWLO2IJOzbB_386v3LbGPHlPoUMzgeJQPEmL_wgHsBIsPuyZh798pjsn9GiDRy-bg-7Djzy73PzoM-kPk9MViUg5SSdUl5rfi0KCToM18xwXn_TXKRhiBGPNxQwZ&cid=CAASJORos_05PDlaQiE0PQlrgZueDH2Q9wS89I69XkZ6D0mjoe4GAw&rfl=1%2Chttps%253A%252F%252Fwww.megamillions.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 16:32:51 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220726/r20110914/ Frame 2F3E 30 KB
11 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220726/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccf275d85ba3479f9bb61b3915f34b3a16b5437cd0f4ec25666d819875a059a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:49:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11520
x-xss-protection: 0
server: cafe
etag: 16798029156924389348
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 16:49:15 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2F3E 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
URL: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 12:49:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jul 2023 12:49:27 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4EBA 1 KB
749 B 21ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
URL: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11894
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Jul 2022 13:34:31 GMT
etag: 48472445140208031
expires: Fri, 29 Jul 2022 13:34:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2F3E 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c36cfc6dfee8e17ae9ae79c978c6d752b7cd85bd22b37239f2d2e68a6d89261c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EE1E 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 187398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Jul 2022 12:49:27 GMT
expires: Wed, 26 Jul 2023 12:49:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4EBA 35 B
464 B 72ms
21ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELWtqs17EDyZX96xPGZhHcc&google_cver=1&google_push=AehlK4BrQxKFHNXwbZOjWXmemuRQxa1Dm04sdsBDArZG8mr9ZRzIEQcqZaSd0b4aKKZP5bdkvSHJ-ouqcKYVFJUNpq-aObHlZ5F92A

Requested by

Host: 97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
URL: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 16:52:45 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4EBA
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESECLVgieZeevI7Ih3qljzzI4&google_cver=1&google_push=AehlK4CwhhO0B3kelgpJW6UV20qogv_3aDaOFszig40CmHfD-siyp6syQlxHe_m9ZkmZQE8GlUPFTUxC1bJsXrmEM5Cq6OozbF-d9g
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4CwhhO0B3kelgpJW6UV20qogv_3aDaOFszig40CmHfD-siyp6syQlxHe_m9ZkmZQE8GlUPFTUxC1bJsXrmEM5Cq6OozbF-d9g&google_hm=Q0FFU0VDTFZnaWVaZWV...

170 B
188 B

31ms
31ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4CwhhO0B3kelgpJW6UV20qogv_3aDaOFszig40CmHfD-siyp6syQlxHe_m9ZkmZQE8GlUPFTUxC1bJsXrmEM5Cq6OozbF-d9g&google_hm=Q0FFU0VDTFZnaWVaZWV2STdJaDNxbGp6ekk0

Requested by

Host: 97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
URL: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 16:52:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 28 Jul 2022 16:52:45 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4CwhhO0B3kelgpJW6UV20qogv_3aDaOFszig40CmHfD-siyp6syQlxHe_m9ZkmZQE8GlUPFTUxC1bJsXrmEM5Cq6OozbF-d9g&google_hm=Q0FFU0VDTFZnaWVaZWV2STdJaDNxbGp6ekk0
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 4EBA 43 B
350 B 98ms
46ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEKVi7UKkPHKxKzDR2h7Oz-4&google_cver=1&google_push=AehlK4DY6yfefofRCrrKcV77MA32nX9ZLPeZFXN-NWb4Fd0z7_k4ak5GK96RoOZtVpWrzLKo0nhKPxx-urSuP4AEC3rCAH_Dywr9rA
Requested by: Host: 97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
URL: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 16:52:45 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: bif11a7ug8jd6fb1tt90fvft1i1rdjei

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4EBA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDg9IQKNloneMG_2aF16TiE&google_cver=1&google_push=AehlK4BhR63Tp_SCR9gp6Qsh1rCJTckDEQi_q5u0e2g4955VQQOWpo0CDo7bur_5HBt2AoodcII...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDY1OVhUTEYtMjYtSVE5Wg==&google_push=AehlK4BhR63Tp_SCR9gp6Qsh1rCJTckDEQi_q5u0e2g4955VQQOWpo0CDo7bur_5HBt2AoodcIIrBmLo6EUevs8f2fDzSmByoad9Mg

170 B
188 B

30ms
30ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDY1OVhUTEYtMjYtSVE5Wg==&google_push=AehlK4BhR63Tp_SCR9gp6Qsh1rCJTckDEQi_q5u0e2g4955VQQOWpo0CDo7bur_5HBt2AoodcIIrBmLo6EUevs8f2fDzSmByoad9Mg

Requested by

Host: 97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
URL: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 16:52:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDY1OVhUTEYtMjYtSVE5Wg==&google_push=AehlK4BhR63Tp_SCR9gp6Qsh1rCJTckDEQi_q5u0e2g4955VQQOWpo0CDo7bur_5HBt2AoodcIIrBmLo6EUevs8f2fDzSmByoad9Mg
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4EBA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECHAwZzXESpSSdKESoCq9f8&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECHAwZzXESpSSdKESoCq9f8&google_hm=YuK-3ZggJziG-EBHNTq88AAAFDgAAAAB&google_nid=index&google_push=AehlK4DLlNIeAmO24VEM_9JaAdM2EP6GgYySM...

170 B
188 B

31ms
31ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECHAwZzXESpSSdKESoCq9f8&google_hm=YuK-3ZggJziG-EBHNTq88AAAFDgAAAAB&google_nid=index&google_push=AehlK4DLlNIeAmO24VEM_9JaAdM2EP6GgYySMRmwLRFT-p_3smMfUuFJ9Xdh4z1PTFy5P5Of6eGam6ZhQGwG7if5r3udzmIhCamBLw

Requested by

Host: 97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
URL: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 16:52:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Jul 2022 16:52:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXSFu%2BXf0Oo1eS1rUW5vK982Xw9FEbxOQJJqRFqq1EYr2Irm%2Fn%2FKgKGxlv01KiBbnTs%2BW9gpLpBOUQ%2FegzxVAM3CqyvtJlTirR34qEmhmKXsOciGz5Jr2Nlzh94UuNVElEnIDNPkVn%2BDhg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECHAwZzXESpSSdKESoCq9f8&google_hm=YuK-3ZggJziG-EBHNTq88AAAFDgAAAAB&google_nid=index&google_push=AehlK4DLlNIeAmO24VEM_9JaAdM2EP6GgYySMRmwLRFT-p_3smMfUuFJ9Xdh4z1PTFy5P5Of6eGam6ZhQGwG7if5r3udzmIhCamBLw
cache-control: no-cache
cf-ray: 731f2087e8409a23-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 4EBA 43 B
297 B 198ms
35ms Image
image/gif 2a05:d01c:1d8:8102:8e6d:8fd7:763c:360f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGIOQk8CGXvSmTaAF8CHaBs&google_cver=1&google_push=AehlK4AcnlBaZs-JoMM1XbOv37QoUNCqbqbeEU4WO7w8kjJN90vKUsJRMLqlPH6XUuQmtONrN8atYaH3V9Dyn-Urw_0rzXP0luEPXw
Requested by: Host: 97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
URL: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:8e6d:8fd7:763c:360f London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 16:52:45 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 4EBA 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4EBA 0
12 B 72ms
29ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LzIU7tiE2PiiKuWxgOPZLOH8WD7tlUYJjkOjqAurB-choMOVfYIhpYwmRL7UjbgpIegQblTg

Requested by

Host: 97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
URL: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10542794862352680631/ Frame 444A 23 KB
5 KB 65ms
24ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10542794862352680631/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60f276b65b0da44961d7a0536a0577c2f426fb3e8ebe515962a0749c78c26375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 101528
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5056
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Jul 2022 12:40:37 GMT
expires: Thu, 27 Jul 2023 12:40:37 GMT
last-modified: Wed, 18 May 2022 12:27:43 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2F3E 0
622 B 145ms
68ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvrQ1D_FB5K8C0qRfzF-xAxxjXWquXuHgaeznX2AIdmnRsdXLPhtzSQ4sY_1_WUHLLcm6_uQ6spkTEVC5wt8btHQJ8X0jTYKpiHCFZZp3uhbAD1asV40EkpetwewE_LU525NiU5Luq-hspd1hUldVnFcd5g55DyWoMcabG0vDlxtBS_gStz_uZJBBen-X-Zvd2eC9YmrpQEebXbGvNshlpy2wzA1zKdNl7IcReinJnTvjOpEumhqEnxbZfUK03JgiFz8hrwbm7RPbn7DwQ8FqymWyFB-5R2KxERzfiaBX-JFzAG9smnMbO7wIumiv_wSZNPLDumwa5leBeH1whiWKvxn0DT0vM5YsjxjaYG0sCFKUHGYahjYwGk8srL08bWLk4URwRYDpR-2Kh3sI7N_WSO99PkktYWGxr3A_yXkxg5M_XohJ9OHryCOply7uWRjbvESc62_hRJa2DqKoYjRhoKYh4dp9MiIlYd4l3KdSc8nalKzwL6ah8LfwQHD9B58hj5sR8VeXhqxi9Nl2ZMN809Pz5km_1sRcDX5P8k7nbpdifvyMB5-SJN33MMshPlJrqB0nFgjXfdsWAD9nRR9ddRs8duOlAAxHrf1REGaPyFwy-iII5mnQ8QsOPJ3QoZtks7lDRKvQptBgf0-G-lnI65VWrsHBgB428E5co1adRZZgaBAIX4pjRouA0NromTqM-20nPFYKaWR7VMTL9FbDYBDk4ySyf0VtP8K71OkREwQSjV6DSM98FKEYrP2YwEMvx6sesFX-h7iW_6FYqPianWU83j9N7gl8A7Vy5Cbl7Wmz1NT2X4Vwd-CzvfsxxrQxkaD0R3AYgobe1JHDLH5GPLPdt0uXnR2RffLF_9el88pg1T5aBotZkJ4vwiHd5tDmng54wAXy7bJdIWL18KGm3nq-iatLmVpK7oFz3EfB7-p1pnZnAsmz_PsPQhCA0PE00Excyvt3_5fpdHNEJ8RACYzijTuMYQdulBnHf0_q9XVSdP9Hs9lGDCmjIljkhDsj_Y_Po-pIU9JmtLWF6cgqRJApGzWpwwpBI-2ERXK13Aq0KZly6CxFJ87nBNleyn6buZehZ-4G7YVARzvenv5H0ql6B-nkiyaKMc_WnKDjvjcIIlog8z_Q7jN1N0qLDJphMO9YOHA96NpuP2Jw4ffsa7vlqJZ2J6mA08wApb4MJwwWTaB0S9zMwbM_ptznWS_9plvSnXwTiDp6RfX91V435skf_rFElRCdvGXz8Jy-LDuLNIqus_1-HQ9uz8MXYYGR0mGr2nWefMpqhswpAyz5QdMAXKzT01vQ&sai=AMfl-YRFDX-xomZ8DvVdxb9eLY-a9Vy687QyUC20tnxVit13XnFbfv66TfUbxfQdrart1v6gekTw2qQ3ESGRF3JWYQuZIhhffV1VR8WaSvQiyM4Qj1Ey9ztSxgF_I55mtC9KsaxM2KKDTfOuRuy5BadJfc0saFshCyuawowhSLkvtsxUdZB_3q7NUmSXogvIf2NgKRZd-VZTtOZ0wFsCC2C5Z6XjCaZGs5Dzsejd5UnE67Cn&sig=Cg0ArKJSzBNcWc1Sy4clEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=103&cbvp=1&cstd=101&cisv=r20220726.78572&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.megamillions.com
URL: https://www.megamillions.com/how-to-play

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 28 Jul 2022 16:52:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js Show response
pagead2.googlesyndication.com/bg/ Frame EE1E 36 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 10:14:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Jul 2023 10:14:42 GMT

GET
H3 200 366e31a1f3550ddbb5d920027bc4e28c.js Show response
s0.2mdn.net/sadbundle/10542794862352680631/ Frame 444A 79 KB
20 KB 23ms
22ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10542794862352680631/366e31a1f3550ddbb5d920027bc4e28c.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10542794862352680631/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0bfa2e15c5945adbe0020615514facbb84218541526648a46e041c3ca9e291c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10542794862352680631/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 12:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101528
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20595
x-xss-protection: 0
last-modified: Wed, 18 May 2022 12:27:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jul 2023 12:40:37 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 444A 4 KB
1 KB 80ms
30ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500|Roboto:900

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10542794862352680631/366e31a1f3550ddbb5d920027bc4e28c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d352797c9473d7a0f0d88d182633330a8a7058a68cd6c052a8a2e2e6ffba4e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 16:51:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 28 Jul 2022 16:52:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Jul 2022 16:52:45 GMT

GET
H3 200 a4fed34c135b8411e3d7c54525fc9268.png
s0.2mdn.net/sadbundle/10542794862352680631/media/ Frame 444A 3 KB
3 KB 21ms
21ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10542794862352680631/media/a4fed34c135b8411e3d7c54525fc9268.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10542794862352680631/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc4037c943b2d07d355bb59e4148b6ce7bbfb18f3cce57ab7842cfee945e7353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10542794862352680631/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 12:40:42 GMT
x-content-type-options: nosniff
age: 101523
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
last-modified: Wed, 18 May 2022 12:27:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jul 2023 12:40:42 GMT

GET
H3 200 bf3fada17ee2196e44b99a783a0f5ebd.png
s0.2mdn.net/sadbundle/10542794862352680631/media/ Frame 444A 2 KB
2 KB 22ms
21ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10542794862352680631/media/bf3fada17ee2196e44b99a783a0f5ebd.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10542794862352680631/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c9e0e42bea66fc8e39316385024f689c02ad18f25b9fd46e17ce096142f7e6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10542794862352680631/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 12:40:42 GMT
x-content-type-options: nosniff
age: 101523
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2344
x-xss-protection: 0
last-modified: Wed, 18 May 2022 12:27:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jul 2023 12:40:42 GMT

GET
H3 200 7c11343c33ec8d747033c663357d3382.png
s0.2mdn.net/sadbundle/10542794862352680631/media/ Frame 444A 4 KB
4 KB 22ms
21ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10542794862352680631/media/7c11343c33ec8d747033c663357d3382.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10542794862352680631/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe515311d70eb7d6920650df679761def7018ccaf1899e0e648ee9b1dad99141

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10542794862352680631/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 12:40:42 GMT
x-content-type-options: nosniff
age: 101523
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3900
x-xss-protection: 0
last-modified: Wed, 18 May 2022 12:27:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jul 2023 12:40:42 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE1E 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=By9bl3b7iYpm8DYn-7_UP8Oa4wA4AAAAAOAHgBAI&bg=!1Nel15PNAAacadVKvGk7ACkAdvg8WhIQFlqpgB0qWdDi8-0EsqGtPerBsTLgHJ3EFeLlCVyIAeW1BAIAAABHUgAAAAJoAQeZAvg3K8shxoVJkudJUYcarM2pGtqAkCM55822yF7HQhIF6xU1UyzoiwWj_3-UDblPJMy8ylN7LH6_j6JKqvZlqY5RD1DMmbV_QE0eTbrwOqSY1AT4AyRrQndKo1Fyn-SybUY_AI_b_kPGyvSERlz1weKjDnNwbqSvR1lst1PIrQxzM1l8BKXyMnnXcPPHe_eLbUNgg3s2NSslZ4GpDFkaWATL1OGCq___XIr1ahIneRTWRN0C9axXFzdW0BdNIy-zleV7lLAhDp13qy_-ktX0FimKBgFGJHvkako_Ycdpt0_aw6RrFh8p-WWBjCScNBsvo-ji2ajnWSy5X6hUBqkyNk5RUsSbPTKzVEvsNpA1CC1_e6rtNm6C4MsbZK3YfzHeyTXTBkTnuWjfGJet77SLDuvrUGXWVa2mDRrEq8bsNMDOYiv3iXevbOtuoYpkjvGUA70IWYDE9MGZBQ0N95wIOdpptsFn54Imw4y6T_YCAsV4_QpUatcmJYW-LBgRaqbtb_efM1GcSy7tCzWU-sdv7wHrxu5p5G89Yi8hVaNByNwIKXA8MaCtJatHxM57sMdoPnO5r8F-Erz4Osmkpch8kSnZJmNJ-xBH30BBKbdfn5vZDxOP9FNwE_BdcOCXV_UUL9a7uq2HZE8oPqfTi6_f4tWMpVj_dl6KRvFlHggvugJWzkSwA6jJvRqEnoQZiIvOqdYFDko1IUbeg4tNSFpfknZ7LsXMoFInUxhtJC6ImXahMPOyolstGfiXShd3yuqOrj-EFeNXgr53ae-PycKZtcYhqXKkF6aqQ8s9wT4jL1JqWc1qh04iv1ZPmXZVlkjDaukk52qkp7t1Bu19z1Q7-ICA3ub7qek1_GkFhdTv8kngeMddq1mibq51oCg8xhH-NLwnBZoAkfMJr1taNgSJnvPrpsnWcKs4DXYALYGee0nFxExn8fMc7O5OMffIKydaluf-sCfDQp2cZxvs7wUZf6OT7CPcxaHyAEVqzTTuCGYW540dmcEWVsOd

Requested by

Host: 97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
URL: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 16:52:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a7645bc61668f88281ff5a1e293cbd1a.png
s0.2mdn.net/sadbundle/10542794862352680631/media/ Frame 444A 3 KB
3 KB 22ms
21ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10542794862352680631/media/a7645bc61668f88281ff5a1e293cbd1a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10542794862352680631/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07facf34d86eb17b122b2e149005856a98d4c32d1b82b61bb1f1aa30aef49979

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10542794862352680631/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 12:40:42 GMT
x-content-type-options: nosniff
age: 101523
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2817
x-xss-protection: 0
last-modified: Wed, 18 May 2022 12:27:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jul 2023 12:40:42 GMT

GET
H3 404 undefinedpo641w
s0.2mdn.net/sadbundle/10542794862352680631/ Frame 444A 43 B
64 B 139ms
138ms Image
image/gif 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10542794862352680631/undefinedpo641w

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10542794862352680631/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10542794862352680631/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 16:52:45 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Thu, 28 Jul 2022 16:52:45 GMT

GET
H3 200 f45498220ed0fab6f877cde754f23b98.png
s0.2mdn.net/sadbundle/10542794862352680631/media/ Frame 444A 6 KB
6 KB 22ms
21ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10542794862352680631/media/f45498220ed0fab6f877cde754f23b98.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10542794862352680631/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bdc417f0b9db5d697187587a8790601b00d68fd75ed19b55c3c2975e82852f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10542794862352680631/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 12:40:42 GMT
x-content-type-options: nosniff
age: 101523
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5987
x-xss-protection: 0
last-modified: Wed, 18 May 2022 12:27:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jul 2023 12:40:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 444A 15 KB
15 KB 76ms
27ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500|Roboto:900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 03:39:12 GMT
x-content-type-options: nosniff
age: 47613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jul 2023 03:39:12 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 444A 16 KB
16 KB 70ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500|Roboto:900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 273400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 12:56:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 65ms
65ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220726&jk=445500775861648&bg=!CQqlCk7NAAacadVKvGk7ACkAdvg8WjLeVJk-ly_Lhix5tQk1p2DiEgqRPQfLCSir9-aU_rLPP2DovAIAAAGbUgAAAAJoAQeZAp60RZEGXOOfG1geBkgCFB138z0qJGWevWlBJKOVY1vCBFfifePbWq__YzXSHsMnmmkKNFAui1fZtXtaxWoDXJRMFGsJQJNnl1ocgXFvkRWu8yFi0LiIM_6sqzlAfHZZaW6VjzX_fdRbjLzVM80h1ZLUnclHCKyBGXfBE_8PfyBq8nef9pQVUvBkzQ8TrDcthSlSyjwo9fiSWulLUpjtb3fTlJPcUxhD96ZTHx1lT5LMRlTuRquRa87JhH_Ch5qpnK2Amy19k7s4-6zet2l4o-VR3TIt-YpSofO6Ek88N3ar2Pffj7aLeGsTamcGnNiZWenJYLaBi_fHqB3nW7OQFf2B1VtSGP4WkKGYi1UVJrN5kIBty0bxHEECzHYTGBGlufDXEQ8qVugk2VFrQvcEHkU9C2WV8rrXGrcaiJGmpCAlVCRWqw-eQYzp5tdn8qA4tNCFV_CBydpISGs2JyDNERKz_gX6UFMa2h2nftRT3lceMabwEcKlQ1BQ52Byak7MKKer1cOIzN0qlRXjqsCd7-yZNfz5KOhvIAy5lbToyWB9K9fptKk_-ebN8Qqwu96yrJkV6a7FaaHvHCJZGX1Muh62UPqX6lHwtZRcuwjUV88xReKashNbfbnUdH7mY2o8_Vwb-zoQWw8bPoXdAX4hzpBDfmleG5ae2eR6mnlf79egDUE49omylD6EE6ViFz8kVBO0R60FtzY6ttGHUy7sPq2AW-g3blZ-VdHeyNYLtOe69PjQ7yX-I3-7TV3V5XbGXI7ybEbc7BnfRvK1H7REKpI-zjHYZLxBpjopmOtRs9m04dc6YLuSdnZX4SmhpmaNMoD0RnnlfY3vQrEQFMv8qDZ-PV8ATS1A_xt5pBXn5OQ-mylgrmb2t8GYUf9P9QTD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.megamillions.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2F3E 0
26 B 103ms
59ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvrQ1D_FB5K8C0qRfzF-xAxxjXWquXuHgaeznX2AIdmnRsdXLPhtzSQ4sY_1_WUHLLcm6_uQ6spkTEVC5wt8btHQJ8X0jTYKpiHCFZZp3uhbAD1asV40EkpetwewE_LU525NiU5Luq-hspd1hUldVnFcd5g55DyWoMcabG0vDlxtBS_gStz_uZJBBen-X-Zvd2eC9YmrpQEebXbGvNshlpy2wzA1zKdNl7IcReinJnTvjOpEumhqEnxbZfUK03JgiFz8hrwbm7RPbn7DwQ8FqymWyFB-5R2KxERzfiaBX-JFzAG9smnMbO7wIumiv_wSZNPLDumwa5leBeH1whiWKvxn0DT0vM5YsjxjaYG0sCFKUHGYahjYwGk8srL08bWLk4URwRYDpR-2Kh3sI7N_WSO99PkktYWGxr3A_yXkxg5M_XohJ9OHryCOply7uWRjbvESc62_hRJa2DqKoYjRhoKYh4dp9MiIlYd4l3KdSc8nalKzwL6ah8LfwQHD9B58hj5sR8VeXhqxi9Nl2ZMN809Pz5km_1sRcDX5P8k7nbpdifvyMB5-SJN33MMshPlJrqB0nFgjXfdsWAD9nRR9ddRs8duOlAAxHrf1REGaPyFwy-iII5mnQ8QsOPJ3QoZtks7lDRKvQptBgf0-G-lnI65VWrsHBgB428E5co1adRZZgaBAIX4pjRouA0NromTqM-20nPFYKaWR7VMTL9FbDYBDk4ySyf0VtP8K71OkREwQSjV6DSM98FKEYrP2YwEMvx6sesFX-h7iW_6FYqPianWU83j9N7gl8A7Vy5Cbl7Wmz1NT2X4Vwd-CzvfsxxrQxkaD0R3AYgobe1JHDLH5GPLPdt0uXnR2RffLF_9el88pg1T5aBotZkJ4vwiHd5tDmng54wAXy7bJdIWL18KGm3nq-iatLmVpK7oFz3EfB7-p1pnZnAsmz_PsPQhCA0PE00Excyvt3_5fpdHNEJ8RACYzijTuMYQdulBnHf0_q9XVSdP9Hs9lGDCmjIljkhDsj_Y_Po-pIU9JmtLWF6cgqRJApGzWpwwpBI-2ERXK13Aq0KZly6CxFJ87nBNleyn6buZehZ-4G7YVARzvenv5H0ql6B-nkiyaKMc_WnKDjvjcIIlog8z_Q7jN1N0qLDJphMO9YOHA96NpuP2Jw4ffsa7vlqJZ2J6mA08wApb4MJwwWTaB0S9zMwbM_ptznWS_9plvSnXwTiDp6RfX91V435skf_rFElRCdvGXz8Jy-LDuLNIqus_1-HQ9uz8MXYYGR0mGr2nWefMpqhswpAyz5QdMAXKzT01vQ&sai=AMfl-YRFDX-xomZ8DvVdxb9eLY-a9Vy687QyUC20tnxVit13XnFbfv66TfUbxfQdrart1v6gekTw2qQ3ESGRF3JWYQuZIhhffV1VR8WaSvQiyM4Qj1Ey9ztSxgF_I55mtC9KsaxM2KKDTfOuRuy5BadJfc0saFshCyuawowhSLkvtsxUdZB_3q7NUmSXogvIf2NgKRZd-VZTtOZ0wFsCC2C5Z6XjCaZGs5Dzsejd5UnE67Cn&sig=Cg0ArKJSzBNcWc1Sy4clEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=448&vt=11&dtpt=345&dett=3&cstd=101&cisv=r20220726.78572&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.megamillions.com
URL: https://www.megamillions.com/how-to-play

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Jul 2022 16:52:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2F3E 42 B
64 B 68ms
67ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjY0G7UEjvjELZh9r3xovO5EIubrtE-5Eyu5HrJtUIpONkHJDFp6HNZPtCyufoVfQZB3B_FhhtvRMfNxm4J0KKFXMcNfEtrkpFkIiAZ3jrtSb-wiqW38SnLuES7rM3hUJEkARbsjjO9w2T&sai=AMfl-YTDPkNIcaayE6cMbWVAWdE2XIKPoeXO6wpPL9VP6ER5LNco1m9JYg9E46O-yo56etKoMuuapyTh3CwikIyYNPyt26Mv1rBc1QRWoe08jYAgZyQDBFz3dwcxaxY&sig=Cg0ArKJSzBDwESIwPb5LEAE&cid=CAASJORos_05PDlaQiE0PQlrgZueDH2Q9wS89I69XkZ6D0mjoe4GAw&id=lidar2&mcvt=1000&p=11,593,101,1321&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220725&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3207684569&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1659027164733&rpt=596&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jul 2022 16:52:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOxjh_J2VQ9QFx4UsDwY0Gc&google_cver=1&google_push=AehlK4BhtV6-urVM20J_u1swthabUcwNOCG8C1Zq4qQf6hg4tI80sNxDAjwCr27k6OKP1A09hOXMAbyXqUrW4EV8Lft3rsauj5a-HxA

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.megamillions.com/	1970-01-20 13:36:03	Name: CMSPreferredCulture Value: en-US
www.megamillions.com/	1969-12-31 23:59:59	Name: CMSCsrfCookie Value: jghx91NFktY+rXWC/lk0j61IqQKvkDtYxlLvjlpD
www.megamillions.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: fyrscme2tpo2q0p4xaojtjnd
www.megamillions.com/	1970-01-20 04:50:28	Name: __cflb Value: 0H28uvMTgnCqy2gCWnKK9PbTeFLuMB2Q3gRqhPXYBUH
.megamillions.com/	1970-01-20 07:00:03	Name: _gcl_au Value: 1.1.295444071.1659027164
.megamillions.com/	1970-01-20 22:21:39	Name: _ga Value: GA1.2.592764621.1659027164
.megamillions.com/	1970-01-20 04:51:53	Name: _gid Value: GA1.2.1027947212.1659027164
.megamillions.com/	1970-01-20 04:50:27	Name: _gat_UA-130954248-1 Value: 1
.doubleclick.net/	1970-01-20 14:12:03	Name: IDE Value: AHWqTUmx-GcqY3ao1sNJzLFqoTQreNJV-zFN4VR4Mo4Wzy7_p2rt9BCNUsujFzCaX10
.megamillions.com/	1970-01-20 14:12:03	Name: __gads Value: ID=45a9a12dd712e372:T=1659027164:S=ALNI_MazNQlEktzXDxRhT95BoR9-17uGYw
www.megamillions.com/	1970-01-20 04:50:27	Name: __cfwaitingroom Value: Chh1WTdLQ1VQTGQ3Q2xZN0tZVnJWYWFnPT0SlAJPd3hQcHBXRHAzQllDVDJDdnRVQU5Wci9MT21EaE5qWHQ0YzhUa3hDVlk1MCs3cjBEMWZLR3JHOEN2VEQwUGl0RFE4ZWFmYjNxSER0NWVHK3B3MVNySTFHZzVFWUxBQW5Hb1FSdTJxNURxMW9hb0NCSzFkK2tYMnlFUjBUdWtia0xUc2Y3ckNGUkl4dE4zeDdkODl1dGgyZlNYS2lzalBFa0VKYVlYZkFiSXlMT1BvUzlRbWU5cFdDZDRRN0ViRmxPbFNuTkc0S3k1aVo0cC9DdVpDNklpTm05ZCtrNU1ZU0FKeGQwSU5NRGszUStKSXZPYUhmdzhEWkJBdHJZY3lROVdjOC8vTUR0d0NpVlljNE5JST0%3D
.adnxs.com/	1970-01-20 07:00:03	Name: uuid2 Value: 2058532892830262457
.casalemedia.com/	1970-01-20 13:36:03	Name: CMID Value: YuK.3ZggJziG.EBHNTq88AAA
.casalemedia.com/	1970-01-20 07:00:03	Name: CMPS Value: 5176
.casalemedia.com/	1970-01-20 07:00:03	Name: CMPRO Value: 5176
.adnxs.com/	1970-01-20 07:00:03	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVRu]JAN!]tbPl1M>e)ZlrFUfJ+tGXxoi8`')NLenI(OoX)wM(PlLM^ys7Zsm0)C1:MTbpRzqF1`b`G[A@-c
.quantserve.com/	1970-01-20 07:00:03	Name: d Value: EGIBCQHcJoEA
.quantserve.com/	1970-01-20 14:20:41	Name: mc Value: 62e2bedd-65545-9cd1f-5e078
.agkn.com/	1970-01-20 13:36:03	Name: ab Value: 0001%3AhsKSOIPg7T1ayllhwogelb1Cer7qFwA7
.agkn.com/	1970-01-20 13:36:03	Name: u Value: C\|0CEAqdXtdKnV7XQAAAAAAAQ13AQCAAQpAAAAAAA
.casalemedia.com/	1970-01-20 07:00:03	Name: CMTS Value: 1214
.innovid.com/	1970-01-20 07:00:03	Name: uuid Value: 18fcc5b5-8b25-43c9-87a7-3c39beb4562b-20220728 12:52:45

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOxjh_J2VQ9QFx4UsDwY0Gc&google_cver=1&google_push=AehlK4BhtV6-urVM20J_u1swthabUcwNOCG8C1Zq4qQf6hg4tI80sNxDAjwCr27k6OKP1A09hOXMAbyXqUrW4EV8Lft3rsauj5a-HxA Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://s0.2mdn.net/sadbundle/10542794862352680631/undefinedpo641w Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

97fb7dba61ebd24aae179971f45b3616.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
ag.innovid.com
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
s0.2mdn.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.megamillions.com
googlecm.hit.gemius.pl
104.18.18.126
142.250.181.226
142.250.186.162
172.217.18.98
18.192.108.196
185.89.211.132
2606:4700:10::ac43:188d
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:80b::2004
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a05:d01c:1d8:8102:8e6d:8fd7:763c:360f
35.186.253.211
69.173.144.139
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
07facf34d86eb17b122b2e149005856a98d4c32d1b82b61bb1f1aa30aef49979
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1d352797c9473d7a0f0d88d182633330a8a7058a68cd6c052a8a2e2e6ffba4e4
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2c9e0e42bea66fc8e39316385024f689c02ad18f25b9fd46e17ce096142f7e6f
34cce832fafd4507ca484d1662ac1ff62f68a844f9adb362867c60688761238b
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb
3f6b411ff1a84c15ee06af050f007a928cfb511565d0286aae01f05469aa5116
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
45f4c8f64c6bab2f4bf1c372bd075be57c67ff285ab0820ce4572f76a6968e1d
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56fd191ceda581ffa1004d8a689664af5887ac8bd1a2d370d775e61b0bc7fce5
5edb7ff7c2bed3295563961d024c7dfa0e060ff12ecd9913897c42b9173eada7
60f276b65b0da44961d7a0536a0577c2f426fb3e8ebe515962a0749c78c26375
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
636cc1523f3c1d2b2c03edb0e47eacb4f597b91b773bc8b8be4c14fe2d4b8880
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f761aab3bf051efa97b8361efb44ec6aeab54bbdd9605bf673c401164fc9a21
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
7bdc417f0b9db5d697187587a8790601b00d68fd75ed19b55c3c2975e82852f9
7c07f37793f58b1f6f7371465d9aa2a44a60f072658b3e320d63da269e098bd4
7c4dc0511bf663fdc5442fe187473916350a74a68341d87dbdd633c8d1cebd3f
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85b07acbf52104295acca3385d5029534998d22b1cbc41fc88dba69cc7c77a62
867222183f7b4fdace7636718acb18b75476fc82e388130e0c06d7ec1103273d
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b965349059a3fa71b19416b65823a121fadcbb52945d0375e69d2f5a9120a45
975707e0f84fdf7439284679f4ae53d7e244140753e5d1dbb50ddf9a30d1c1b8
97fcbef82bd374a9f5a0b3f2bd8c3a62f2c493e28f05c43a24539d5b923032cc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9fd7f2a8374caa75ba25d2c32655fed6a5a9d8fa756ff9c569c92146540c1f0e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5342bd6fc93fb86a23359482300105a25ca44266fd6b71df3e58acd161dc8a8
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
b13b8f89a79c883eb205b34adf7ea6afad13e4e7834f0487a3e9335dcaf09d24
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c36cfc6dfee8e17ae9ae79c978c6d752b7cd85bd22b37239f2d2e68a6d89261c
cc4037c943b2d07d355bb59e4148b6ce7bbfb18f3cce57ab7842cfee945e7353
ccf275d85ba3479f9bb61b3915f34b3a16b5437cd0f4ec25666d819875a059a9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dad4bb3c449bb3356ff14cade123016be1ce45114279cad653a51f101f9cfffb
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e0aa02cde317130ce4b066136a2e4d2d7d08eb2314788999c9e6677a4bea8af7
e0bfa2e15c5945adbe0020615514facbb84218541526648a46e041c3ca9e291c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e71e913f9757ed8a74b247d64129a540a19bdffc7336cd91e77ee2a778194cdc
ea23fa178c761c715a00c4ceaa9b93ed323da784a903df018a4fb04b10288ca3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef909be58a5c40c47459071a29aa5d7ecdebc10e04acd9aecde6c6273c0e4010
f5ce8ecc153c4e51d77a8480af2c1ceeb0c94a94f30b78d23151cacef80e6e32
f9ee29c56d828bf172d5b08eebe5a3bfcfc51e9e3e2cc6358f870af489b7db7d
facc0aec71b192c1f236ecb44fe6db2281306f3ba98ae5a62fde643dab7587c1
fe515311d70eb7d6920650df679761def7018ccaf1899e0e648ee9b1dad99141

www.megamillions.com Open in urlscan Pro 2606:4700:10::ac43:188d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

87 Requests

91 %HTTPS

65 %IPv6

20 Domains

27 Subdomains

22 IPs

4 Countries

1135 kBTransfer

3640 kBSize

22 Cookies

1 Outgoing links

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.megamillions.com Open in urlscan Pro
2606:4700:10::ac43:188d Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

91 %
HTTPS

65 %
IPv6

20
Domains

27
Subdomains

22
IPs

4
Countries

1135 kB
Transfer

3640 kB
Size

22
Cookies

87 HTTP transactions
2 data transactions