www.megamillions.com Open in urlscan Pro
2606:4700:10::ac43:188d  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMA2zOgzLzIRiuBd6Vh2RUg&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMA2zOgzLzIRiuBd6Vh2RUg&google_cver=1&C=1

Request Chain 50

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfqpFAfuqlzbpu23kAqVVgAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELXgd3JdQqhm3I3j-cDJjQw&google_cver=1

Request Chain 51

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEPfRTZIE8ZiYqjTZPx2aZZI&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPfRTZIE8ZiYqjTZPx2aZZI%26google_cver%3D1

Request Chain 52

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg4ODAxNzI0NTk2NTc4NjI4

Request Chain 53

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMA2zOgzLzIRiuBd6Vh2RUg&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMA2zOgzLzIRiuBd6Vh2RUg&google_cver=1&C=1

Request Chain 54

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfqpFAfuqlzbpu23kAqVVgAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELXgd3JdQqhm3I3j-cDJjQw&google_cver=1

Request Chain 55

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEPfRTZIE8ZiYqjTZPx2aZZI&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPfRTZIE8ZiYqjTZPx2aZZI%26google_cver%3D1

Request Chain 56

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg4ODAxNzI0NTk2NTc4NjI4

Request Chain 64

• https://hal900023.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=2c7f9b570e&subid=&uid=7016e5b7bd9f1152&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu_gyE6n6YZuLOtuKrATw4KDgBrXN-YNXzN65q-UM8C4QASD1qZF0YJWioIKwB8gBCakC8YQjb4_6sj6oAwGqBIcCT9DzLkzIJLOpPqwreIwCoLmWHA1t6hq4BDDPUWIE0JjYBOBtgTgyqEopUcPsNuY-FTW1euW_Uo55WDlWQY-8UBc0XCtW1-3Ve_Bv9hUA71TFNyFz49dNImfdntq7l1Bb0GjqWVTPQ4w7Mp0xr2m_7pKVvl5VWF4XMVBZqhx2QmsxszzQ-hv16Z3H28mZx7Fq0iSZhEx6Xac1cCD1Mo3yqchpFKZof-KK_MDZZWpuNPZKHxn2L0hByKMPSLLtB1IF8ueue5hWNGBG1osp4Dt8VBkSeBsWEwLvHuZ--PKOSgrEiuFTaazvwDu85kmt3Kyt8TGy1dIRmDOM_GACUD-Kd3wzspCFAkrABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRo98sIfChX6g-Npim-CVhxT1iVCQ%26sig%3DAOD64_1oOZG8-NCRCEqbfOkp94bpgHn7YA%26client%3Dca-pub-5768712291361172%26dbm_c%3DAKAmf-ANZoamsVnigKK_LHlsW11SGHwXhx3Ay34EaE4hovJ_BtXi7yF0M1nAh2PAXJN-uNqCG_YlsplEdmDeitRjuXO6hVofk8_8BdwWQIWjEZpbLMlb5ASnFz1AjShQN7jh1CIoYPyccsR5TAbq4kjZ1-MRBDO3CA%26cry%3D1%26dbm_d%3DAKAmf-B479cbAHdwU36yTG9zDuOJv49V5Nd5mBuo4pOpbnynZkT1sOHBU3KW45CNtlKAHaZDjs_PGKqHWXKssCtkjLTfgoA47cids4alw1U4cA9CDBav7e-AUIGp08adSv2QrZvkW7-R4enwTHN-p-1PQlHN-uKvz5LcHCQCUPhrz6NKEzZdiRKZ7__NN1im6fuLlAvbzwZorBE0ZZo6Y5K4kmCPzahwCAbbLL8x4ZS0zKFENYk8piU2n3JpQTEX19F4CGQE2AxBJ4moRxXDQXthXMN9RULw7nBW2vSm0zKfO0IplGzJy0OvXQ2p0Z7hLKvuZeNbnpv4G0vtpN40iSyl-8dImqerkObYJZsIa8KK2jgt5fbWp_FThTms8ejTS0P0LzG7fovM5jr5seJdflrZdDX-5XD0WBn-pOMEXg9tbF1pdQWQpYc2C36uZdJYaZpRs6-n8i9PTRUviRPvkkel_QMGWG-TxA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.megamillions.com%2F&ancestorOrigins=https%3A%2F%2Fwww.megamillions.com&random=4249695649633&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
• https://hal900023.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=2c7f9b570e&subid=&uid=7016e5b7bd9f1152&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu_gyE6n6YZuLOtuKrATw4KDgBrXN-YNXzN65q-UM8C4QASD1qZF0YJWioIKwB8gBCakC8YQjb4_6sj6oAwGqBIcCT9DzLkzIJLOpPqwreIwCoLmWHA1t6hq4BDDPUWIE0JjYBOBtgTgyqEopUcPsNuY-FTW1euW_Uo55WDlWQY-8UBc0XCtW1-3Ve_Bv9hUA71TFNyFz49dNImfdntq7l1Bb0GjqWVTPQ4w7Mp0xr2m_7pKVvl5VWF4XMVBZqhx2QmsxszzQ-hv16Z3H28mZx7Fq0iSZhEx6Xac1cCD1Mo3yqchpFKZof-KK_MDZZWpuNPZKHxn2L0hByKMPSLLtB1IF8ueue5hWNGBG1osp4Dt8VBkSeBsWEwLvHuZ--PKOSgrEiuFTaazvwDu85kmt3Kyt8TGy1dIRmDOM_GACUD-Kd3wzspCFAkrABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRo98sIfChX6g-Npim-CVhxT1iVCQ%26sig%3DAOD64_1oOZG8-NCRCEqbfOkp94bpgHn7YA%26client%3Dca-pub-5768712291361172%26dbm_c%3DAKAmf-ANZoamsVnigKK_LHlsW11SGHwXhx3Ay34EaE4hovJ_BtXi7yF0M1nAh2PAXJN-uNqCG_YlsplEdmDeitRjuXO6hVofk8_8BdwWQIWjEZpbLMlb5ASnFz1AjShQN7jh1CIoYPyccsR5TAbq4kjZ1-MRBDO3CA%26cry%3D1%26dbm_d%3DAKAmf-B479cbAHdwU36yTG9zDuOJv49V5Nd5mBuo4pOpbnynZkT1sOHBU3KW45CNtlKAHaZDjs_PGKqHWXKssCtkjLTfgoA47cids4alw1U4cA9CDBav7e-AUIGp08adSv2QrZvkW7-R4enwTHN-p-1PQlHN-uKvz5LcHCQCUPhrz6NKEzZdiRKZ7__NN1im6fuLlAvbzwZorBE0ZZo6Y5K4kmCPzahwCAbbLL8x4ZS0zKFENYk8piU2n3JpQTEX19F4CGQE2AxBJ4moRxXDQXthXMN9RULw7nBW2vSm0zKfO0IplGzJy0OvXQ2p0Z7hLKvuZeNbnpv4G0vtpN40iSyl-8dImqerkObYJZsIa8KK2jgt5fbWp_FThTms8ejTS0P0LzG7fovM5jr5seJdflrZdDX-5XD0WBn-pOMEXg9tbF1pdQWQpYc2C36uZdJYaZpRs6-n8i9PTRUviRPvkkel_QMGWG-TxA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.megamillions.com%2F&ancestorOrigins=https%3A%2F%2Fwww.megamillions.com&random=4249695649633&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 72

• https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8556203208667.255 HTTP 302
• https://5994599.fls.doubleclick.net/activityi;dc_pre=CJWN4bOw4fUCFfUHBgAdKygEYQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8556203208667.255

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.megamillions.com/	19 KB 7 KB	567ms 504ms	Document text/html	2606:4700:10::ac43:188d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.megamillions.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 3eb70ef436431eaf47cf26dc4282c31758a234585f81beec62a4a585c1c9c069 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Wed, 02 Feb 2022 15:53:55 GMT content-type text/html; charset=utf-8 cache-control no-cache, no-store, must-revalidate pragma no-cache expires -1 x-frame-options SAMEORIGIN x-ua-compatible IE=Edge x-aspnet-version 4.0.30319 x-powered-by ASP.NET cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6d749854090090e6-FRA content-encoding gzip
GET H2	200	stylesheet.min.css www.megamillions.com/styles/css/	184 KB 75 KB	700ms 699ms	Stylesheet text/css	2606:4700:10::ac43:188d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.megamillions.com/styles/css/stylesheet.min.css?v=20190530 Requested by Host: www.megamillions.com URL: https://www.megamillions.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 5685c8fb16e9dddada8adfd58637fb7775309a9c520486acfdf14a08c0a77093 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:55 GMT content-encoding gzip etag "0beef8850bd51:0" cf-cache-status EXPIRED last-modified Wed, 15 May 2019 19:01:00 GMT server cloudflare x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type text/css cache-control public, max-age=691200 accept-ranges bytes cf-ray 6d74985748b190e6-FRA vary Accept-Encoding content-length 76966
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	80 KB 27 KB	78ms 42ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.megamillions.com URL: https://www.megamillions.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8f2f643565818a91840150840156c395a99cdb4366d4433288656df957a88ba4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:55 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27312 x-xss-protection 0 server sffe etag "1119 / 182 of 1000 / last-modified: 1643803780" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Wed, 02 Feb 2022 15:53:55 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	148 KB 52 KB	71ms 47ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: www.megamillions.com URL: https://www.megamillions.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ce40ddc7fd8a7c55b935459d214468affe85e8a397f65f9aa1bd80eca6ba441 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:55 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52515 x-xss-protection 0 server cafe etag 5244647078389806006 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Wed, 02 Feb 2022 15:53:55 GMT
GET H2	200	WebResource.axd Show response www.megamillions.com/	23 KB 5 KB	543ms 542ms	Script application/x-javascript	2606:4700:10::ac43:188d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.megamillions.com/WebResource.axd?d=ZIQniEr9Mywq2t6w0aFkmfevBKkcSs_6bpPr1WgPVOUlKh-_KfHL6_GLwG_j5wygKHT2Io177gD_3d9wGGzhTAdNM801&t=637750614580544600 Requested by Host: www.megamillions.com URL: https://www.megamillions.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:55 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Tue, 14 Dec 2021 11:50:58 GMT server cloudflare x-aspnet-version 4.0.30319 x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/x-javascript cache-control public cf-ray 6d74985758b890e6-FRA expires Thu, 02 Feb 2023 10:00:11 GMT
GET H2	200	ScriptResource.axd Show response www.megamillions.com/	100 KB 25 KB	483ms 482ms	Script application/x-javascript	2606:4700:10::ac43:188d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.megamillions.com/ScriptResource.axd?d=brRkt1L0_30B7QS6tm7pqQt_F5EeFdvk5YVfxDqljjCdodU_QQ8Tb10b9vuvGEKsD3o792ejp_1xYU_sVqu1AvyRBofc8uLp8jFwNTZ2GKkJUSqDdlNQhtDsJVbuqA-m--yE_WD9ptrjC6d-6dIfL-gnr-E1&t=ffffffff8333b97c Requested by Host: www.megamillions.com URL: https://www.megamillions.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:55 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Wed, 02 Feb 2022 10:00:12 GMT server cloudflare x-aspnet-version 4.0.30319 x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/x-javascript cache-control public cf-ray 6d74985758bd90e6-FRA content-length 25609 expires Thu, 02 Feb 2023 10:00:12 GMT
GET H2	200	ScriptResource.axd Show response www.megamillions.com/	39 KB 10 KB	479ms 478ms	Script application/x-javascript	2606:4700:10::ac43:188d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.megamillions.com/ScriptResource.axd?d=i6bzkVdG9d-PWMRGhCyhO_KGYvHpc647dfE4sb6HFu8IbYM5e_v3Np4HW-FaVLqMNyuVMWmbLM9gTkRyJQovHm5icSk4pkNqqfM_cWgtreN_AcKMH-xswtVFWKWtx_7aMra27TzZq2jjzpQq9ec6UEY1QiOs7zInnFE5PUnAcok_wx3d0&t=ffffffff8333b97c Requested by Host: www.megamillions.com URL: https://www.megamillions.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:55 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Wed, 02 Feb 2022 10:00:12 GMT server cloudflare x-aspnet-version 4.0.30319 x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/x-javascript cache-control public cf-ray 6d74985758bf90e6-FRA content-length 9984 expires Thu, 02 Feb 2023 10:00:12 GMT
GET H2	200	logo_MM_233x110.png www.megamillions.com/GLC-Megamillions/media/images/logos/	31 KB 31 KB	604ms 603ms	Image image/png	2606:4700:10::ac43:188d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.megamillions.com/GLC-Megamillions/media/images/logos/logo_MM_233x110.png Requested by Host: www.megamillions.com URL: https://www.megamillions.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 7c07f37793f58b1f6f7371465d9aa2a44a60f072658b3e320d63da269e098bd4 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:56 GMT vary Accept-Encoding cf-cache-status EXPIRED last-modified Fri, 12 Mar 2021 18:02:24 GMT server cloudflare x-powered-by ASP.NET etag "894610db6917d71:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type image/png cache-control public, max-age=691200 accept-ranges bytes cf-ray 6d74985bcc5290e6-FRA content-length 32071
GET H3	200	pubads_impl_2022012701.js Show response securepubads.g.doubleclick.net/gpt/	355 KB 120 KB	23ms 7ms	Script text/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064649 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software sffe / Resource Hash 97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:02:54 GMT content-encoding gzip x-content-type-options nosniff age 3061 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 122333 x-xss-protection 0 last-modified Thu, 27 Jan 2022 09:34:36 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 02 Feb 2023 15:02:54 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	80 B 716 B	40ms 17ms	XHR application/json	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.megamillions.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash a335daeee19fd4706a23f570c8990357d3c2f47011db321ba08edfdf8c5648b4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Wed, 02 Feb 2022 15:53:55 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 80 x-xss-protection 0 expires Wed, 02 Feb 2022 15:53:55 GMT
GET H2	200	jquery.3.3.1.min.js Show response www.megamillions.com/scripts/	85 KB 30 KB	632ms 632ms	Script application/javascript	2606:4700:10::ac43:188d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.megamillions.com/scripts/jquery.3.3.1.min.js Requested by Host: www.megamillions.com URL: https://www.megamillions.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:56 GMT content-encoding gzip etag "04a28f792d41:0" cf-cache-status EXPIRED last-modified Thu, 13 Dec 2018 15:18:00 GMT server cloudflare x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/javascript cache-control public, max-age=691200 accept-ranges bytes cf-ray 6d74985b5b6990e6-FRA vary Accept-Encoding content-length 30401
GET H2	200	scripts.min.js Show response www.megamillions.com/scripts/	1017 KB 73 KB	722ms 721ms	Script application/javascript	2606:4700:10::ac43:188d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.megamillions.com/scripts/scripts.min.js Requested by Host: www.megamillions.com URL: https://www.megamillions.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 452ffaa086c28804b1a3f18e3fee7b4120a2df85e63a6d2cce71a4853c73d3c6 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:56 GMT content-encoding gzip etag "072443f41d4d41:0" cf-cache-status EXPIRED last-modified Wed, 06 Mar 2019 17:23:00 GMT server cloudflare x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/javascript cache-control public, max-age=691200 accept-ranges bytes cf-ray 6d74985bcc5690e6-FRA vary Accept-Encoding content-length 74102
GET H2	200	gtm.js Show response www.googletagmanager.com/	121 KB 46 KB	45ms 22ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5G7656B Requested by Host: www.megamillions.com URL: https://www.megamillions.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ec647fe7143ce94723f590ab4a60a61fa099c4db54ddafe02fe51d401cde5285 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:55 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46652 x-xss-protection 0 last-modified Wed, 02 Feb 2022 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 02 Feb 2022 15:53:55 GMT
GET DATA	200 OK	truncated /	60 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 636cc1523f3c1d2b2c03edb0e47eacb4f597b91b773bc8b8be4c14fe2d4b8880 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET H2	200	montserrat-v12-latin-regular.woff2 www.megamillions.com/styles/fonts/	18 KB 18 KB	519ms 519ms	Font application/font-woff2	2606:4700:10::ac43:188d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.megamillions.com/styles/fonts/montserrat-v12-latin-regular.woff2 Requested by Host: www.megamillions.com URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20190530 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.megamillions.com/styles/css/stylesheet.min.css?v=20190530 Origin https://www.megamillions.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:56 GMT vary Accept-Encoding cf-cache-status EXPIRED last-modified Wed, 12 Dec 2018 00:10:00 GMT server cloudflare x-powered-by ASP.NET etag "0fc9b5af91d41:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/font-woff2 cache-control public, max-age=691200 accept-ranges bytes cf-ray 6d74985bdc9890e6-FRA content-length 18684
GET H2	200	montserrat-v12-latin-600.woff2 www.megamillions.com/styles/fonts/	18 KB 18 KB	498ms 498ms	Font application/font-woff2	2606:4700:10::ac43:188d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.megamillions.com/styles/fonts/montserrat-v12-latin-600.woff2 Requested by Host: www.megamillions.com URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20190530 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 867222183f7b4fdace7636718acb18b75476fc82e388130e0c06d7ec1103273d Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.megamillions.com/styles/css/stylesheet.min.css?v=20190530 Origin https://www.megamillions.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:56 GMT vary Accept-Encoding cf-cache-status EXPIRED last-modified Wed, 12 Dec 2018 00:10:00 GMT server cloudflare x-powered-by ASP.NET etag "0fc9b5af91d41:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/font-woff2 cache-control public, max-age=691200 accept-ranges bytes cf-ray 6d74985bdca690e6-FRA content-length 18752
GET H2	200	montserrat-v12-latin-700.woff2 www.megamillions.com/styles/fonts/	19 KB 19 KB	497ms 497ms	Font application/font-woff2	2606:4700:10::ac43:188d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.megamillions.com/styles/fonts/montserrat-v12-latin-700.woff2 Requested by Host: www.megamillions.com URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20190530 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.megamillions.com/styles/css/stylesheet.min.css?v=20190530 Origin https://www.megamillions.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:56 GMT vary Accept-Encoding cf-cache-status EXPIRED last-modified Wed, 12 Dec 2018 00:10:00 GMT server cloudflare x-powered-by ASP.NET etag "0fc9b5af91d41:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/font-woff2 cache-control public, max-age=691200 accept-ranges bytes cf-ray 6d74985bdca990e6-FRA content-length 18956
GET H2	200	montserrat-v12-latin-900italic.woff2 www.megamillions.com/styles/fonts/	19 KB 19 KB	501ms 501ms	Font application/font-woff2	2606:4700:10::ac43:188d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.megamillions.com/styles/fonts/montserrat-v12-latin-900italic.woff2 Requested by Host: www.megamillions.com URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20190530 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 7c4dc0511bf663fdc5442fe187473916350a74a68341d87dbdd633c8d1cebd3f Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.megamillions.com/styles/css/stylesheet.min.css?v=20190530 Origin https://www.megamillions.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:56 GMT vary Accept-Encoding cf-cache-status EXPIRED last-modified Wed, 12 Dec 2018 00:10:00 GMT server cloudflare x-powered-by ASP.NET etag "0fc9b5af91d41:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/font-woff2 cache-control public, max-age=691200 accept-ranges bytes cf-ray 6d74985bdcaa90e6-FRA content-length 19104
GET H2	200	montserrat-v12-latin-italic.woff2 www.megamillions.com/styles/fonts/	19 KB 19 KB	549ms 548ms	Font application/font-woff2	2606:4700:10::ac43:188d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.megamillions.com/styles/fonts/montserrat-v12-latin-italic.woff2 Requested by Host: www.megamillions.com URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20190530 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash a629a2424ad41d63e025ac8d0756268ddd76877ed1d4f3a7a24109f13047289a Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.megamillions.com/styles/css/stylesheet.min.css?v=20190530 Origin https://www.megamillions.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:56 GMT vary Accept-Encoding cf-cache-status EXPIRED last-modified Wed, 12 Dec 2018 00:10:00 GMT server cloudflare x-powered-by ASP.NET etag "0fc9b5af91d41:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/font-woff2 cache-control public, max-age=691200 accept-ranges bytes cf-ray 6d74985bdcac90e6-FRA content-length 19164
GET H2	200	montserrat-v12-latin-500.woff2 www.megamillions.com/styles/fonts/	18 KB 18 KB	508ms 508ms	Font application/font-woff2	2606:4700:10::ac43:188d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.megamillions.com/styles/fonts/montserrat-v12-latin-500.woff2 Requested by Host: www.megamillions.com URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20190530 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.megamillions.com/styles/css/stylesheet.min.css?v=20190530 Origin https://www.megamillions.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:56 GMT vary Accept-Encoding cf-cache-status EXPIRED last-modified Wed, 12 Dec 2018 00:10:00 GMT server cloudflare x-powered-by ASP.NET etag "0fc9b5af91d41:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/font-woff2 cache-control public, max-age=691200 accept-ranges bytes cf-ray 6d74985bdccf90e6-FRA content-length 18728
GET H2	200	montserrat-v12-latin-300.woff2 www.megamillions.com/styles/fonts/	18 KB 18 KB	503ms 503ms	Font application/font-woff2	2606:4700:10::ac43:188d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.megamillions.com/styles/fonts/montserrat-v12-latin-300.woff2 Requested by Host: www.megamillions.com URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20190530 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash ea23fa178c761c715a00c4ceaa9b93ed323da784a903df018a4fb04b10288ca3 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.megamillions.com/styles/css/stylesheet.min.css?v=20190530 Origin https://www.megamillions.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:56 GMT vary Accept-Encoding cf-cache-status EXPIRED last-modified Wed, 12 Dec 2018 00:10:00 GMT server cloudflare x-powered-by ASP.NET etag "0fc9b5af91d41:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/font-woff2 cache-control public, max-age=691200 accept-ranges bytes cf-ray 6d74985bfcd190e6-FRA content-length 18444
GET H2	200	Flaticon.woff www.megamillions.com/styles/fonts/	4 KB 4 KB	491ms 491ms	Font application/font-woff	2606:4700:10::ac43:188d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.megamillions.com/styles/fonts/Flaticon.woff Requested by Host: www.megamillions.com URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20190530 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 45f4c8f64c6bab2f4bf1c372bd075be57c67ff285ab0820ce4572f76a6968e1d Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.megamillions.com/styles/css/stylesheet.min.css?v=20190530 Origin https://www.megamillions.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:56 GMT content-encoding gzip vary Accept-Encoding cf-cache-status EXPIRED last-modified Fri, 16 Nov 2018 13:47:24 GMT server cloudflare x-powered-by ASP.NET etag W/"b52967e7b27dd41:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/font-woff cache-control public, max-age=691200 cf-ray 6d74985bfcd390e6-FRA
GET H2	200	logo_MM_115x54.png www.megamillions.com/GLC-Megamillions/media/images/logos/	12 KB 12 KB	567ms 566ms	Image image/png	2606:4700:10::ac43:188d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.megamillions.com/GLC-Megamillions/media/images/logos/logo_MM_115x54.png Requested by Host: www.megamillions.com URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20190530 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 34cce832fafd4507ca484d1662ac1ff62f68a844f9adb362867c60688761238b Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/styles/css/stylesheet.min.css?v=20190530 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:56 GMT vary Accept-Encoding cf-cache-status EXPIRED last-modified Fri, 12 Mar 2021 18:02:16 GMT server cloudflare x-powered-by ASP.NET etag "33b147d66917d71:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type image/png cache-control public, max-age=691200 accept-ranges bytes cf-ray 6d74985c3d5a90e6-FRA content-length 12493
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	41ms 19ms	Script application/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.megamillions.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Wed, 02 Feb 2022 15:53:55 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	38ms 16ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.megamillions.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Wed, 02 Feb 2022 15:53:55 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	31 KB 12 KB	256ms 255ms	XHR text/plain	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=26906092787646&correlator=2686175920812719&output=ldjh&impl=fifs&eid=31064150%2C31064612%2C31064649%2C44757100&vrg=2022012701&ptt=17&sc=1&sfv=1-0-38&ecs=20220202&iu_parts=21814838932%2Cmmcglc_homepage_728x90%2Cmmcglc_300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C300x250&cookie_enabled=1&bc=31&abxe=1&dt=1643817235906&lmt=1643817235&dlt=1643817235070&idt=818&frm=20&biw=1600&bih=1200&oid=2&adxs=538%2C1055&adys=11%2C576&adks=537333458%2C1420342407&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.megamillions.com%2F&vis=1&scr_x=0&scr_y=0&psz=1150x96%7C300x0&msz=837x0%7C300x0&ga_vid=1147263893.1643817236&ga_sid=1643817236&ga_hid=1458754191&ga_fc=false&fws=4%2C4&ohw=1150%2C1150&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064649 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash ae95f343ea09402a3880990984d993e9fca368e4ad0c1f3c681b223c7854b0f7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:56 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12605 x-xss-protection 0 google-lineitem-id -1,-1 pragma no-cache server cafe google-creative-id -1,-1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.megamillions.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C1A0	6 KB 4 KB	93ms 44ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Wed, 02 Feb 2022 15:53:55 GMT expires Thu, 02 Feb 2023 15:53:55 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/	284 KB 102 KB	49ms 34ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1188353806003967&plah=www.megamillions.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 447d6c7847ddce7d3017c148199f55e894b7f7ed6de3ace3e1167e3221dbddad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:55 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 104643 x-xss-protection 0 server cafe etag 1490595983112021914 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Wed, 02 Feb 2022 15:53:55 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20220131/r20190131/ Frame EB9E	10 KB 5 KB	28ms 7ms	Document text/html	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20220131/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding x-content-type-options nosniff content-encoding gzip server cafe content-length 4612 x-xss-protection 0 date Tue, 01 Feb 2022 19:07:27 GMT expires Tue, 15 Feb 2022 19:07:27 GMT cache-control public, max-age=1209600 age 74788 etag 18247940800414524076 content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	29ms 7ms	Script text/javascript	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5G7656B Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 1141 date Wed, 02 Feb 2022 15:34:54 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Wed, 02 Feb 2022 17:34:54 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	28ms 14ms	XHR text/plain	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1458754191&t=pageview&_s=1&dl=https%3A%2F%2Fwww.megamillions.com%2F&ul=en-us&de=UTF-8&dt=Mega%20Millions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAAABAAAAAC~&jid=392944318&gjid=1958760533&cid=1147263893.1643817236&tid=UA-130954248-1&_gid=1304293913.1643817236&_r=1&gtm=2wg1v05G7656B&z=2032363589 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.megamillions.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 02 Feb 2022 15:53:56 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.megamillions.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	220 B 647 B	63ms 15ms	Script text/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.megamillions.com&callback=_gfp_s_&client=ca-pub-1188353806003967 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1188353806003967&plah=www.megamillions.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash 04f78cb63af411bd3358cd69de876f5add48dbf1f861760a852a0fd5419cfc86 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:56 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 203 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	32ms 17ms	Script application/javascript	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.megamillions.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1188353806003967&plah=www.megamillions.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Wed, 02 Feb 2022 15:53:56 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	32ms 17ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.megamillions.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1188353806003967&plah=www.megamillions.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Wed, 02 Feb 2022 15:53:56 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame AF22	603 B 68 B	53ms 37ms	Document text/html	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1188353806003967&output=html&adk=1812271804&adf=3025194257&lmt=1643817236&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.megamillions.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643817235931&bpp=3&bdt=861&idt=77&shv=r20220131&mjsv=m202201200501&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5321396344212&frm=20&pv=2&ga_vid=1147263893.1643817236&ga_sid=1643817236&ga_hid=1458754191&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063221&oid=2&pvsid=26906092787646&pem=553&tmod=1253842334&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=93 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200501/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1188353806003967&plah=www.megamillions.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Wed, 02 Feb 2022 15:53:56 GMT server cafe content-length 46 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Wed, 02 Feb 2022 15:53:56 GMT cache-control private
GET H3	200	container.html Show response aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 428E	6 KB 3 KB	22ms 7ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064649 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 x-content-type-options nosniff server sffe x-xss-protection 0 date Wed, 02 Feb 2022 15:53:55 GMT expires Thu, 02 Feb 2023 15:53:55 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT content-type text/html age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	container.html Show response aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EAA0	6 KB 3 KB	20ms 8ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064649 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 x-content-type-options nosniff server sffe x-xss-protection 0 date Wed, 02 Feb 2022 15:53:55 GMT expires Thu, 02 Feb 2023 15:53:55 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT content-type text/html age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame AA8A	624 B 300 B	18ms 17ms	Document text/html	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkOCEGzAB&v=APEucNULp5mxAb-a8cC3koN8hF7ADVIaoB4inmoCooUi3yOJo2MQbndIJjScTDesv8geL5_JGxi6_r6VtMelO4DGKdQkNZRJ2fsT8d62bg60H8xdoDiVCQjdFF4d9QKuTRpOVLGOLnUpO4QE85v-yzAhN2N1byOzerCeCHfkKkvdPVoOgFIo4dk Requested by Host: aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com URL: https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Wed, 02 Feb 2022 15:53:56 GMT server cafe cache-control private content-length 276 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Wed, 02 Feb 2022 15:53:56 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 428E	74 KB 31 KB	100ms 99ms	Script text/javascript	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFPtzQasTFpYiPCb5k1-hiHlWNzhV5jdi6FhaKuVLeJmVqK8bemI6u4JE-4hKvds-p52K2NGhwd9kfrmbVIzp6wG86VilF0JONtLUf6kk9VUyObi1kpnBiGGoUrUa0JVV5uKeI3i2tM6beYaq90GlNu36cLQ&dbm_d=AKAmf-BhV9K2wSS7cX0XxPA5rMXDvuPFeriW371YHqj4omdbM3pdIPwPixET51TYPMRtybqbEUwqMwcJit3hVdJI1O5Js60xIZkJojxEwyLXrTq0YWxaYW3s5voM1_e6zrGhWe7thwjUeadC6GYITge41qi3Mns8VQBb1re8prBGQpVeSQh5MMM1FmWl-VxqMjXQuyCbRuu7BlCp9DZLRprLuz0rpnpRhjwLOb5u_uHNrYmOXE9xE1lpIRYkeboVgU54hk9joqGr9zNKhc4CshDEr1343GCTNILktsnsHNg2m9j6iASzkBHj-Yb4FZbyNk4-yE-7HojEFYBd5i9I5wcPP2PmtxVvWFEImd-RjGwktZkhqknljWlhZCD0lp6g4osRlDTEvUXA2kQ--rR5GwFcHvpamRrGE9lCn0U6KzztK5haDrYSMYy1FuUTIRN_bWMZDEvdshticS01dBux4l3wRw05lVMBjYsbHrr5JZ7cxNU1mcOT4DohgKyALN9yIf6dd_ELTcWzfjX1yXBRN9MNZc22ETxvicXTmjzRDRwTEN249DBBIb5mkJ17Z1Keizr6QscNYWDoLTig9w9E2qwlSnLMUqjyVcIyBseLKr0VwXfJUV4gnf3gNOUzlTa5OpKjq1r6K6fQO1TByVnQ5O7I_PWjVY7tDklFm6VaZ4XGId_upiqRgVPAoKH_1KBb-bbN3pPyMo3TmeZWbVhSPh_lvviVAOlg2X4vHpDc41OPW0U1pw7FoOwftOgBMFMml2o9VNmGuQ4IiO3J2ccnVmsqmQa9W5dQd-HmRdbr6cn5F8Tm4QxIX00b_ei5hG3aNLFc2G4mVYb1t37pvD88PXr8XqXSK9-08uZa7NOHY_3jGUwg_-Ox6pEg4RssoxoHmUx9DkHPSbLgJFcpVrnZfaD9CNxmjvYcbi4f8XjYViPGKXHVXDtz_G4kZpEi4TSYmuVpxVdQKMSMxiA0mcFtFicxL1r3UVuMoXRV3Lrkri0qUWHQnMRK9nnKU6zQvdl2BD0V8R75BjK8MH11TuxX72CI8cD4TAKcxTcktU40WAoRggI7n99ZXB7l6bBmhu05tLP6vIOOsWLTQrYoLJBWr1J8AU9Y2F2DvfuPRKiucL27-oKPCQIJeHUczgcwLVZ-jeUGedEzXJ8abH-OqpyyVgt6qVF-_a9MUQXI_W2j-xCQsOhP8PHhOGA0w8VsA1_0A8MtDvY3U_OA-szXokDlaiWFY5oPctqJki4DyjljcWwdVk6j3Q0jrDWf52QIJCO6B2vjL9dkGiHJ9h1xyCsLPPZPJtVDoLQzMySa8KGzapvrrUK3plyxgQq3yZASdw8JOcfsBAqUwGX1i-rwwA3mHRpoHs9gGICkuglqFTSXAPicmcEX7m9iGNS6gCNntwEibpZoj-Gq4RRZkJfypu5rM_lfoi544DVVegPGjnfENE4_CpKMlyScje4gVN1Xud8SWqgAYJzgpB3ghqUG-NocDSAgYCNM5FRK4LFG2jWp7t2hRyRF3g2oinyr4xBzvfZXJdR505GDz-3MDDQHmNrehoVbtpCJfbsvhEd726_PHxtNbpcwdNC1TCDlG_1ubJYDkV2rGEhuzgLM-nvx5Sd9WzLUkU8qO9n4zUH02JSYgnd45mGOCx7IVrUW3zLFxBXkR0cdsqS5w13MUWAKMA4Gj0DyVOmM03hl8ZZbwWynA3Kdek1jUsEGCugw_hqXts94DowK533gfYIVXR7ozzUbAcD0PO0td3sHvhya7UpRhk4SZpjW38M87eRBZyRLXEob3MtgYwvN5PSvh7YPu9A7YgWhKjn4LxI7Bsv4N0jG5bDPzEUDEba7n3ZJiMRknBjw414D4q3lkMi_9Eb-ieVVhQTqa4M8H6YQygzbYahdTf-81blsSu6YRk-vHK0WNFvyqLSdguRb8dCh_F2imuxsnpzKTUM5opRSEyMh75UaTZYTLliJv6pEiWTmcri3TBOPax6fUivVrlwjN8kLekFPA9dkhQHekI8AXyy1a5Tbsj8SVFtb4jFE5YpvAbP3eMCBydJmITqm9Uc6Yv9ypIwA4rN1lDSZi-blCHFqmz7wF99TQQlQPyAN1dvhdersgL0BXAK6BJKRjhdn9-7tyQR2VyEzpNM37zrp3pz2zEXpxHQPTbMSbOLyaZ5ppR6uHu7lkWWhC9Lf3APICJjm6vgvjZKJMq7TCGTAn46BklP45jcDCd4oMLXwPBMg9fqCdjcTzTeQhd1lQprUxty5T7dF8B-YvtuHBcev9HjSjFZnIWQrjnNZ0SeUkV1322PDbz1qcjQLnX2gvu5AIgzffFu16B527YuRsh91pkJNlZLbpdBFJ0m0gMSAk2xB5x_b0Wf2xkBhj6NibnbuPKRuXmsigV9T9TN7thYttU4gFfcNcCWukzaB9OUqHTrucAPiCcLHw2khlc5iBNUmjF4Wk0lfmbCkmOUcru0VrlMaa7yX16lYdrwk3uEXgzDeYI_eiPHtsgK9m9Uha7tEbKJ31wN3zJ-zRAGxxowsp1sBvgT9zTu22rr8JDRRJ2gZCHx02p86IS0YI-ybKok3j699pm1CNJKOmUxX2DdYIIpBeEXRGVE-Zmegs6RQUV9jYksS8TSOwGCdrKMCoAkec_c2uLB7VcM-AVxIwNfyUPq_Y2QV2Oc-2npc2FPTe2HINQ4aECNFF3n_DKBnYsYkg3EXxpVZLj3WEpLYCagnAJ123w_ctz1iEVk1_BPIdh9ITuP8mF7-Waxc70TU1apB6hVOAqvFta2Jo8bcB7URSvGZpXj9O4hs88PyMHqNbJfc2ivst8dGzgD9RhX5XSAflTU2978RMWA2MhshOl64_t2Ur265qOq4HcXuSSbtw_BSkudiCsz1qSNITJTwpotRiuWETBOSne6rQc6-X3bjgih0h0_r79p4ta2eusTX9Wvpncn3pVHQaAoUnwZT5GXim96408XoDckT7ymyQaqnZh1Ddt_vb_Adc2AblKk6i7gXAoUcoBF1GdgSdP3xya-RPV69-_UFc98MO6wS8NOBepH-eWoufKO3zgsChIe50hFPw8eed8O7Wi6ENItJ10OwUywELTG9zQmLVH2wU1TOtLWsC865mOkB6fMfs2nEFq7HEjdRQtdQk_jwhpwyg_rV8hiZD77wiIqVRYuAiBorL1LExIVtGTN6IZx0J6YmcKDmweysY4okvjwSP1cpfZUN5C7_MXz7Rf-D4mzC0Qy7lfeRMhwTQycdsBDtJ3fiRJE&cid=CAASFeRoYaaHbW4vkB_H3VGc-jia8hCAOA&rfl=1%2Chttps%253A%252F%252Fwww.megamillions.com%252F%240 Requested by Host: www.megamillions.com URL: https://www.megamillions.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 24704d9d5c847c76aa51b416a0b19f03308c7f9f2746142043906c502078c902 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 02 Feb 2022 15:53:56 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31704 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 428E	42 B 63 B	40ms 40ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BglWBJKWfgVMtQWBhjq2ru2Td2wlayjJn7UoqHbg49ISikO6113_2AsRlwyXZduu4A_1RPLKmN6oRCLSk0JZvnHX7wHXaIGYvPdeUEIXTnPQt55rY Requested by Host: aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com URL: https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 02 Feb 2022 15:53:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame 428E	2 KB 1 KB	33ms 8ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/window_focus_fy2019.js Requested by Host: aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com URL: https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:38:16 GMT content-encoding gzip x-content-type-options nosniff age 940 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1205 x-xss-protection 0 server cafe etag 18074202747124231361 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 16 Feb 2022 15:38:16 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 428E	123 KB 38 KB	145ms 131ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com URL: https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:56 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38373 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1643632328463892" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 02 Feb 2022 15:53:56 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame 428E	14 KB 7 KB	31ms 7ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/qs_click_protection_fy2019.js Requested by Host: aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com URL: https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fde98a3e06f299a73b0a3eb6c095649b9c3f9c342596091936a4675fd6980a1c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:45:58 GMT content-encoding gzip x-content-type-options nosniff age 478 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6195 x-xss-protection 0 server cafe etag 17106829078744545694 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 16 Feb 2022 15:45:58 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 0092	624 B 300 B	20ms 18ms	Document text/html	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNX5bbel4efkj2i4XovQvqM6eHyxnN1KoXstyYSBAgVJV6NfR-2piiwlKt3H9qFnO2eFGM9pIiLwNpRwFaNmAHYhmFGl3LXg_nrwaG7Fga22Br-tbGYuoZkc9GH2z7n-YlHCtDMYeJKVrWf7Z0-otJdtmoEDX7QfeCYeFTmn4ZVW2OOx4cM Requested by Host: aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com URL: https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Wed, 02 Feb 2022 15:53:56 GMT server cafe cache-control private content-length 276 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Wed, 02 Feb 2022 15:53:56 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame EAA0	25 KB 15 KB	43ms 42ms	Script text/javascript	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DeJmLiu9nIG6ESTNzL3qhMXFWsoN6VFY8tbLgjQB3WeLhRIMG6flulExRfL-WvZEZdV_BHKCRcI_37_qutUwJcWlCsRHbWkrGqOYGaBQDUnWjllztjXjnX_w6VBplf2c5DNbsa6AI2vFV0r6e4LVsixl6KSw&cry=1&dbm_d=AKAmf-BgO-FfoviVAWg3sgF9x3YgiiyUJZh_d0gUIOygAdOB0quFZkKxVCvMzkcgog7gT8b0ppZeRMm8ST_0Jg09yhe_7AjMqF3hT8jxlxdfKap1VQLk5mElWhOYeXKrImLvz4Mc0_L-pKvlwlF1DK8B2Fx_fk7KqKSvpdhMdVNTN71Bl_f25tOY5Yd-FZuSXUt2tHFfgNXKB5MBl8fCVvkrK8XMm6cgdg4LkKikRSlXXs-K4Ep7uvc2jccJEDOid6T8LpWJgdpi4EXyiT_kq7ufHrWv6EkFgCYVicVXtrahal9dKZcaLIKxBFRR5JoUY5H-_0Y3IjGZ0Vj1Mc9I2CgtrUFJO8RJqEKTeWo6YXo6AM1aRaOyHh6Z0MaV-_-uJxu8j85rJxU9C_EFkE67CXnMabA4PEe6QOmDOAs4ughvRYEXDBSJRGOoa7wH5A9GUy-TI5vUB7_h8jnV-ZRubyTdvahlFIMDI4VlXrXd9ZtLQ3rZ8TjU132P0_1Iv30gKdFO9nEQWDCFKCuX7jUWzMjF7ZlmvrUwv98fPQa7udYlwTzORQW9uSV50Luc1UheJtkLcawTC27WbiMRevx8bks5YJ2hDfRjsfA6qg4wz7GXR1ycTT4Krb8aD1juqtgsRFLBmDwvlWv-VXaRGB-Sbtz4xUANry3-LY2pBb5K6sIXxaYkdHjWt-wbdIfpHnwAJteoD3U-vuwcI7GVs0GximZkXu2dwecdf7sF7w17tVoKT8D4HkAxsI8XY1FAdeXEeth7jdu2oGHWCxio-1-Frzrvfv5rGbbNwAvNI4mL3u9g9qGwERBDM5TN16M1V0M931KNc42c-rMj6H2xA1AZ1hiY-bbm5pnAHTW02S56S9FTbKNaWl_DxxVV518zHrdvRy0IFPsZJrniHXhe3ba8-s8_P12n_KbRjEpCSu8TiCd5sxOjH-p-koafJBQJDHuybBn5NB3rcjmLw2rYhTaepESaUsdBs_KlbS-zvVeqKFZ1awvhTqjxNNPtEDueabiW3_zhjz497mrZ6_KNsOMKE2gXVo34SiwJJaQN8OE6VIgAXYNqIjoan4_ohagNKGGfqc8rnhCiU_UMp1Ei39qAxQLBSPLP6pT3EFFiAxcZTZ0_2JGyeMyF6GVcKrS9ZhEMeZ5EZWRZP5x5Pj1OQ4uvZ3ZiFm0ToEz4V0fe7fKapM8adlKhorhB1GSAn-ttFrdaHbFOnqjhAYQ0aoPYdOewgQNZVYUL0QR463IKknvsLQ080kkJG4z9-WXqghcjV5cpWL76_FCM4xiipTZvthlIAS0IkuNjKSwDobp2EO8BPY5QZ_90BFCgc58MHLNNzVPodccxxx5oZqeMsbvbA74jJWhLVnA-GHsv1Lc8ZwmpkLN7EyNDFPVuoYrmjbUtznX6F9iVpZasxiDjQF1glaeKuD2Zl4jlJTyARfUmow5Z2t8GJLp3-W7hpSG_Cs63-ig9jG-5-BSGMDBVGGOuWGjWw89vJqlFvqSNpyQzSbjL-LsOFMKAX7w5TuF57RQaC0lXnB8XsmyGk8t7-Z539tCfFhlJq_yu1uEzMRbIC28wU4ILWNOhuhQAXsj6-5VGs1gtCwgYyYQhVKySgte8ZnJkkHjbDhq537DhZu7mLOXzWrsbqxiIr2NNQCElnAFWW-hRb3CZRxFz2Iz1JjQMuwxX26ogHNPhhYY9sK13UdN30Qxe7O0pReCSWGgRPykg9C-iSvcMFxyX2vfvUdBo_H3Ftnymf5T2gNyCTumtSf68pHGhXk5rbjwGL2SQ1ZcL4r0MdJCNVIYT5z6tTNjGrYnCLi1-Ar0iPhb-BESwVDJLmrwW86UI7qlUOQygE_MK8jjQdXxuXbfoy0PmjDEXIhkHRZtu63lHHInz-fub4I6j9G1Do6FB4tMTTN7zipBcJwH0OuPiE-b5Hr_BZbV7qui621GuhUfEufToHgJanC5F8U-bcoI-pXxXPI0HcrVIM0H6KSVHu5KWnBJVbBdOiFWcjAddVg_1z5OgOjayQLD3D1UxKb1TTyx5ruR6h5CSPkAF26ED-0LIZpVREvGHw5ZCYzQe8Eh4DwgsGhMBup-tM5jTcAvJta5an_U0Ki_WWIRBXoLGgzZHLzrP0jp18Ixsy9oYRWbnqiAYMIJl67JQVsKOC53Dykrm8b1--I5NQYFWcXZSwWiY42T1hG0TzumJJapwHmTE8YXjYrT_eFQ3VqClj35j7-jecIvVpgLLJ6StuIRZiih7NvZuhBVGmS1hL6Cvh-A3ICKLMcr6Sk1mQy_2FQajSSc6y53Jh-g4SGp6_6nEmNkEaKO4vXvCn5NZafC3H0wprA2QwB6L4K2NKHAJRfgNs7IRJBpgJWnyYKz5jiyoO0jii5T93tRd59QuvkANhfmXhJb2RUF1wgIySVeqAXKjyq53Z4mhDJODkVxInuVcgbTqdueIoXKvVYAdqJN2Rmtpg3EJ2RInLdB23mPJps7CWUm4KWUbq2Z3QlSH_-XgL_VSUlqn1OamPdZ_HLeZa-tX3NAPkKov0zJXBcyb63W635za1acH9dFkP004E7UiL-946CV18z3L5AI2MKa8pdK62jR7CBROOdG_N1-mHJCQD__kGEJvwG6CEQIwJl9GO8btGEfHP-PDX8KqXDUC8B4-sSwUw4Zu34ruKREhl54uRuifMfF8Mk5pvqdDRyzAuOkJTEkNnGxTxrKGRA4JCiHSTOYwn8CYJiEd24oUR9hsVeHXofZXU3p28zOxXaxtDz9LyS1f_HkPHYeFet9KeawRkttCDjKjYC2rqztYhFq-26y65oCwLD6XC4v2pPN379DZAgHAzGPPMFIDUQfuafW_yRxXCcIbWxJN9a72Vx1e0mapHFtcEeLLsKAvTPheGE6XJbYMgozw91i65nVL5EwxqUtoZtAaas9bbu3Cyr0T38buu7RTDEiEgiZodHhekJUzGd3i7cYT1Q2ezxaRUK-wPoyL2unCOrmhjhwn3Mkj4QTXz3hUHkRULQ6rCLt5ATaAZmGBn2QnbSFyIVkb6VN_YAiWU2HJnffkCo_ZvD0QJAnXgqXvMeiXvnAj3rODRFFlj18q9H1-43rqzjElfeSCAhziBz2rl76kPwoBsEH5RSaizCGkNGFSRWMnPbBy_LWbhRolyZ45FgUg-GYo09blafm8QEOODxLEf1gkE9whe71jU_bJ1C4gvGOdI62oSm8uwXCMwqFZsDzELJSFUF5xfrAfQg&cid=CAASFeRo98sIfChX6g-Npim-CVhxT1iVCQ&rfl=1%2Chttps%253A%252F%252Fwww.megamillions.com%252F%240 Requested by Host: www.megamillions.com URL: https://www.megamillions.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 692cb5b6a35132b75327c8ad0afe738159b0f85da98bf7d86c470da39536932a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 02 Feb 2022 15:53:56 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15284 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame EAA0	42 B 63 B	40ms 39ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CNjCZDfjBjhVhJCunJVz_t_YD8UoMytppNO6-7vakOz3JPgJbXtISmmF_Q8Wu17szpA4w0d5uqtJUs1Z6xrkr-buu4XSaObz8yJrmFPxp1v1k18_Y Requested by Host: aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com URL: https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 02 Feb 2022 15:53:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame EAA0	2 KB 1 KB	31ms 9ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/window_focus_fy2019.js Requested by Host: aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com URL: https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:38:16 GMT content-encoding gzip x-content-type-options nosniff age 940 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1205 x-xss-protection 0 server cafe etag 18074202747124231361 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 16 Feb 2022 15:38:16 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame EAA0	123 KB 38 KB	177ms 165ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com URL: https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 029e397f5091f72db15257548e07a6f9008457e90acb7cd22efbdb8264b2a592 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:56 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38373 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1643632328463892" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 02 Feb 2022 15:53:56 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/ Frame EAA0	14 KB 6 KB	30ms 7ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220131/r20110914/client/qs_click_protection_fy2019.js Requested by Host: aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com URL: https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fde98a3e06f299a73b0a3eb6c095649b9c3f9c342596091936a4675fd6980a1c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:45:58 GMT content-encoding gzip x-content-type-options nosniff age 478 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6195 x-xss-protection 0 server cafe etag 17106829078744545694 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 16 Feb 2022 15:45:58 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame EAA0	0 0	38ms 14ms	Image text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQqKinRdlHbpo7qH7TWa3N59Is52N0Xg8poL0MlMXV1IRqm_22mE0eWbwDcmqpk3QTcK_Hc6JfWTFQbXGjpzARB8pIvng Requested by Host: aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com URL: https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame AA8A Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMA2zOgzLzIRiuBd6Vh2RUg&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMA2zOgzLzIRiuBd6Vh2RUg&google_cver=1&C=1	43 B 894 B	25ms 25ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMA2zOgzLzIRiuBd6Vh2RUg&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkOCEGzAB&v=APEucNULp5mxAb-a8cC3koN8hF7ADVIaoB4inmoCooUi3yOJo2MQbndIJjScTDesv8geL5_JGxi6_r6VtMelO4DGKdQkNZRJ2fsT8d62bg60H8xdoDiVCQjdFF4d9QKuTRpOVLGOLnUpO4QE85v-yzAhN2N1byOzerCeCHfkKkvdPVoOgFIo4dk Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Wed, 02 Feb 2022 15:53:56 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 02 Feb 2022 15:53:56 GMT Redirect headers Pragma no-cache Date Wed, 02 Feb 2022 15:53:56 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMA2zOgzLzIRiuBd6Vh2RUg&google_cver=1&C=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 308 Expires Wed, 02 Feb 2022 15:53:56 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame AA8A Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfqpFAfuqlzbpu23kAqVVgAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELXgd3JdQqhm3I3j-cDJjQw&google_cver=1	43 B 894 B	27ms 27ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELXgd3JdQqhm3I3j-cDJjQw&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkOCEGzAB&v=APEucNULp5mxAb-a8cC3koN8hF7ADVIaoB4inmoCooUi3yOJo2MQbndIJjScTDesv8geL5_JGxi6_r6VtMelO4DGKdQkNZRJ2fsT8d62bg60H8xdoDiVCQjdFF4d9QKuTRpOVLGOLnUpO4QE85v-yzAhN2N1byOzerCeCHfkKkvdPVoOgFIo4dk Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Wed, 02 Feb 2022 15:53:56 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 02 Feb 2022 15:53:56 GMT Redirect headers pragma no-cache date Wed, 02 Feb 2022 15:53:56 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELXgd3JdQqhm3I3j-cDJjQw&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame AA8A Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEPfRTZIE8ZiYqjTZPx2aZZI&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPfRTZIE8ZiYqjTZPx2aZZI%26google_cver%3D1	43 B 1 KB	26ms 26ms	Image image/gif	185.33.220.240 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPfRTZIE8ZiYqjTZPx2aZZI%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkOCEGzAB&v=APEucNULp5mxAb-a8cC3koN8hF7ADVIaoB4inmoCooUi3yOJo2MQbndIJjScTDesv8geL5_JGxi6_r6VtMelO4DGKdQkNZRJ2fsT8d62bg60H8xdoDiVCQjdFF4d9QKuTRpOVLGOLnUpO4QE85v-yzAhN2N1byOzerCeCHfkKkvdPVoOgFIo4dk Protocol HTTP/1.1 Server 185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Wed, 02 Feb 2022 15:53:56 GMT X-Proxy-Origin 193.27.14.36; 193.27.14.36; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 64e40f4c-caf6-4e3c-9763-b1bd32f2b4ca Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Wed, 02 Feb 2022 15:53:56 GMT X-Proxy-Origin 193.27.14.36; 193.27.14.36; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid efb65c89-cf07-4bfe-bc23-8ca615b0b665 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPfRTZIE8ZiYqjTZPx2aZZI%26google_cver%3D1 Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame AA8A Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg4ODAxNzI0NTk2NTc4NjI4	170 B 188 B	32ms 16ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg4ODAxNzI0NTk2NTc4NjI4 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkOCEGzAB&v=APEucNULp5mxAb-a8cC3koN8hF7ADVIaoB4inmoCooUi3yOJo2MQbndIJjScTDesv8geL5_JGxi6_r6VtMelO4DGKdQkNZRJ2fsT8d62bg60H8xdoDiVCQjdFF4d9QKuTRpOVLGOLnUpO4QE85v-yzAhN2N1byOzerCeCHfkKkvdPVoOgFIo4dk Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 02 Feb 2022 15:53:56 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Wed, 02 Feb 2022 15:53:56 GMT X-Proxy-Origin 193.27.14.36; 193.27.14.36; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid d54d3d03-61b9-4beb-aaab-05a3474b19cf Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg4ODAxNzI0NTk2NTc4NjI4 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 0092 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMA2zOgzLzIRiuBd6Vh2RUg&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMA2zOgzLzIRiuBd6Vh2RUg&google_cver=1&C=1	43 B 894 B	24ms 24ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMA2zOgzLzIRiuBd6Vh2RUg&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNX5bbel4efkj2i4XovQvqM6eHyxnN1KoXstyYSBAgVJV6NfR-2piiwlKt3H9qFnO2eFGM9pIiLwNpRwFaNmAHYhmFGl3LXg_nrwaG7Fga22Br-tbGYuoZkc9GH2z7n-YlHCtDMYeJKVrWf7Z0-otJdtmoEDX7QfeCYeFTmn4ZVW2OOx4cM Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Wed, 02 Feb 2022 15:53:56 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 02 Feb 2022 15:53:56 GMT Redirect headers Pragma no-cache Date Wed, 02 Feb 2022 15:53:56 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMA2zOgzLzIRiuBd6Vh2RUg&google_cver=1&C=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 308 Expires Wed, 02 Feb 2022 15:53:56 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 0092 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfqpFAfuqlzbpu23kAqVVgAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELXgd3JdQqhm3I3j-cDJjQw&google_cver=1	43 B 894 B	25ms 24ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELXgd3JdQqhm3I3j-cDJjQw&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNX5bbel4efkj2i4XovQvqM6eHyxnN1KoXstyYSBAgVJV6NfR-2piiwlKt3H9qFnO2eFGM9pIiLwNpRwFaNmAHYhmFGl3LXg_nrwaG7Fga22Br-tbGYuoZkc9GH2z7n-YlHCtDMYeJKVrWf7Z0-otJdtmoEDX7QfeCYeFTmn4ZVW2OOx4cM Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Wed, 02 Feb 2022 15:53:56 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 02 Feb 2022 15:53:56 GMT Redirect headers pragma no-cache date Wed, 02 Feb 2022 15:53:56 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELXgd3JdQqhm3I3j-cDJjQw&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame 0092 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEPfRTZIE8ZiYqjTZPx2aZZI&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPfRTZIE8ZiYqjTZPx2aZZI%26google_cver%3D1	43 B 1 KB	64ms 63ms	Image image/gif	185.33.220.240 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPfRTZIE8ZiYqjTZPx2aZZI%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNX5bbel4efkj2i4XovQvqM6eHyxnN1KoXstyYSBAgVJV6NfR-2piiwlKt3H9qFnO2eFGM9pIiLwNpRwFaNmAHYhmFGl3LXg_nrwaG7Fga22Br-tbGYuoZkc9GH2z7n-YlHCtDMYeJKVrWf7Z0-otJdtmoEDX7QfeCYeFTmn4ZVW2OOx4cM Protocol HTTP/1.1 Server 185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Wed, 02 Feb 2022 15:53:56 GMT X-Proxy-Origin 193.27.14.36; 193.27.14.36; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 7f7f41ec-7763-4b9e-8e36-3b906759e70b Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Wed, 02 Feb 2022 15:53:56 GMT X-Proxy-Origin 193.27.14.36; 193.27.14.36; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 383486f9-93a4-4793-a3df-059d9fd656c7 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPfRTZIE8ZiYqjTZPx2aZZI%26google_cver%3D1 Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 0092 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg4ODAxNzI0NTk2NTc4NjI4	170 B 188 B	20ms 20ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg4ODAxNzI0NTk2NTc4NjI4 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNX5bbel4efkj2i4XovQvqM6eHyxnN1KoXstyYSBAgVJV6NfR-2piiwlKt3H9qFnO2eFGM9pIiLwNpRwFaNmAHYhmFGl3LXg_nrwaG7Fga22Br-tbGYuoZkc9GH2z7n-YlHCtDMYeJKVrWf7Z0-otJdtmoEDX7QfeCYeFTmn4ZVW2OOx4cM Protocol H3 Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 02 Feb 2022 15:53:56 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Wed, 02 Feb 2022 15:53:56 GMT X-Proxy-Origin 193.27.14.36; 193.27.14.36; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid e02ba68c-486c-460a-a844-fc0907ce5401 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njg4ODAxNzI0NTk2NTc4NjI4 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20220131/r20110914/ Frame EAA0	24 KB 9 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220131/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DeJmLiu9nIG6ESTNzL3qhMXFWsoN6VFY8tbLgjQB3WeLhRIMG6flulExRfL-WvZEZdV_BHKCRcI_37_qutUwJcWlCsRHbWkrGqOYGaBQDUnWjllztjXjnX_w6VBplf2c5DNbsa6AI2vFV0r6e4LVsixl6KSw&cry=1&dbm_d=AKAmf-BgO-FfoviVAWg3sgF9x3YgiiyUJZh_d0gUIOygAdOB0quFZkKxVCvMzkcgog7gT8b0ppZeRMm8ST_0Jg09yhe_7AjMqF3hT8jxlxdfKap1VQLk5mElWhOYeXKrImLvz4Mc0_L-pKvlwlF1DK8B2Fx_fk7KqKSvpdhMdVNTN71Bl_f25tOY5Yd-FZuSXUt2tHFfgNXKB5MBl8fCVvkrK8XMm6cgdg4LkKikRSlXXs-K4Ep7uvc2jccJEDOid6T8LpWJgdpi4EXyiT_kq7ufHrWv6EkFgCYVicVXtrahal9dKZcaLIKxBFRR5JoUY5H-_0Y3IjGZ0Vj1Mc9I2CgtrUFJO8RJqEKTeWo6YXo6AM1aRaOyHh6Z0MaV-_-uJxu8j85rJxU9C_EFkE67CXnMabA4PEe6QOmDOAs4ughvRYEXDBSJRGOoa7wH5A9GUy-TI5vUB7_h8jnV-ZRubyTdvahlFIMDI4VlXrXd9ZtLQ3rZ8TjU132P0_1Iv30gKdFO9nEQWDCFKCuX7jUWzMjF7ZlmvrUwv98fPQa7udYlwTzORQW9uSV50Luc1UheJtkLcawTC27WbiMRevx8bks5YJ2hDfRjsfA6qg4wz7GXR1ycTT4Krb8aD1juqtgsRFLBmDwvlWv-VXaRGB-Sbtz4xUANry3-LY2pBb5K6sIXxaYkdHjWt-wbdIfpHnwAJteoD3U-vuwcI7GVs0GximZkXu2dwecdf7sF7w17tVoKT8D4HkAxsI8XY1FAdeXEeth7jdu2oGHWCxio-1-Frzrvfv5rGbbNwAvNI4mL3u9g9qGwERBDM5TN16M1V0M931KNc42c-rMj6H2xA1AZ1hiY-bbm5pnAHTW02S56S9FTbKNaWl_DxxVV518zHrdvRy0IFPsZJrniHXhe3ba8-s8_P12n_KbRjEpCSu8TiCd5sxOjH-p-koafJBQJDHuybBn5NB3rcjmLw2rYhTaepESaUsdBs_KlbS-zvVeqKFZ1awvhTqjxNNPtEDueabiW3_zhjz497mrZ6_KNsOMKE2gXVo34SiwJJaQN8OE6VIgAXYNqIjoan4_ohagNKGGfqc8rnhCiU_UMp1Ei39qAxQLBSPLP6pT3EFFiAxcZTZ0_2JGyeMyF6GVcKrS9ZhEMeZ5EZWRZP5x5Pj1OQ4uvZ3ZiFm0ToEz4V0fe7fKapM8adlKhorhB1GSAn-ttFrdaHbFOnqjhAYQ0aoPYdOewgQNZVYUL0QR463IKknvsLQ080kkJG4z9-WXqghcjV5cpWL76_FCM4xiipTZvthlIAS0IkuNjKSwDobp2EO8BPY5QZ_90BFCgc58MHLNNzVPodccxxx5oZqeMsbvbA74jJWhLVnA-GHsv1Lc8ZwmpkLN7EyNDFPVuoYrmjbUtznX6F9iVpZasxiDjQF1glaeKuD2Zl4jlJTyARfUmow5Z2t8GJLp3-W7hpSG_Cs63-ig9jG-5-BSGMDBVGGOuWGjWw89vJqlFvqSNpyQzSbjL-LsOFMKAX7w5TuF57RQaC0lXnB8XsmyGk8t7-Z539tCfFhlJq_yu1uEzMRbIC28wU4ILWNOhuhQAXsj6-5VGs1gtCwgYyYQhVKySgte8ZnJkkHjbDhq537DhZu7mLOXzWrsbqxiIr2NNQCElnAFWW-hRb3CZRxFz2Iz1JjQMuwxX26ogHNPhhYY9sK13UdN30Qxe7O0pReCSWGgRPykg9C-iSvcMFxyX2vfvUdBo_H3Ftnymf5T2gNyCTumtSf68pHGhXk5rbjwGL2SQ1ZcL4r0MdJCNVIYT5z6tTNjGrYnCLi1-Ar0iPhb-BESwVDJLmrwW86UI7qlUOQygE_MK8jjQdXxuXbfoy0PmjDEXIhkHRZtu63lHHInz-fub4I6j9G1Do6FB4tMTTN7zipBcJwH0OuPiE-b5Hr_BZbV7qui621GuhUfEufToHgJanC5F8U-bcoI-pXxXPI0HcrVIM0H6KSVHu5KWnBJVbBdOiFWcjAddVg_1z5OgOjayQLD3D1UxKb1TTyx5ruR6h5CSPkAF26ED-0LIZpVREvGHw5ZCYzQe8Eh4DwgsGhMBup-tM5jTcAvJta5an_U0Ki_WWIRBXoLGgzZHLzrP0jp18Ixsy9oYRWbnqiAYMIJl67JQVsKOC53Dykrm8b1--I5NQYFWcXZSwWiY42T1hG0TzumJJapwHmTE8YXjYrT_eFQ3VqClj35j7-jecIvVpgLLJ6StuIRZiih7NvZuhBVGmS1hL6Cvh-A3ICKLMcr6Sk1mQy_2FQajSSc6y53Jh-g4SGp6_6nEmNkEaKO4vXvCn5NZafC3H0wprA2QwB6L4K2NKHAJRfgNs7IRJBpgJWnyYKz5jiyoO0jii5T93tRd59QuvkANhfmXhJb2RUF1wgIySVeqAXKjyq53Z4mhDJODkVxInuVcgbTqdueIoXKvVYAdqJN2Rmtpg3EJ2RInLdB23mPJps7CWUm4KWUbq2Z3QlSH_-XgL_VSUlqn1OamPdZ_HLeZa-tX3NAPkKov0zJXBcyb63W635za1acH9dFkP004E7UiL-946CV18z3L5AI2MKa8pdK62jR7CBROOdG_N1-mHJCQD__kGEJvwG6CEQIwJl9GO8btGEfHP-PDX8KqXDUC8B4-sSwUw4Zu34ruKREhl54uRuifMfF8Mk5pvqdDRyzAuOkJTEkNnGxTxrKGRA4JCiHSTOYwn8CYJiEd24oUR9hsVeHXofZXU3p28zOxXaxtDz9LyS1f_HkPHYeFet9KeawRkttCDjKjYC2rqztYhFq-26y65oCwLD6XC4v2pPN379DZAgHAzGPPMFIDUQfuafW_yRxXCcIbWxJN9a72Vx1e0mapHFtcEeLLsKAvTPheGE6XJbYMgozw91i65nVL5EwxqUtoZtAaas9bbu3Cyr0T38buu7RTDEiEgiZodHhekJUzGd3i7cYT1Q2ezxaRUK-wPoyL2unCOrmhjhwn3Mkj4QTXz3hUHkRULQ6rCLt5ATaAZmGBn2QnbSFyIVkb6VN_YAiWU2HJnffkCo_ZvD0QJAnXgqXvMeiXvnAj3rODRFFlj18q9H1-43rqzjElfeSCAhziBz2rl76kPwoBsEH5RSaizCGkNGFSRWMnPbBy_LWbhRolyZ45FgUg-GYo09blafm8QEOODxLEf1gkE9whe71jU_bJ1C4gvGOdI62oSm8uwXCMwqFZsDzELJSFUF5xfrAfQg&cid=CAASFeRo98sIfChX6g-Npim-CVhxT1iVCQ&rfl=1%2Chttps%253A%252F%252Fwww.megamillions.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3fa038660bda739cd06e007628e1d7b8ad1d300aff5c9acce85e73f9ecacc2ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:16 GMT content-encoding gzip x-content-type-options nosniff age 40 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9488 x-xss-protection 0 server cafe etag 10429589367799073301 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 16 Feb 2022 15:53:16 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame EAA0	41 KB 15 KB	25ms 8ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DeJmLiu9nIG6ESTNzL3qhMXFWsoN6VFY8tbLgjQB3WeLhRIMG6flulExRfL-WvZEZdV_BHKCRcI_37_qutUwJcWlCsRHbWkrGqOYGaBQDUnWjllztjXjnX_w6VBplf2c5DNbsa6AI2vFV0r6e4LVsixl6KSw&cry=1&dbm_d=AKAmf-BgO-FfoviVAWg3sgF9x3YgiiyUJZh_d0gUIOygAdOB0quFZkKxVCvMzkcgog7gT8b0ppZeRMm8ST_0Jg09yhe_7AjMqF3hT8jxlxdfKap1VQLk5mElWhOYeXKrImLvz4Mc0_L-pKvlwlF1DK8B2Fx_fk7KqKSvpdhMdVNTN71Bl_f25tOY5Yd-FZuSXUt2tHFfgNXKB5MBl8fCVvkrK8XMm6cgdg4LkKikRSlXXs-K4Ep7uvc2jccJEDOid6T8LpWJgdpi4EXyiT_kq7ufHrWv6EkFgCYVicVXtrahal9dKZcaLIKxBFRR5JoUY5H-_0Y3IjGZ0Vj1Mc9I2CgtrUFJO8RJqEKTeWo6YXo6AM1aRaOyHh6Z0MaV-_-uJxu8j85rJxU9C_EFkE67CXnMabA4PEe6QOmDOAs4ughvRYEXDBSJRGOoa7wH5A9GUy-TI5vUB7_h8jnV-ZRubyTdvahlFIMDI4VlXrXd9ZtLQ3rZ8TjU132P0_1Iv30gKdFO9nEQWDCFKCuX7jUWzMjF7ZlmvrUwv98fPQa7udYlwTzORQW9uSV50Luc1UheJtkLcawTC27WbiMRevx8bks5YJ2hDfRjsfA6qg4wz7GXR1ycTT4Krb8aD1juqtgsRFLBmDwvlWv-VXaRGB-Sbtz4xUANry3-LY2pBb5K6sIXxaYkdHjWt-wbdIfpHnwAJteoD3U-vuwcI7GVs0GximZkXu2dwecdf7sF7w17tVoKT8D4HkAxsI8XY1FAdeXEeth7jdu2oGHWCxio-1-Frzrvfv5rGbbNwAvNI4mL3u9g9qGwERBDM5TN16M1V0M931KNc42c-rMj6H2xA1AZ1hiY-bbm5pnAHTW02S56S9FTbKNaWl_DxxVV518zHrdvRy0IFPsZJrniHXhe3ba8-s8_P12n_KbRjEpCSu8TiCd5sxOjH-p-koafJBQJDHuybBn5NB3rcjmLw2rYhTaepESaUsdBs_KlbS-zvVeqKFZ1awvhTqjxNNPtEDueabiW3_zhjz497mrZ6_KNsOMKE2gXVo34SiwJJaQN8OE6VIgAXYNqIjoan4_ohagNKGGfqc8rnhCiU_UMp1Ei39qAxQLBSPLP6pT3EFFiAxcZTZ0_2JGyeMyF6GVcKrS9ZhEMeZ5EZWRZP5x5Pj1OQ4uvZ3ZiFm0ToEz4V0fe7fKapM8adlKhorhB1GSAn-ttFrdaHbFOnqjhAYQ0aoPYdOewgQNZVYUL0QR463IKknvsLQ080kkJG4z9-WXqghcjV5cpWL76_FCM4xiipTZvthlIAS0IkuNjKSwDobp2EO8BPY5QZ_90BFCgc58MHLNNzVPodccxxx5oZqeMsbvbA74jJWhLVnA-GHsv1Lc8ZwmpkLN7EyNDFPVuoYrmjbUtznX6F9iVpZasxiDjQF1glaeKuD2Zl4jlJTyARfUmow5Z2t8GJLp3-W7hpSG_Cs63-ig9jG-5-BSGMDBVGGOuWGjWw89vJqlFvqSNpyQzSbjL-LsOFMKAX7w5TuF57RQaC0lXnB8XsmyGk8t7-Z539tCfFhlJq_yu1uEzMRbIC28wU4ILWNOhuhQAXsj6-5VGs1gtCwgYyYQhVKySgte8ZnJkkHjbDhq537DhZu7mLOXzWrsbqxiIr2NNQCElnAFWW-hRb3CZRxFz2Iz1JjQMuwxX26ogHNPhhYY9sK13UdN30Qxe7O0pReCSWGgRPykg9C-iSvcMFxyX2vfvUdBo_H3Ftnymf5T2gNyCTumtSf68pHGhXk5rbjwGL2SQ1ZcL4r0MdJCNVIYT5z6tTNjGrYnCLi1-Ar0iPhb-BESwVDJLmrwW86UI7qlUOQygE_MK8jjQdXxuXbfoy0PmjDEXIhkHRZtu63lHHInz-fub4I6j9G1Do6FB4tMTTN7zipBcJwH0OuPiE-b5Hr_BZbV7qui621GuhUfEufToHgJanC5F8U-bcoI-pXxXPI0HcrVIM0H6KSVHu5KWnBJVbBdOiFWcjAddVg_1z5OgOjayQLD3D1UxKb1TTyx5ruR6h5CSPkAF26ED-0LIZpVREvGHw5ZCYzQe8Eh4DwgsGhMBup-tM5jTcAvJta5an_U0Ki_WWIRBXoLGgzZHLzrP0jp18Ixsy9oYRWbnqiAYMIJl67JQVsKOC53Dykrm8b1--I5NQYFWcXZSwWiY42T1hG0TzumJJapwHmTE8YXjYrT_eFQ3VqClj35j7-jecIvVpgLLJ6StuIRZiih7NvZuhBVGmS1hL6Cvh-A3ICKLMcr6Sk1mQy_2FQajSSc6y53Jh-g4SGp6_6nEmNkEaKO4vXvCn5NZafC3H0wprA2QwB6L4K2NKHAJRfgNs7IRJBpgJWnyYKz5jiyoO0jii5T93tRd59QuvkANhfmXhJb2RUF1wgIySVeqAXKjyq53Z4mhDJODkVxInuVcgbTqdueIoXKvVYAdqJN2Rmtpg3EJ2RInLdB23mPJps7CWUm4KWUbq2Z3QlSH_-XgL_VSUlqn1OamPdZ_HLeZa-tX3NAPkKov0zJXBcyb63W635za1acH9dFkP004E7UiL-946CV18z3L5AI2MKa8pdK62jR7CBROOdG_N1-mHJCQD__kGEJvwG6CEQIwJl9GO8btGEfHP-PDX8KqXDUC8B4-sSwUw4Zu34ruKREhl54uRuifMfF8Mk5pvqdDRyzAuOkJTEkNnGxTxrKGRA4JCiHSTOYwn8CYJiEd24oUR9hsVeHXofZXU3p28zOxXaxtDz9LyS1f_HkPHYeFet9KeawRkttCDjKjYC2rqztYhFq-26y65oCwLD6XC4v2pPN379DZAgHAzGPPMFIDUQfuafW_yRxXCcIbWxJN9a72Vx1e0mapHFtcEeLLsKAvTPheGE6XJbYMgozw91i65nVL5EwxqUtoZtAaas9bbu3Cyr0T38buu7RTDEiEgiZodHhekJUzGd3i7cYT1Q2ezxaRUK-wPoyL2unCOrmhjhwn3Mkj4QTXz3hUHkRULQ6rCLt5ATaAZmGBn2QnbSFyIVkb6VN_YAiWU2HJnffkCo_ZvD0QJAnXgqXvMeiXvnAj3rODRFFlj18q9H1-43rqzjElfeSCAhziBz2rl76kPwoBsEH5RSaizCGkNGFSRWMnPbBy_LWbhRolyZ45FgUg-GYo09blafm8QEOODxLEf1gkE9whe71jU_bJ1C4gvGOdI62oSm8uwXCMwqFZsDzELJSFUF5xfrAfQg&cid=CAASFeRo98sIfChX6g-Npim-CVhxT1iVCQ&rfl=1%2Chttps%253A%252F%252Fwww.megamillions.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 14:07:57 GMT content-encoding gzip x-content-type-options nosniff age 6359 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 02 Feb 2023 14:07:57 GMT
GET H/1.1	200 OK	npoee1nv94vs Show response hal9000.redintelligence.net/zone/ Frame EAA0	11 KB 4 KB	42ms 12ms	Script text/html	159.69.70.9 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/npoee1nv94vs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu_gyE6n6YZuLOtuKrATw4KDgBrXN-YNXzN65q-UM8C4QASD1qZF0YJWioIKwB8gBCakC8YQjb4_6sj6oAwGqBIcCT9DzLkzIJLOpPqwreIwCoLmWHA1t6hq4BDDPUWIE0JjYBOBtgTgyqEopUcPsNuY-FTW1euW_Uo55WDlWQY-8UBc0XCtW1-3Ve_Bv9hUA71TFNyFz49dNImfdntq7l1Bb0GjqWVTPQ4w7Mp0xr2m_7pKVvl5VWF4XMVBZqhx2QmsxszzQ-hv16Z3H28mZx7Fq0iSZhEx6Xac1cCD1Mo3yqchpFKZof-KK_MDZZWpuNPZKHxn2L0hByKMPSLLtB1IF8ueue5hWNGBG1osp4Dt8VBkSeBsWEwLvHuZ--PKOSgrEiuFTaazvwDu85kmt3Kyt8TGy1dIRmDOM_GACUD-Kd3wzspCFAkrABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRo98sIfChX6g-Npim-CVhxT1iVCQ%26sig%3DAOD64_1oOZG8-NCRCEqbfOkp94bpgHn7YA%26client%3Dca-pub-5768712291361172%26dbm_c%3DAKAmf-ANZoamsVnigKK_LHlsW11SGHwXhx3Ay34EaE4hovJ_BtXi7yF0M1nAh2PAXJN-uNqCG_YlsplEdmDeitRjuXO6hVofk8_8BdwWQIWjEZpbLMlb5ASnFz1AjShQN7jh1CIoYPyccsR5TAbq4kjZ1-MRBDO3CA%26cry%3D1%26dbm_d%3DAKAmf-B479cbAHdwU36yTG9zDuOJv49V5Nd5mBuo4pOpbnynZkT1sOHBU3KW45CNtlKAHaZDjs_PGKqHWXKssCtkjLTfgoA47cids4alw1U4cA9CDBav7e-AUIGp08adSv2QrZvkW7-R4enwTHN-p-1PQlHN-uKvz5LcHCQCUPhrz6NKEzZdiRKZ7__NN1im6fuLlAvbzwZorBE0ZZo6Y5K4kmCPzahwCAbbLL8x4ZS0zKFENYk8piU2n3JpQTEX19F4CGQE2AxBJ4moRxXDQXthXMN9RULw7nBW2vSm0zKfO0IplGzJy0OvXQ2p0Z7hLKvuZeNbnpv4G0vtpN40iSyl-8dImqerkObYJZsIa8KK2jgt5fbWp_FThTms8ejTS0P0LzG7fovM5jr5seJdflrZdDX-5XD0WBn-pOMEXg9tbF1pdQWQpYc2C36uZdJYaZpRs6-n8i9PTRUviRPvkkel_QMGWG-TxA%26adurl%3D Requested by Host: aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com URL: https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 159.69.70.9 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.9.70.69.159.clients.your-server.de Software Apache / Resource Hash f4668806d17c183c2762996b40c7b317f96ca897b0db1fdb46ba58b227a1ee9a Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 02 Feb 2022 15:53:56 GMT Content-Encoding gzip Server Apache Connection close Content-Length 3946 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 0057	22 KB 8 KB	7ms 7ms	Document text/html	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 x-content-type-options nosniff server sffe x-xss-protection 0 date Wed, 02 Feb 2022 14:07:57 GMT expires Thu, 02 Feb 2023 14:07:57 GMT cache-control public, max-age=31536000 last-modified Tue, 03 Mar 2020 20:15:00 GMT content-type text/html age 6359 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	express_html_inpage_rendering_lib_200_275.js Show response s0.2mdn.net/879366/ Frame 428E	106 KB 38 KB	57ms 7ms	Script text/javascript	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js Requested by Host: www.megamillions.com URL: https://www.megamillions.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ Origin https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 10:21:56 GMT content-encoding gzip x-content-type-options nosniff age 19920 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37892 x-xss-protection 0 last-modified Mon, 27 Sep 2021 18:44:52 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 03 Feb 2022 10:21:56 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20220131/r20110914/elements/html/ Frame 428E	8 KB 3 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220131/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFPtzQasTFpYiPCb5k1-hiHlWNzhV5jdi6FhaKuVLeJmVqK8bemI6u4JE-4hKvds-p52K2NGhwd9kfrmbVIzp6wG86VilF0JONtLUf6kk9VUyObi1kpnBiGGoUrUa0JVV5uKeI3i2tM6beYaq90GlNu36cLQ&dbm_d=AKAmf-BhV9K2wSS7cX0XxPA5rMXDvuPFeriW371YHqj4omdbM3pdIPwPixET51TYPMRtybqbEUwqMwcJit3hVdJI1O5Js60xIZkJojxEwyLXrTq0YWxaYW3s5voM1_e6zrGhWe7thwjUeadC6GYITge41qi3Mns8VQBb1re8prBGQpVeSQh5MMM1FmWl-VxqMjXQuyCbRuu7BlCp9DZLRprLuz0rpnpRhjwLOb5u_uHNrYmOXE9xE1lpIRYkeboVgU54hk9joqGr9zNKhc4CshDEr1343GCTNILktsnsHNg2m9j6iASzkBHj-Yb4FZbyNk4-yE-7HojEFYBd5i9I5wcPP2PmtxVvWFEImd-RjGwktZkhqknljWlhZCD0lp6g4osRlDTEvUXA2kQ--rR5GwFcHvpamRrGE9lCn0U6KzztK5haDrYSMYy1FuUTIRN_bWMZDEvdshticS01dBux4l3wRw05lVMBjYsbHrr5JZ7cxNU1mcOT4DohgKyALN9yIf6dd_ELTcWzfjX1yXBRN9MNZc22ETxvicXTmjzRDRwTEN249DBBIb5mkJ17Z1Keizr6QscNYWDoLTig9w9E2qwlSnLMUqjyVcIyBseLKr0VwXfJUV4gnf3gNOUzlTa5OpKjq1r6K6fQO1TByVnQ5O7I_PWjVY7tDklFm6VaZ4XGId_upiqRgVPAoKH_1KBb-bbN3pPyMo3TmeZWbVhSPh_lvviVAOlg2X4vHpDc41OPW0U1pw7FoOwftOgBMFMml2o9VNmGuQ4IiO3J2ccnVmsqmQa9W5dQd-HmRdbr6cn5F8Tm4QxIX00b_ei5hG3aNLFc2G4mVYb1t37pvD88PXr8XqXSK9-08uZa7NOHY_3jGUwg_-Ox6pEg4RssoxoHmUx9DkHPSbLgJFcpVrnZfaD9CNxmjvYcbi4f8XjYViPGKXHVXDtz_G4kZpEi4TSYmuVpxVdQKMSMxiA0mcFtFicxL1r3UVuMoXRV3Lrkri0qUWHQnMRK9nnKU6zQvdl2BD0V8R75BjK8MH11TuxX72CI8cD4TAKcxTcktU40WAoRggI7n99ZXB7l6bBmhu05tLP6vIOOsWLTQrYoLJBWr1J8AU9Y2F2DvfuPRKiucL27-oKPCQIJeHUczgcwLVZ-jeUGedEzXJ8abH-OqpyyVgt6qVF-_a9MUQXI_W2j-xCQsOhP8PHhOGA0w8VsA1_0A8MtDvY3U_OA-szXokDlaiWFY5oPctqJki4DyjljcWwdVk6j3Q0jrDWf52QIJCO6B2vjL9dkGiHJ9h1xyCsLPPZPJtVDoLQzMySa8KGzapvrrUK3plyxgQq3yZASdw8JOcfsBAqUwGX1i-rwwA3mHRpoHs9gGICkuglqFTSXAPicmcEX7m9iGNS6gCNntwEibpZoj-Gq4RRZkJfypu5rM_lfoi544DVVegPGjnfENE4_CpKMlyScje4gVN1Xud8SWqgAYJzgpB3ghqUG-NocDSAgYCNM5FRK4LFG2jWp7t2hRyRF3g2oinyr4xBzvfZXJdR505GDz-3MDDQHmNrehoVbtpCJfbsvhEd726_PHxtNbpcwdNC1TCDlG_1ubJYDkV2rGEhuzgLM-nvx5Sd9WzLUkU8qO9n4zUH02JSYgnd45mGOCx7IVrUW3zLFxBXkR0cdsqS5w13MUWAKMA4Gj0DyVOmM03hl8ZZbwWynA3Kdek1jUsEGCugw_hqXts94DowK533gfYIVXR7ozzUbAcD0PO0td3sHvhya7UpRhk4SZpjW38M87eRBZyRLXEob3MtgYwvN5PSvh7YPu9A7YgWhKjn4LxI7Bsv4N0jG5bDPzEUDEba7n3ZJiMRknBjw414D4q3lkMi_9Eb-ieVVhQTqa4M8H6YQygzbYahdTf-81blsSu6YRk-vHK0WNFvyqLSdguRb8dCh_F2imuxsnpzKTUM5opRSEyMh75UaTZYTLliJv6pEiWTmcri3TBOPax6fUivVrlwjN8kLekFPA9dkhQHekI8AXyy1a5Tbsj8SVFtb4jFE5YpvAbP3eMCBydJmITqm9Uc6Yv9ypIwA4rN1lDSZi-blCHFqmz7wF99TQQlQPyAN1dvhdersgL0BXAK6BJKRjhdn9-7tyQR2VyEzpNM37zrp3pz2zEXpxHQPTbMSbOLyaZ5ppR6uHu7lkWWhC9Lf3APICJjm6vgvjZKJMq7TCGTAn46BklP45jcDCd4oMLXwPBMg9fqCdjcTzTeQhd1lQprUxty5T7dF8B-YvtuHBcev9HjSjFZnIWQrjnNZ0SeUkV1322PDbz1qcjQLnX2gvu5AIgzffFu16B527YuRsh91pkJNlZLbpdBFJ0m0gMSAk2xB5x_b0Wf2xkBhj6NibnbuPKRuXmsigV9T9TN7thYttU4gFfcNcCWukzaB9OUqHTrucAPiCcLHw2khlc5iBNUmjF4Wk0lfmbCkmOUcru0VrlMaa7yX16lYdrwk3uEXgzDeYI_eiPHtsgK9m9Uha7tEbKJ31wN3zJ-zRAGxxowsp1sBvgT9zTu22rr8JDRRJ2gZCHx02p86IS0YI-ybKok3j699pm1CNJKOmUxX2DdYIIpBeEXRGVE-Zmegs6RQUV9jYksS8TSOwGCdrKMCoAkec_c2uLB7VcM-AVxIwNfyUPq_Y2QV2Oc-2npc2FPTe2HINQ4aECNFF3n_DKBnYsYkg3EXxpVZLj3WEpLYCagnAJ123w_ctz1iEVk1_BPIdh9ITuP8mF7-Waxc70TU1apB6hVOAqvFta2Jo8bcB7URSvGZpXj9O4hs88PyMHqNbJfc2ivst8dGzgD9RhX5XSAflTU2978RMWA2MhshOl64_t2Ur265qOq4HcXuSSbtw_BSkudiCsz1qSNITJTwpotRiuWETBOSne6rQc6-X3bjgih0h0_r79p4ta2eusTX9Wvpncn3pVHQaAoUnwZT5GXim96408XoDckT7ymyQaqnZh1Ddt_vb_Adc2AblKk6i7gXAoUcoBF1GdgSdP3xya-RPV69-_UFc98MO6wS8NOBepH-eWoufKO3zgsChIe50hFPw8eed8O7Wi6ENItJ10OwUywELTG9zQmLVH2wU1TOtLWsC865mOkB6fMfs2nEFq7HEjdRQtdQk_jwhpwyg_rV8hiZD77wiIqVRYuAiBorL1LExIVtGTN6IZx0J6YmcKDmweysY4okvjwSP1cpfZUN5C7_MXz7Rf-D4mzC0Qy7lfeRMhwTQycdsBDtJ3fiRJE&cid=CAASFeRoYaaHbW4vkB_H3VGc-jia8hCAOA&rfl=1%2Chttps%253A%252F%252Fwww.megamillions.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:49:17 GMT content-encoding gzip x-content-type-options nosniff age 279 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3159 x-xss-protection 0 server cafe etag 1394524276809619753 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 16 Feb 2022 15:49:17 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20220131/r20110914/ Frame 428E	24 KB 9 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220131/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFPtzQasTFpYiPCb5k1-hiHlWNzhV5jdi6FhaKuVLeJmVqK8bemI6u4JE-4hKvds-p52K2NGhwd9kfrmbVIzp6wG86VilF0JONtLUf6kk9VUyObi1kpnBiGGoUrUa0JVV5uKeI3i2tM6beYaq90GlNu36cLQ&dbm_d=AKAmf-BhV9K2wSS7cX0XxPA5rMXDvuPFeriW371YHqj4omdbM3pdIPwPixET51TYPMRtybqbEUwqMwcJit3hVdJI1O5Js60xIZkJojxEwyLXrTq0YWxaYW3s5voM1_e6zrGhWe7thwjUeadC6GYITge41qi3Mns8VQBb1re8prBGQpVeSQh5MMM1FmWl-VxqMjXQuyCbRuu7BlCp9DZLRprLuz0rpnpRhjwLOb5u_uHNrYmOXE9xE1lpIRYkeboVgU54hk9joqGr9zNKhc4CshDEr1343GCTNILktsnsHNg2m9j6iASzkBHj-Yb4FZbyNk4-yE-7HojEFYBd5i9I5wcPP2PmtxVvWFEImd-RjGwktZkhqknljWlhZCD0lp6g4osRlDTEvUXA2kQ--rR5GwFcHvpamRrGE9lCn0U6KzztK5haDrYSMYy1FuUTIRN_bWMZDEvdshticS01dBux4l3wRw05lVMBjYsbHrr5JZ7cxNU1mcOT4DohgKyALN9yIf6dd_ELTcWzfjX1yXBRN9MNZc22ETxvicXTmjzRDRwTEN249DBBIb5mkJ17Z1Keizr6QscNYWDoLTig9w9E2qwlSnLMUqjyVcIyBseLKr0VwXfJUV4gnf3gNOUzlTa5OpKjq1r6K6fQO1TByVnQ5O7I_PWjVY7tDklFm6VaZ4XGId_upiqRgVPAoKH_1KBb-bbN3pPyMo3TmeZWbVhSPh_lvviVAOlg2X4vHpDc41OPW0U1pw7FoOwftOgBMFMml2o9VNmGuQ4IiO3J2ccnVmsqmQa9W5dQd-HmRdbr6cn5F8Tm4QxIX00b_ei5hG3aNLFc2G4mVYb1t37pvD88PXr8XqXSK9-08uZa7NOHY_3jGUwg_-Ox6pEg4RssoxoHmUx9DkHPSbLgJFcpVrnZfaD9CNxmjvYcbi4f8XjYViPGKXHVXDtz_G4kZpEi4TSYmuVpxVdQKMSMxiA0mcFtFicxL1r3UVuMoXRV3Lrkri0qUWHQnMRK9nnKU6zQvdl2BD0V8R75BjK8MH11TuxX72CI8cD4TAKcxTcktU40WAoRggI7n99ZXB7l6bBmhu05tLP6vIOOsWLTQrYoLJBWr1J8AU9Y2F2DvfuPRKiucL27-oKPCQIJeHUczgcwLVZ-jeUGedEzXJ8abH-OqpyyVgt6qVF-_a9MUQXI_W2j-xCQsOhP8PHhOGA0w8VsA1_0A8MtDvY3U_OA-szXokDlaiWFY5oPctqJki4DyjljcWwdVk6j3Q0jrDWf52QIJCO6B2vjL9dkGiHJ9h1xyCsLPPZPJtVDoLQzMySa8KGzapvrrUK3plyxgQq3yZASdw8JOcfsBAqUwGX1i-rwwA3mHRpoHs9gGICkuglqFTSXAPicmcEX7m9iGNS6gCNntwEibpZoj-Gq4RRZkJfypu5rM_lfoi544DVVegPGjnfENE4_CpKMlyScje4gVN1Xud8SWqgAYJzgpB3ghqUG-NocDSAgYCNM5FRK4LFG2jWp7t2hRyRF3g2oinyr4xBzvfZXJdR505GDz-3MDDQHmNrehoVbtpCJfbsvhEd726_PHxtNbpcwdNC1TCDlG_1ubJYDkV2rGEhuzgLM-nvx5Sd9WzLUkU8qO9n4zUH02JSYgnd45mGOCx7IVrUW3zLFxBXkR0cdsqS5w13MUWAKMA4Gj0DyVOmM03hl8ZZbwWynA3Kdek1jUsEGCugw_hqXts94DowK533gfYIVXR7ozzUbAcD0PO0td3sHvhya7UpRhk4SZpjW38M87eRBZyRLXEob3MtgYwvN5PSvh7YPu9A7YgWhKjn4LxI7Bsv4N0jG5bDPzEUDEba7n3ZJiMRknBjw414D4q3lkMi_9Eb-ieVVhQTqa4M8H6YQygzbYahdTf-81blsSu6YRk-vHK0WNFvyqLSdguRb8dCh_F2imuxsnpzKTUM5opRSEyMh75UaTZYTLliJv6pEiWTmcri3TBOPax6fUivVrlwjN8kLekFPA9dkhQHekI8AXyy1a5Tbsj8SVFtb4jFE5YpvAbP3eMCBydJmITqm9Uc6Yv9ypIwA4rN1lDSZi-blCHFqmz7wF99TQQlQPyAN1dvhdersgL0BXAK6BJKRjhdn9-7tyQR2VyEzpNM37zrp3pz2zEXpxHQPTbMSbOLyaZ5ppR6uHu7lkWWhC9Lf3APICJjm6vgvjZKJMq7TCGTAn46BklP45jcDCd4oMLXwPBMg9fqCdjcTzTeQhd1lQprUxty5T7dF8B-YvtuHBcev9HjSjFZnIWQrjnNZ0SeUkV1322PDbz1qcjQLnX2gvu5AIgzffFu16B527YuRsh91pkJNlZLbpdBFJ0m0gMSAk2xB5x_b0Wf2xkBhj6NibnbuPKRuXmsigV9T9TN7thYttU4gFfcNcCWukzaB9OUqHTrucAPiCcLHw2khlc5iBNUmjF4Wk0lfmbCkmOUcru0VrlMaa7yX16lYdrwk3uEXgzDeYI_eiPHtsgK9m9Uha7tEbKJ31wN3zJ-zRAGxxowsp1sBvgT9zTu22rr8JDRRJ2gZCHx02p86IS0YI-ybKok3j699pm1CNJKOmUxX2DdYIIpBeEXRGVE-Zmegs6RQUV9jYksS8TSOwGCdrKMCoAkec_c2uLB7VcM-AVxIwNfyUPq_Y2QV2Oc-2npc2FPTe2HINQ4aECNFF3n_DKBnYsYkg3EXxpVZLj3WEpLYCagnAJ123w_ctz1iEVk1_BPIdh9ITuP8mF7-Waxc70TU1apB6hVOAqvFta2Jo8bcB7URSvGZpXj9O4hs88PyMHqNbJfc2ivst8dGzgD9RhX5XSAflTU2978RMWA2MhshOl64_t2Ur265qOq4HcXuSSbtw_BSkudiCsz1qSNITJTwpotRiuWETBOSne6rQc6-X3bjgih0h0_r79p4ta2eusTX9Wvpncn3pVHQaAoUnwZT5GXim96408XoDckT7ymyQaqnZh1Ddt_vb_Adc2AblKk6i7gXAoUcoBF1GdgSdP3xya-RPV69-_UFc98MO6wS8NOBepH-eWoufKO3zgsChIe50hFPw8eed8O7Wi6ENItJ10OwUywELTG9zQmLVH2wU1TOtLWsC865mOkB6fMfs2nEFq7HEjdRQtdQk_jwhpwyg_rV8hiZD77wiIqVRYuAiBorL1LExIVtGTN6IZx0J6YmcKDmweysY4okvjwSP1cpfZUN5C7_MXz7Rf-D4mzC0Qy7lfeRMhwTQycdsBDtJ3fiRJE&cid=CAASFeRoYaaHbW4vkB_H3VGc-jia8hCAOA&rfl=1%2Chttps%253A%252F%252Fwww.megamillions.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3fa038660bda739cd06e007628e1d7b8ad1d300aff5c9acce85e73f9ecacc2ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:16 GMT content-encoding gzip x-content-type-options nosniff age 40 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9488 x-xss-protection 0 server cafe etag 10429589367799073301 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 16 Feb 2022 15:53:16 GMT
GET H/1.1	200 OK	request.php Show response hal900023.redintelligence.net/ Frame EAA0 Redirect Chain https://hal900023.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=2c7f9b570e&subid=&uid=7016e5b7bd9f1152&screenSize=1600x1200&screenSizeAvail=1600x1200&cl... https://hal900023.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=2c7f9b570e&subid=&uid=7016e5b7bd9f1152&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...	2 KB 1 KB	92ms 71ms	Script application/x-javascript	78.46.23.46 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900023.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=2c7f9b570e&subid=&uid=7016e5b7bd9f1152&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu_gyE6n6YZuLOtuKrATw4KDgBrXN-YNXzN65q-UM8C4QASD1qZF0YJWioIKwB8gBCakC8YQjb4_6sj6oAwGqBIcCT9DzLkzIJLOpPqwreIwCoLmWHA1t6hq4BDDPUWIE0JjYBOBtgTgyqEopUcPsNuY-FTW1euW_Uo55WDlWQY-8UBc0XCtW1-3Ve_Bv9hUA71TFNyFz49dNImfdntq7l1Bb0GjqWVTPQ4w7Mp0xr2m_7pKVvl5VWF4XMVBZqhx2QmsxszzQ-hv16Z3H28mZx7Fq0iSZhEx6Xac1cCD1Mo3yqchpFKZof-KK_MDZZWpuNPZKHxn2L0hByKMPSLLtB1IF8ueue5hWNGBG1osp4Dt8VBkSeBsWEwLvHuZ--PKOSgrEiuFTaazvwDu85kmt3Kyt8TGy1dIRmDOM_GACUD-Kd3wzspCFAkrABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRo98sIfChX6g-Npim-CVhxT1iVCQ%26sig%3DAOD64_1oOZG8-NCRCEqbfOkp94bpgHn7YA%26client%3Dca-pub-5768712291361172%26dbm_c%3DAKAmf-ANZoamsVnigKK_LHlsW11SGHwXhx3Ay34EaE4hovJ_BtXi7yF0M1nAh2PAXJN-uNqCG_YlsplEdmDeitRjuXO6hVofk8_8BdwWQIWjEZpbLMlb5ASnFz1AjShQN7jh1CIoYPyccsR5TAbq4kjZ1-MRBDO3CA%26cry%3D1%26dbm_d%3DAKAmf-B479cbAHdwU36yTG9zDuOJv49V5Nd5mBuo4pOpbnynZkT1sOHBU3KW45CNtlKAHaZDjs_PGKqHWXKssCtkjLTfgoA47cids4alw1U4cA9CDBav7e-AUIGp08adSv2QrZvkW7-R4enwTHN-p-1PQlHN-uKvz5LcHCQCUPhrz6NKEzZdiRKZ7__NN1im6fuLlAvbzwZorBE0ZZo6Y5K4kmCPzahwCAbbLL8x4ZS0zKFENYk8piU2n3JpQTEX19F4CGQE2AxBJ4moRxXDQXthXMN9RULw7nBW2vSm0zKfO0IplGzJy0OvXQ2p0Z7hLKvuZeNbnpv4G0vtpN40iSyl-8dImqerkObYJZsIa8KK2jgt5fbWp_FThTms8ejTS0P0LzG7fovM5jr5seJdflrZdDX-5XD0WBn-pOMEXg9tbF1pdQWQpYc2C36uZdJYaZpRs6-n8i9PTRUviRPvkkel_QMGWG-TxA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.megamillions.com%2F&ancestorOrigins=https%3A%2F%2Fwww.megamillions.com&random=4249695649633&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Requested by Host: aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com URL: https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Server 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.46.23.46.78.clients.your-server.de Software Apache / Resource Hash 3b254979aa7142990760551fc98481881dfdfbc62e93fbca16e75fa1bf04c70d Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Wed, 02 Feb 2022 15:53:56 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 57400400189202500710616011858023 Connection close Content-Type application/x-javascript; charset=utf-8 Content-Length 894 Expires Wed, 02 Feb 2022 15:53:56 +0100 Redirect headers Pragma no-cache Date Wed, 02 Feb 2022 15:53:56 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=2c7f9b570e&subid=&uid=7016e5b7bd9f1152&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu_gyE6n6YZuLOtuKrATw4KDgBrXN-YNXzN65q-UM8C4QASD1qZF0YJWioIKwB8gBCakC8YQjb4_6sj6oAwGqBIcCT9DzLkzIJLOpPqwreIwCoLmWHA1t6hq4BDDPUWIE0JjYBOBtgTgyqEopUcPsNuY-FTW1euW_Uo55WDlWQY-8UBc0XCtW1-3Ve_Bv9hUA71TFNyFz49dNImfdntq7l1Bb0GjqWVTPQ4w7Mp0xr2m_7pKVvl5VWF4XMVBZqhx2QmsxszzQ-hv16Z3H28mZx7Fq0iSZhEx6Xac1cCD1Mo3yqchpFKZof-KK_MDZZWpuNPZKHxn2L0hByKMPSLLtB1IF8ueue5hWNGBG1osp4Dt8VBkSeBsWEwLvHuZ--PKOSgrEiuFTaazvwDu85kmt3Kyt8TGy1dIRmDOM_GACUD-Kd3wzspCFAkrABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRo98sIfChX6g-Npim-CVhxT1iVCQ%26sig%3DAOD64_1oOZG8-NCRCEqbfOkp94bpgHn7YA%26client%3Dca-pub-5768712291361172%26dbm_c%3DAKAmf-ANZoamsVnigKK_LHlsW11SGHwXhx3Ay34EaE4hovJ_BtXi7yF0M1nAh2PAXJN-uNqCG_YlsplEdmDeitRjuXO6hVofk8_8BdwWQIWjEZpbLMlb5ASnFz1AjShQN7jh1CIoYPyccsR5TAbq4kjZ1-MRBDO3CA%26cry%3D1%26dbm_d%3DAKAmf-B479cbAHdwU36yTG9zDuOJv49V5Nd5mBuo4pOpbnynZkT1sOHBU3KW45CNtlKAHaZDjs_PGKqHWXKssCtkjLTfgoA47cids4alw1U4cA9CDBav7e-AUIGp08adSv2QrZvkW7-R4enwTHN-p-1PQlHN-uKvz5LcHCQCUPhrz6NKEzZdiRKZ7__NN1im6fuLlAvbzwZorBE0ZZo6Y5K4kmCPzahwCAbbLL8x4ZS0zKFENYk8piU2n3JpQTEX19F4CGQE2AxBJ4moRxXDQXthXMN9RULw7nBW2vSm0zKfO0IplGzJy0OvXQ2p0Z7hLKvuZeNbnpv4G0vtpN40iSyl-8dImqerkObYJZsIa8KK2jgt5fbWp_FThTms8ejTS0P0LzG7fovM5jr5seJdflrZdDX-5XD0WBn-pOMEXg9tbF1pdQWQpYc2C36uZdJYaZpRs6-n8i9PTRUviRPvkkel_QMGWG-TxA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.megamillions.com%2F&ancestorOrigins=https%3A%2F%2Fwww.megamillions.com&random=4249695649633&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Type text/html; charset=UTF-8 Content-Length 0 Expires Wed, 02 Feb 2022 15:53:56 +0100
GET H3	200	-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js Show response pagead2.googlesyndication.com/bg/ Frame 0057	35 KB 13 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:49:21 GMT content-encoding br x-content-type-options nosniff age 275 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13701 x-xss-protection 0 last-modified Thu, 27 Jan 2022 13:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 02 Feb 2023 15:49:21 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 428E	41 KB 15 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com URL: https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 14:07:57 GMT content-encoding gzip x-content-type-options nosniff age 6359 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 02 Feb 2023 14:07:57 GMT
GET DATA	200 OK	truncated / Frame 428E	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b80c6d6f958799e4b8f73d7f6f8fe1432dfc9422f8a5af8d2b9fefb3fa4282cf Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET H2	200	sfht0if3y.js Show response cdn.krxd.net/controltag/ Frame 428E	11 KB 4 KB	37ms 7ms	Script text/javascript	151.101.2.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.krxd.net/controltag/sfht0if3y.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 9cf0a7f1ad73851698fe4e7acf61754a0d6cc2dfe12ac15f4c0248feace8cd85 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-cdn-backend 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod date Wed, 02 Feb 2022 15:53:56 GMT via 1.1 varnish, 1.1 varnish age 1117 x-cache MISS, HIT, HIT x-app-cache HIT x-age 0 content-encoding gzip content-length 3743 x-served-by config-service-a003-ash-prod.krxd.net, cache-iad-kiad7000084-IAD, cache-hhn4081-HHN x-response-time 0 x-do-esi esi x-timer S1643817237.512062,VS0,VE0 etag "b7b9ede32a13955b010743207a7d773d9229f60e" vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control public, max-age=1200 accept-ranges bytes x-cache-hits 0, 1, 1278
GET H3	200	index.html Show response s0.2mdn.net/4528516/2830187242865358/ Frame E4DE	7 KB 3 KB	24ms 8ms	Document text/html	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/4528516/2830187242865358/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 16d884ef0bd6e2658b7192b9b9464e739e7143c83bc396a1ce32f9922543eeb1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip access-control-allow-origin * cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-length 2653 x-content-type-options nosniff server sffe x-xss-protection 0 date Wed, 02 Feb 2022 08:28:48 GMT expires Thu, 03 Feb 2022 08:28:48 GMT cache-control public, max-age=86400 age 26708 last-modified Thu, 09 Dec 2021 05:22:31 GMT content-type text/html alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 428E	0 571 B	101ms 49ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsue55oQlsjuu8tbbcRWaAArKzIj5MF7pP7YUJEiD80nUTRy_Vi7LV0HdmTK2y9AxoHrfxRdJzaKMHs-z4ui6L0Rrr2oONNqSJcU5741g7ANNlI_HMQQ1hxbof-VOHQgwa7ufPQD7V3-hyVgUsLig6NUBF9tGkBxfJRJGIxChC4WyJJBY8ARj3BWesvZxaqKmvHIf-wBF5T5LtYODBzLqzKPUW5A2M-pxyFfJClBotGrc-MTsvjbYWUVyVq9_tlMQNRezTTBC46-bn_4cZJvnncuOsPtzh269rT-k4E_tdIUdpdctU6CRBdWM7-ST1djI55pB5AZV2bJ8q4qLpjzl6CjVDCIYG4PJ589z4JbHY9CcAiHefmWsgltM-CasRPb0uDppoBU3r508N8hTrsjEiqHAZyEC1l3UO0Pf71ETXAhgZ81PKWwu9x9hfcZV24gVkVreKTifb3wu7M7VoH4ytB5UfYytQeB5u2yAK20azmHUjyH-KLubvl7Ycih6dRvXpR48XI92BqoXccRgNVcKkr7XWwl0Kl-kaKt4n-I7I7xc4aRVfyXZ7Jt-bIhxNt0qNAqmaKKem2c2_rVs8TMHeNhHXkVHCcUm-NAACHoMUDJQslwCngWl-1ERYCBnXgyThOyPY3K5AQd0N3SVGO1VcbuQfQf4iDTpN1QX3DlAuwub2jIdJKvlZU1e7QkWsy8lIbQZfB2kJmiJubsErNTut4k7l1q5cPYCn_w9ENfLXBF369PdGauAsiJN4Z1SbfyiwRcxlmrRnZ87xZjEON0hv_B9yzv6MAWiZnGJp3lanz6YCDuYvTZ1JJ6zuB8cloqyCQqdsSBOIx8sOEeZn7fB8PP2XX1pszUbjf3Ca0cpoetHxywAbcCx1j5CTmOgMpjGM_5a87SbvN8mKfEPa6GjGoIlzR3PhQJeivEUXj5j-5SmjeFBwvYu_i0SJNjZAcjBZQuso-jkHJeyv-3t528yZJI1C9re97ZnCP92g5ZdjcPt-9Gp5ITqkC-esGLiMKbCATe_aSccpM6QJ3OBwmZR9JX3Zzhmp8wWeB4_Bzg9-sDx2zVW5lBT38ggS6h9Y_v7-AF-TX4j0qfZ-yzIHNw8xFr5vXcKv-sZ2K_qRBWPSKI2vTCayfCEnp3PCAtSA8gGj_wh00PzJmsiZzOwoHZK5-UwRnw8PzdeGChImaaWbGSHyx-ohF6EiN8wVW1n0LKko870FFmPpPLLNmQSig&sai=AMfl-YTdn5FMcvoTILXt-GbejxA0Hl4n2M6VmHNxJxIXzuX_F4zlDtCMl0Pr_KoEoPr6zONGpPfYjzM8I2ZKR66AvtnbOZzdkvoi4PDQDQ9mHrs2LhgFKgtVhQO6lwI5nHtLk1w9NZ3TXwGHodBR8WfxlY-B2yE1XP6IIDy3u-s&sig=Cg0ArKJSzEz7pQmX_lMeEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=132&cbvp=1&cstd=130&cisv=r20220131.33585&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl= Requested by Host: www.megamillions.com URL: https://www.megamillions.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Wed, 02 Feb 2022 15:53:56 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 01F1	22 KB 8 KB	7ms 7ms	Document text/html	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 x-content-type-options nosniff server sffe x-xss-protection 0 date Wed, 02 Feb 2022 14:07:57 GMT expires Thu, 02 Feb 2023 14:07:57 GMT cache-control public, max-age=31536000 last-modified Tue, 03 Mar 2020 20:15:00 GMT content-type text/html age 6359 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	activityi;dc_pre=CJWN4bOw4fUCFfUHBgAdKygEYQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8556203208667.255 Show response 5994599.fls.doubleclick.net/ Frame 807C Redirect Chain https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8556203208667.255? https://5994599.fls.doubleclick.net/activityi;dc_pre=CJWN4bOw4fUCFfUHBgAdKygEYQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8556203208667.255?	391 B 347 B	41ms 26ms	Document text/html	142.250.185.198 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://5994599.fls.doubleclick.net/activityi;dc_pre=CJWN4bOw4fUCFfUHBgAdKygEYQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8556203208667.255? Requested by Host: www.megamillions.com URL: https://www.megamillions.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.198 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f6.1e100.net Software cafe / Resource Hash 897022447d518d88083355bc1f751f117eaa9a74502d2b2e73d129647285419b Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Wed, 02 Feb 2022 15:53:56 GMT expires Wed, 02 Feb 2022 15:53:56 GMT cache-control private, max-age=0 strict-transport-security max-age=21600 content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip server cafe content-length 324 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Redirect headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin date Wed, 02 Feb 2022 15:53:56 GMT pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate follow-only-when-prerender-shown 1 strict-transport-security max-age=21600 location https://5994599.fls.doubleclick.net/activityi;dc_pre=CJWN4bOw4fUCFfUHBgAdKygEYQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8556203208667.255? content-type text/html; charset=UTF-8 x-content-type-options nosniff server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	request_content.php Show response hal900023.redintelligence.net/ Frame 0BC9	4 KB 2 KB	35ms 11ms	Document text/html	78.46.23.46 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900023.redintelligence.net/request_content.php?s=57400400189202500710616011858023&a=dbe57b68 Requested by Host: hal900023.redintelligence.net URL: https://hal900023.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=2c7f9b570e&subid=&uid=7016e5b7bd9f1152&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCu_gyE6n6YZuLOtuKrATw4KDgBrXN-YNXzN65q-UM8C4QASD1qZF0YJWioIKwB8gBCakC8YQjb4_6sj6oAwGqBIcCT9DzLkzIJLOpPqwreIwCoLmWHA1t6hq4BDDPUWIE0JjYBOBtgTgyqEopUcPsNuY-FTW1euW_Uo55WDlWQY-8UBc0XCtW1-3Ve_Bv9hUA71TFNyFz49dNImfdntq7l1Bb0GjqWVTPQ4w7Mp0xr2m_7pKVvl5VWF4XMVBZqhx2QmsxszzQ-hv16Z3H28mZx7Fq0iSZhEx6Xac1cCD1Mo3yqchpFKZof-KK_MDZZWpuNPZKHxn2L0hByKMPSLLtB1IF8ueue5hWNGBG1osp4Dt8VBkSeBsWEwLvHuZ--PKOSgrEiuFTaazvwDu85kmt3Kyt8TGy1dIRmDOM_GACUD-Kd3wzspCFAkrABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRo98sIfChX6g-Npim-CVhxT1iVCQ%26sig%3DAOD64_1oOZG8-NCRCEqbfOkp94bpgHn7YA%26client%3Dca-pub-5768712291361172%26dbm_c%3DAKAmf-ANZoamsVnigKK_LHlsW11SGHwXhx3Ay34EaE4hovJ_BtXi7yF0M1nAh2PAXJN-uNqCG_YlsplEdmDeitRjuXO6hVofk8_8BdwWQIWjEZpbLMlb5ASnFz1AjShQN7jh1CIoYPyccsR5TAbq4kjZ1-MRBDO3CA%26cry%3D1%26dbm_d%3DAKAmf-B479cbAHdwU36yTG9zDuOJv49V5Nd5mBuo4pOpbnynZkT1sOHBU3KW45CNtlKAHaZDjs_PGKqHWXKssCtkjLTfgoA47cids4alw1U4cA9CDBav7e-AUIGp08adSv2QrZvkW7-R4enwTHN-p-1PQlHN-uKvz5LcHCQCUPhrz6NKEzZdiRKZ7__NN1im6fuLlAvbzwZorBE0ZZo6Y5K4kmCPzahwCAbbLL8x4ZS0zKFENYk8piU2n3JpQTEX19F4CGQE2AxBJ4moRxXDQXthXMN9RULw7nBW2vSm0zKfO0IplGzJy0OvXQ2p0Z7hLKvuZeNbnpv4G0vtpN40iSyl-8dImqerkObYJZsIa8KK2jgt5fbWp_FThTms8ejTS0P0LzG7fovM5jr5seJdflrZdDX-5XD0WBn-pOMEXg9tbF1pdQWQpYc2C36uZdJYaZpRs6-n8i9PTRUviRPvkkel_QMGWG-TxA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.megamillions.com%2F&ancestorOrigins=https%3A%2F%2Fwww.megamillions.com&random=4249695649633&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.46.23.46.78.clients.your-server.de Software Apache / Resource Hash 304effa5bc35ecf4e4ac9d837b229aa05870d372e6b2a7dd96cc8a1053351999 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ Response headers Date Wed, 02 Feb 2022 15:53:56 GMT Server Apache Cache-Control no-store, no-cache, must-revalidate, max-age=0 Expires Wed, 02 Feb 2022 15:53:56 +0100 Pragma no-cache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Vary Accept-Encoding Content-Encoding gzip Content-Length 1528 Connection close Content-Type text/html; charset=utf-8
GET DATA	200 OK	truncated / Frame EAA0	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f8912fcf230fd362c732029f1e3b40edf1b806deab55b27ee7330a7b0abe332f Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET H2	200	createjs.min.js Show response code.createjs.com/1.0.0/ Frame E4DE	236 KB 63 KB	318ms 97ms	Script text/javascript	2a03:5f80:a::b212:e78b DATAIX-AS Peering...
General Check archive.org Show headers Download Go to Full URL https://code.createjs.com/1.0.0/createjs.min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/4528516/2830187242865358/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a03:5f80:a::b212:e78b , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU), Reverse DNS Software Apache / Resource Hash e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:56 GMT content-encoding gzip server Apache cache-control max-age=900 vary Accept-Encoding content-type text/javascript x-n S accept-ranges bytes expires Wed, 02 Feb 2022 16:08:56 GMT
GET H3	200	javascript.js Show response s0.2mdn.net/4528516/2830187242865358/ Frame E4DE	29 KB 8 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/4528516/2830187242865358/javascript.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/4528516/2830187242865358/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 539de09ec489cf7db68057af919c311e57109b78f63748f58d1cbdb38d6457ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/4528516/2830187242865358/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 08:28:48 GMT content-encoding gzip x-content-type-options nosniff age 26708 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7820 x-xss-protection 0 last-modified Thu, 09 Dec 2021 05:22:31 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 03 Feb 2022 08:28:48 GMT
GET H2	200	controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response cdn.krxd.net/ctjs/ Frame 428E	259 KB 83 KB	7ms 6ms	Script application/javascript	151.101.2.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/controltag/sfht0if3y.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.2.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-cdn-backend 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3 date Wed, 02 Feb 2022 15:53:56 GMT content-encoding gzip age 5589159 x-amz-server-side-encryption AES256 x-cache HIT x-cache-hits 11421932 content-length 84509 x-served-by cache-hhn4081-HHN last-modified Mon, 02 Aug 2021 12:06:17 GMT x-timer S1643817237.558813,VS0,VE0 etag "a1705c5ac5f06cf0c202ff70908fc042" content-type application/javascript via 1.1 varnish cache-control public, max-age=315360000 accept-ranges bytes expires Thu, 31 Jul 2031 12:06:16 GMT
GET H3	200	-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js Show response pagead2.googlesyndication.com/bg/ Frame 01F1	35 KB 13 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:49:21 GMT content-encoding br x-content-type-options nosniff age 275 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13701 x-xss-protection 0 last-modified Thu, 27 Jan 2022 13:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 02 Feb 2023 15:49:21 GMT
POST H2	200	GetLatestDrawData Show response www.megamillions.com/cmspages/utilservice.asmx/	5 KB 1 KB	530ms 530ms	XHR application/json	2606:4700:10::ac43:188d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.megamillions.com/cmspages/utilservice.asmx/GetLatestDrawData Requested by Host: www.megamillions.com URL: https://www.megamillions.com/scripts/jquery.3.3.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 73d5e8a961722b56b33362e22254a79fd892a3b43232634ff6efa70dfce9ddc9 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.megamillions.com/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type application/json Response headers date Wed, 02 Feb 2022 15:53:57 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare x-aspnet-version 4.0.30319 x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 cf-ray 6d749860b94b90e6-FRA
POST H2	200	GetTopRandomWinners Show response www.megamillions.com/cmspages/utilservice.asmx/	1 KB 530 B	503ms 502ms	XHR application/json	2606:4700:10::ac43:188d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.megamillions.com/cmspages/utilservice.asmx/GetTopRandomWinners Requested by Host: www.megamillions.com URL: https://www.megamillions.com/scripts/jquery.3.3.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 38321c4a67dbfd2fc8fa5fbfb8759c1bcbee719417ed0644175c245186cb5b85 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.megamillions.com/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type application/json Response headers date Wed, 02 Feb 2022 15:53:57 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare x-aspnet-version 4.0.30319 x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 cf-ray 6d749860b95090e6-FRA
POST H2	200	GetLotteryStateData Show response www.megamillions.com/CMSPages/UtilService.asmx/	13 KB 3 KB	490ms 490ms	XHR application/json	2606:4700:10::ac43:188d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.megamillions.com/CMSPages/UtilService.asmx/GetLotteryStateData Requested by Host: www.megamillions.com URL: https://www.megamillions.com/scripts/jquery.3.3.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 39e70d40fb03088b4a042567ef051aefd51aab31463e1061f26f1feb84bd3ecd Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.megamillions.com/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers date Wed, 02 Feb 2022 15:53:57 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare x-aspnet-version 4.0.30319 x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 cf-ray 6d749860b95190e6-FRA
GET H/1.1	200 OK	300x250_OMAC_2016_Launch%20(3).jpg cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame 0BC9	52 KB 52 KB	79ms 22ms	Image image/jpeg	88.99.69.161 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.contentspread.net/24i/advertiser/32995/creativesup/300x250_OMAC_2016_Launch%20(3).jpg Requested by Host: hal900023.redintelligence.net URL: https://hal900023.redintelligence.net/request_content.php?s=57400400189202500710616011858023&a=dbe57b68 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.69.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.161.69.99.88.clients.your-server.de Software nginx / Resource Hash 23ef33989f2db4e8afde93e57b1534aeca826f6c70e794a9d7a418fea9a58614 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal900023.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 02 Feb 2022 15:53:56 GMT Last-Modified Mon, 20 Jun 2016 09:16:21 GMT Server nginx ETag "5767b465-ce63" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 52835
GET H/1.1	200 OK	viewability Show response hal900023.redintelligence.net/ Frame 0BC9	0 150 B	33ms 11ms	Script text/html	78.46.23.46 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900023.redintelligence.net/viewability?s=57400400189202500710616011858023&a=e40b766a&vb=m Requested by Host: hal900023.redintelligence.net URL: https://hal900023.redintelligence.net/request_content.php?s=57400400189202500710616011858023&a=dbe57b68 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.46.23.46.78.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal900023.redintelligence.net/request_content.php?s=57400400189202500710616011858023&a=dbe57b68 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 02 Feb 2022 15:53:56 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET DATA	200 OK	truncated / Frame 0BC9	43 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/gif
GET H2	204	ad_impression.gif beacon.krxd.net/ Frame 428E	0 338 B	109ms 30ms	Image text/plain	108.128.79.28 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/ad_impression.gif?campaignid=11313517&advertiserid=4528516&placementid=150618917&adid=321276317&creativeid=163019024&siteid=1729994&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=af5fc09f-edef-481c-bfa7-696005c6deb3&confid=sfht0if3y Requested by Host: aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com URL: https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.79.28 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-108-128-79-28.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:56 GMT cache-control private, no-cache, no-store x-request-time D=32 t=1643817236 x-served-by beacon-n007-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 0057	0 20 B	44ms 43ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BEekGFKn6YbjzDoPv3gOziY-YCgAAAAA4AeAEAg&bg=!kJOlk9fNAAYZkRhwGZE7ACkAdvg8WmG3sVW1ZJfZlORLvoSsCPOE_u1d_KQWTn4D3NYw15-LCOEgoQIAAAE6UgAAAANoAQeZAwASCkY97hC_44bF0AFhwcCWv6-uV9KOt7T3mnZaFjSN046WRazA_mTlJyoQfZBQBkrMNrmRoYkKNuwN4D5rajOdHCAjCmhx9CxiR-U-HDUhYGw11EmMRFT3_iIRlw--GRnoRH2OqEj_JP9toR81M5hL4yPyxwr9fKI08KlYPuz96ARcIMD8UoJtAl8D2i5Z6xceD0jh7QI7IU9AInvUL-khYzKY-ZbgOdjylOKFVaPaYV72TpeTTcipm6xPi2HRWGu9hGwuvQxKg7YrA7GRmq1OZPFpK3WMhvHmnPwl1MSGfGfhgosxwaX3RXzRx3VFgTyrS93FvDvuRelrgC22PyL6jc5VTS41GxDgHQUs44EoUGtbG-s5RA8P6m1IrINdzxrMQr6y0w0V6KDjURdtiakqdF17c3Rax5p7U0EuwYGjLYEXThUz7NmeB6FrFkUbRRh0ko_ymJvauRrJMJmHKl2cj27cKuURCtPjo1UXDcTbn75HQZmigMc99gWjrkdhXHE_O3n7qS08Jwtgw-6pFiy-cyljEXa08atgUzOHNag30jEKFJu2FUR31eGc-K92YYfunTc3B02u9SgGAQVK8ikmjYDWIypWp-fpkQjyqx_hv50OQmg6A_kvrXjgbtlKum9_Bn_60y3IDQA70RxBubEW1zyYxREYM9ox1HJCy6k4xRDeGjkf7EtpNQbmZ0W4SeRB3BQEQbfxm5_DfFN0kaN5iNOGr2jTrXwVkijeSlkHZTs4Ks09j-SiKufgjPNpBgxPnAaUNDH75eINBHqHucW1ioxq23814hR2WMxYMb_afx3eBm7IWxrZ6fB-4ON2IPZQamAPlR5KZd7Zr13RxOhMsRr7XqpULPsqP7S4LC2ZyHQIdPMANJ0Q55MPfB6U_AZ63linSNleYL6mE8umaPLCe6Qos8WtWl8Ri3DgGxgGfDQbKGe7zmD-qve5T0xQxPi6O5r5gyZAFjQuQPvvWoI8kGgFmqk4gPqzKSqJEgvYVs0GZv9U1CROwEiqhxWO6ao Requested by Host: aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com URL: https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 02 Feb 2022 15:53:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	dc_pre=CJWN4bOw4fUCFfUHBgAdKygEYQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8556203208667.255 adservice.google.com/ddm/fls/z/ Frame 807C	42 B 63 B	43ms 43ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CJWN4bOw4fUCFfUHBgAdKygEYQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8556203208667.255 Requested by Host: 5994599.fls.doubleclick.net URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJWN4bOw4fUCFfUHBgAdKygEYQ;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8556203208667.255? Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://5994599.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 02 Feb 2022 15:53:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	af5fc09f-edef-481c-bfa7-696005c6deb3 Show response consumer.krxd.net/consent/get/ Frame 428E	236 B 426 B	55ms 32ms	Script text/javascript	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://consumer.krxd.net/consent/get/af5fc09f-edef-481c-bfa7-696005c6deb3?idt=device&dt=kxcookie&callback=Krux.ns.congstar.kxjsonp_consent_get_0 Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 1c16d201a9100daacb04cf145129a08cb61e6c06afe4c81f9d63eb7090718c12 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:56 GMT via 1.1 varnish age 0 x-served-by consumer-a008-dub-prod.krxd.net, cache-hhn4036-HHN vary Accept-Encoding x-cache MISS, MISS content-type text/javascript; charset=UTF-8 content-encoding gzip cache-control max-age=1800 x-age 0 accept-ranges bytes x-timer S1643817237.856107,VS0,VE26 content-length 187 x-cache-hits 0, 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 01F1	0 20 B	43ms 43ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bza8sFKn6YZ7XDryZrATfrp3ADQAAAAA4AeAEAg&bg=!LyylLGjNAAYZkRhwGZE7ACkAdvg8WhgB0hRV2GUQxidcMPVXRB_BQZnQBH2cpAuMg_2NZJ-0YQW5GAIAAACWUgAAAARoAQeZAwf8ZCpGGyPTHs426QhoMLWCb6DkRwwcl_Ap-BPKS1E58-p082-rsnu17jNLirv80riIy5bD05D-fkQgZxn1_tT6yiKJ-ATEFIkgOmk-MHVNqqOHnW0kKpOHhVbJK677NmX4-Qv6Qch5wICq6IChIPTxzDVWL7BvLQhGSDKhQunt3kPbPqb1Mo-kSDX30grS9ylZ1G9a6qFGIKo7hdT_QYpzSAjPLNBglFNHsNEFHPKYT5TbP4rdqeEE7P4JnFONaU2_n1JztVr5yO1SugkHPosXXt7OOF0wR2I68Zt0KHu-lPt_ga3eEVcf79qZ0KBWUmbHpLRl24fRTI3EVJi0jWKrgckxQIWUHOY4iZL_qFtzVEPk4Ih2aA4DBpNutXeMuSXOlys4fq5K1xI4Pq7sMIXEqmMZPoh0VWrQJHpPrrLIlMjXTJ7PTn2jQIJRQZhIR2xSM3wyWYntRonfLfpSk9f8jn_Aulm5k8TBiXOijc7e7OoKwzGSEMbNIKE65cam9yb1skuSdrQPBzNPGZEh9x_00po70fhDl9URx5OM0ez9nVZH2gDkb3fdC5ZunVuIFX_fsxpLkfKUsujH0Ag3uy9ZF3OUCt8-XtVXJ-iN8DWi42NUALUhJVsL65jCqUPm3GfFeVV0WLuZpX0BYGxR92ufmVyNs6M9hkp_m4P71Z01SMURmsVE4lmgRWdw6kRtkkjxA8tCzDJphgzZQgsK8obQws1a_9ohzZOq2CmJIvVGlJ4z8PhkQKAZz9ZtC_fbzKYfjRdddM4YCHCTYN1sW5u-kS9ej-Rf_n8nFDQDwDueTGYuKpViH_Nz02U993q8Z-dCRg28ZxpiVKJJjxuyANbMvq-55CiabcUZxSIUcUgLT60Lkgkjf4z_mUeiHcA9IoqD7JIRfqzDcCCgyvqZioza8plscsxleBjFu9PizqZRg5j3H2xD5Dh_SRJhAWDUBUrkvoF7v2Q0qxA--iXd5DDGjCWak5_1sOyBZN00Oq-ya2NAbFKn9wBHAINkQ04UJbdh30xJWBlB Requested by Host: aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com URL: https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 02 Feb 2022 15:53:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	device.png s0.2mdn.net/4528516/2830187242865358/ Frame E4DE	22 KB 23 KB	8ms 7ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/4528516/2830187242865358/device.png Requested by Host: aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com URL: https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0fabbec15801a30e129cb31d837afb27195efaf3747e1babebd01375aaf308bf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/4528516/2830187242865358/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 08:28:49 GMT x-content-type-options nosniff age 26707 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23016 x-xss-protection 0 last-modified Thu, 09 Dec 2021 05:22:31 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 03 Feb 2022 08:28:49 GMT
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 428E	0 23 B	59ms 43ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsue55oQlsjuu8tbbcRWaAArKzIj5MF7pP7YUJEiD80nUTRy_Vi7LV0HdmTK2y9AxoHrfxRdJzaKMHs-z4ui6L0Rrr2oONNqSJcU5741g7ANNlI_HMQQ1hxbof-VOHQgwa7ufPQD7V3-hyVgUsLig6NUBF9tGkBxfJRJGIxChC4WyJJBY8ARj3BWesvZxaqKmvHIf-wBF5T5LtYODBzLqzKPUW5A2M-pxyFfJClBotGrc-MTsvjbYWUVyVq9_tlMQNRezTTBC46-bn_4cZJvnncuOsPtzh269rT-k4E_tdIUdpdctU6CRBdWM7-ST1djI55pB5AZV2bJ8q4qLpjzl6CjVDCIYG4PJ589z4JbHY9CcAiHefmWsgltM-CasRPb0uDppoBU3r508N8hTrsjEiqHAZyEC1l3UO0Pf71ETXAhgZ81PKWwu9x9hfcZV24gVkVreKTifb3wu7M7VoH4ytB5UfYytQeB5u2yAK20azmHUjyH-KLubvl7Ycih6dRvXpR48XI92BqoXccRgNVcKkr7XWwl0Kl-kaKt4n-I7I7xc4aRVfyXZ7Jt-bIhxNt0qNAqmaKKem2c2_rVs8TMHeNhHXkVHCcUm-NAACHoMUDJQslwCngWl-1ERYCBnXgyThOyPY3K5AQd0N3SVGO1VcbuQfQf4iDTpN1QX3DlAuwub2jIdJKvlZU1e7QkWsy8lIbQZfB2kJmiJubsErNTut4k7l1q5cPYCn_w9ENfLXBF369PdGauAsiJN4Z1SbfyiwRcxlmrRnZ87xZjEON0hv_B9yzv6MAWiZnGJp3lanz6YCDuYvTZ1JJ6zuB8cloqyCQqdsSBOIx8sOEeZn7fB8PP2XX1pszUbjf3Ca0cpoetHxywAbcCx1j5CTmOgMpjGM_5a87SbvN8mKfEPa6GjGoIlzR3PhQJeivEUXj5j-5SmjeFBwvYu_i0SJNjZAcjBZQuso-jkHJeyv-3t528yZJI1C9re97ZnCP92g5ZdjcPt-9Gp5ITqkC-esGLiMKbCATe_aSccpM6QJ3OBwmZR9JX3Zzhmp8wWeB4_Bzg9-sDx2zVW5lBT38ggS6h9Y_v7-AF-TX4j0qfZ-yzIHNw8xFr5vXcKv-sZ2K_qRBWPSKI2vTCayfCEnp3PCAtSA8gGj_wh00PzJmsiZzOwoHZK5-UwRnw8PzdeGChImaaWbGSHyx-ohF6EiN8wVW1n0LKko870FFmPpPLLNmQSig&sai=AMfl-YTdn5FMcvoTILXt-GbejxA0Hl4n2M6VmHNxJxIXzuX_F4zlDtCMl0Pr_KoEoPr6zONGpPfYjzM8I2ZKR66AvtnbOZzdkvoi4PDQDQ9mHrs2LhgFKgtVhQO6lwI5nHtLk1w9NZ3TXwGHodBR8WfxlY-B2yE1XP6IIDy3u-s&sig=Cg0ArKJSzEz7pQmX_lMeEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=611&vt=11&dtpt=479&dett=3&cstd=130&cisv=r20220131.33585&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl= Requested by Host: www.megamillions.com URL: https://www.megamillions.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Wed, 02 Feb 2022 15:53:56 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	200	optout_check Show response beacon.krxd.net/ Frame 428E	81 B 240 B	30ms 30ms	Script text/javascript	108.128.79.28 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://beacon.krxd.net/optout_check?callback=Krux.ns.congstar.kxjsonp_optOutCheck Requested by Host: cdn.krxd.net URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.79.28 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-108-128-79-28.eu-west-1.compute.amazonaws.com Software / Resource Hash bd9b65073eccb7c7af1ff7777cd467296ec1b16df1ef5d7677d08b0e85b6d57c Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:56 GMT cache-control private, max-age=0, s-max-age=0 x-request-time D=51 t=1643817236 x-served-by beacon-n004-dub-prod.krxd.net content-type text/javascript
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	13 KB 10 KB	36ms 21ms	XHR application/json	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012701&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064649 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0149f7fde8287a6f4e3faffba1be6593c9c6e6aad3aae8fb60c70355541490f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Wed, 02 Feb 2022 15:53:56 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9875 x-xss-protection 0
GET H3	200	collect www.google-analytics.com/	35 B 55 B	6ms 6ms	Image image/gif	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=1458754191&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.megamillions.com%2F&ul=en-us&de=UTF-8&dt=Mega%20Millions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=Percentage&el=25%25&_u=aAjAAAABAAAAAC~&jid=&gjid=&cid=1147263893.1643817236&tid=UA-130954248-1&_gid=1304293913.1643817236&gtm=2wg1v05G7656B&z=1125069936 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Tue, 01 Feb 2022 18:53:03 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 75653 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	6ms 6ms	Image image/gif	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=1458754191&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.megamillions.com%2F&ul=en-us&de=UTF-8&dt=Mega%20Millions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=Percentage&el=50%25&_u=aAjAAAABAAAAAC~&jid=&gjid=&cid=1147263893.1643817236&tid=UA-130954248-1&_gid=1304293913.1643817236&gtm=2wg1v05G7656B&z=1833153825 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Tue, 01 Feb 2022 18:53:03 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 75653 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	7ms 6ms	Image image/gif	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=1458754191&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.megamillions.com%2F&ul=en-us&de=UTF-8&dt=Mega%20Millions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=Percentage&el=75%25&_u=aAjAAAABAAAAAC~&jid=&gjid=&cid=1147263893.1643817236&tid=UA-130954248-1&_gid=1304293913.1643817236&gtm=2wg1v05G7656B&z=97387564 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Tue, 01 Feb 2022 18:53:03 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 75653 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	7ms 7ms	Image image/gif	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=1458754191&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.megamillions.com%2F&ul=en-us&de=UTF-8&dt=Mega%20Millions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=Percentage&el=100%25&_u=aAjAAAABAAAAAC~&jid=&gjid=&cid=1147263893.1643817236&tid=UA-130954248-1&_gid=1304293913.1643817236&gtm=2wg1v05G7656B&z=478981602 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Tue, 01 Feb 2022 18:53:03 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 75653 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	visual.png s0.2mdn.net/4528516/2830187242865358/ Frame E4DE	79 KB 79 KB	8ms 7ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/4528516/2830187242865358/visual.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7a1b9e7015c9607b7b8631958f2b3d0e8ae4c9e3a0dd27abe4b8978b386b13c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/4528516/2830187242865358/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 08:28:49 GMT x-content-type-options nosniff age 26707 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 80514 x-xss-protection 0 last-modified Thu, 09 Dec 2021 05:22:31 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 03 Feb 2022 08:28:49 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	99ms 98ms	Script text/javascript	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064649 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:57 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 02 Feb 2022 15:53:57 GMT
GET H2	200	MD-Lottery-logo.jpg.aspx www.megamillions.com/getmedia/a22aa17d-f8a2-4bb3-a775-201f8a9094f0/	9 KB 9 KB	525ms 525ms	Image image/jpeg	2606:4700:10::ac43:188d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.megamillions.com/getmedia/a22aa17d-f8a2-4bb3-a775-201f8a9094f0/MD-Lottery-logo.jpg.aspx?ext=.jpg&width=220 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash a54425aa4c783f136e8f1649ec1b3bf719865b7104ec6b1051178405b7c91b26 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:57 GMT vary Accept-Encoding cf-cache-status EXPIRED x-aspnet-version 4.0.30319 x-powered-by ASP.NET content-disposition inline; filename="MD-Lottery-logo.jpg" content-length 9480 last-modified Wed, 10 Feb 2021 05:04:27 GMT server cloudflare etag "2/10/2021 5:04:27 AM" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type image/jpeg cache-control public, max-age=14400 accept-ranges bytes cf-ray 6d749863fa3090e6-FRA expires Wed, 02 Feb 2022 15:53:57 GMT
GET H2	200	NC_MM-logo.jpg.aspx www.megamillions.com/getmedia/3122e9bd-0cc6-4b67-a710-e46d5a1b4b61/	8 KB 8 KB	485ms 485ms	Image image/jpeg	2606:4700:10::ac43:188d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.megamillions.com/getmedia/3122e9bd-0cc6-4b67-a710-e46d5a1b4b61/NC_MM-logo.jpg.aspx?ext=.jpg&width=220 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash c7d53d7d225e41904706c8082f916e95e4e48f216e9734cdcc733e2e577f6d13 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:57 GMT vary Accept-Encoding cf-cache-status EXPIRED x-aspnet-version 4.0.30319 x-powered-by ASP.NET content-disposition inline; filename="NC_MM-logo.jpg" content-length 8342 last-modified Mon, 31 Aug 2020 16:57:01 GMT server cloudflare etag "8/31/2020 4:57:01 PM" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type image/jpeg cache-control public, max-age=14400 accept-ranges bytes cf-ray 6d749863fa3690e6-FRA expires Wed, 02 Feb 2022 15:53:57 GMT
GET H2	200	MOLottery_Logo.jpg.aspx www.megamillions.com/getmedia/333e09a6-a875-410a-8a6d-af26c5bc947d/	10 KB 10 KB	493ms 493ms	Image image/jpeg	2606:4700:10::ac43:188d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.megamillions.com/getmedia/333e09a6-a875-410a-8a6d-af26c5bc947d/MOLottery_Logo.jpg.aspx?ext=.jpg&width=220 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash f1a78e5cd385d1e4cb3ba302da4d392d38e34a9108c7f2cde85539a12aca201f Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:57 GMT vary Accept-Encoding cf-cache-status EXPIRED x-aspnet-version 4.0.30319 x-powered-by ASP.NET content-disposition inline; filename="MOLottery_Logo.jpg" content-length 10215 last-modified Sat, 13 Feb 2021 05:04:05 GMT server cloudflare etag "2/13/2021 5:04:05 AM" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type image/jpeg cache-control public, max-age=14400 accept-ranges bytes cf-ray 6d749863fa3990e6-FRA expires Wed, 02 Feb 2022 15:53:57 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame FDC3	13 KB 5 KB	8ms 7ms	Document text/html	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5046 x-content-type-options nosniff server sffe x-xss-protection 0 date Wed, 02 Feb 2022 15:45:13 GMT expires Thu, 02 Feb 2023 15:45:13 GMT cache-control public, max-age=31536000 last-modified Mon, 21 Jun 2021 20:47:05 GMT content-type text/html age 524 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 3464	783 B 533 B	32ms 16ms	Document text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash be1e5c2e4dfba9737143f1c1738b3ad5f192ad970ced90c23e572316442b2be1 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-w2isZ3fLShMn/2DCT+cpXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Wed, 02 Feb 2022 15:53:57 GMT date Wed, 02 Feb 2022 15:53:57 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-w2isZ3fLShMn/2DCT+cpXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 511 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	montserrat-v12-latin-700italic.woff2 www.megamillions.com/styles/fonts/	19 KB 19 KB	606ms 605ms	Font application/font-woff2	2606:4700:10::ac43:188d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.megamillions.com/styles/fonts/montserrat-v12-latin-700italic.woff2 Requested by Host: www.megamillions.com URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20190530 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:188d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 975707e0f84fdf7439284679f4ae53d7e244140753e5d1dbb50ddf9a30d1c1b8 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.megamillions.com/styles/css/stylesheet.min.css?v=20190530 Origin https://www.megamillions.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:57 GMT vary Accept-Encoding cf-cache-status EXPIRED last-modified Wed, 12 Dec 2018 00:10:00 GMT server cloudflare x-powered-by ASP.NET etag "0fc9b5af91d41:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/font-woff2 cache-control public, max-age=691200 accept-ranges bytes cf-ray 6d7498640a8190e6-FRA content-length 19384
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 3464	0 0	48ms 48ms	Image text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012701&jk=26906092787646&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H3	200	-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js Show response pagead2.googlesyndication.com/bg/ Frame FDC3	35 KB 13 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:49:21 GMT content-encoding br x-content-type-options nosniff age 276 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13701 x-xss-protection 0 last-modified Thu, 27 Jan 2022 13:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 02 Feb 2023 15:49:21 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame FDC3	0 9 B	7ms 7ms	Image text/plain	2a00:1450:4001:829::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?91eoxQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:53:57 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	200	CongstarFont.woff2 s0.2mdn.net/ads/richmedia/studio/45844501/ Frame E4DE	102 KB 102 KB	9ms 8ms	Font font/woff2	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/45844501/CongstarFont.woff2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7c310a100b2bb38cd97a6ed696abe3dd3556b707607d207a13b838cd89f73e78 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/4528516/2830187242865358/index.html Origin https://s0.2mdn.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:40:37 GMT x-content-type-options nosniff age 800 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 104232 x-xss-protection 0 last-modified Thu, 06 Oct 2016 14:32:08 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 02 Feb 2022 15:55:37 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	43ms 42ms	Image image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012701&jk=26906092787646&bg=!vr2lvfnNAAYZkRhwGZE7ACkAdvg8Wok9rwq-0MMOLXryBF7KmBSmlW0N3FATwm60IJUYtpJieBgFJAIAAABqUgAAAANoAQeZAqqd9otFX8vqDhQ8gl5sclrSxc7f3iuNkoFTSEDwVlmZ01QGSJM5fSv6s7ZcOoPZMzDazJAanTqNmaYitDG2ITdJ12qniXImfsSFN2dVPfoublLYiNnblTIQq3J8U3zQ0BLZ7uaidNlZlSIr7kmlvuS6jV4Hc6zatJIGy9tle1wiNG_YwFxSkCHHY-dPbWf_sRp8nGbgI9jkDuG1A9vnyU-LKseHsFk5Mj-YuIO1w4BwWOnWU4pqSDrf2ZWdiqQzg4gvu1b8-Jza8ug4wlgOugdPtFah5yqznFkaQ4twZ1fs1syi89DpTBD4RiafkxplM5tsE00wQB4N5ioPUWB7jVEGF26U1Fbx-AFNbzv1Ww4lGJDRFUkRSi4PLLSkpT8K2xLVbj57QUFjSOrcRn70BhDGL1rAbQXoM-OPHTz-V8hdsj4LsUREN-uISC260yQvc01yPeIbtY72Ne2eWZ9TDiHmm3jT7C7O046xCEPaFb7RdMEINC0pV2LH_fM6amUtdORcuMqdjz1wBGJ8BGH1-Ih5S7QBaYxGFBzzGept7ztEQNmlxHwJIxmJesjJKJZsajuMmj1h6_2Woy0Gf3VDb8WgPO_batK_QWX1ffjfDYGicaQbft37dnVzDTH9cqE022j2xXcFEju_VUdL99fzBA675Jo4CxXQGXINY3SxEkyyPC8Xc9q2hHCQubRpaJL42Wff7GSgGRYDi7ezfChDBu0FWUDFS9Hj55op-YRcdLqgiIBe5DX4KxeP6gUc4Zq7covwmStkhu5Lp6GQMTeMsqnqLnDgLyvyOv6RaFs5R_D8f7IEKE1FWtae2tovZncWvlQXP5q0XvQ9OzHDGjxrDL_7s-6Ip4iHERpn7Fr9LjhZh6TPcXUcDMkmu732YCBFiauDW_NIK7HfmW7f Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.megamillions.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 02 Feb 2022 15:53:57 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff s0.2mdn.net/creatives/assets/1881029/ Frame E4DE	57 KB 57 KB	8ms 8ms	Font font/woff	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/4528516/2830187242865358/index.html Origin https://s0.2mdn.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 02 Feb 2022 15:51:00 GMT x-content-type-options nosniff age 177 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 58447 x-xss-protection 0 last-modified Wed, 15 Feb 2017 10:23:50 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 02 Feb 2022 16:06:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 428E	42 B 64 B	44ms 43ms	Fetch image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsupHTqOh40Kik45yA6z0mywtQaPDww8ucHpL6w2kOCXgHWX2GKDi3OT30A3rulaVPEtXZYuTpa91HCfKCw3Z73e_fIJs-HwelDUAJ2UkFhIkTariaOzOw&sai=AMfl-YSmRG4TMbVuxJkw7XpO0w4i4-MIMx5vLi4TUWROloOKzICGGUiO5Y8S2zb-6K4EK6ipin56zwMuewvqjRiLYJ4NesT7p09bCrCuZbvp1KN1IoeObjrByAa8_08mxt9_&sig=Cg0ArKJSzPGyhso1zZa3EAE&cid=CAASFeRoYaaHbW4vkB_H3VGc-jia8hCAOA&id=lidar2&mcvt=1001&p=11,538,101,1266&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220131&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=537333458&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643817236181&rpt=267&isd=0&lsd=0&met=ce&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 02 Feb 2022 15:53:57 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame EAA0	42 B 64 B	43ms 43ms	Fetch image/gif	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuenO6b8_1fs-az_5P9BR_c0R2gArg4EK3_hZVWpbgQ9RrmLlTU2jw-29PrinlwYNVqTSgUDRMFFK2p2e0COlR5aJCgeOFecByXB9Pi&sai=AMfl-YQXqGhny1xPi1g1_CS1-3t85TsqmbjWC_0gEkNFcz7qONgK4wi1dewKSJTn08E3URHdoIE5SITGTiwh77EEwfE7xVT6ObnUwT81_lLysEPcoVJbkbKxyQy4J_FvUJWf&sig=Cg0ArKJSzAVMiJze_QfoEAE&cid=CAASFeRo98sIfChX6g-Npim-CVhxT1iVCQ&id=lidar2&mcvt=1000&p=576,1055,826,1355&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220131&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1420342407&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643817236183&rpt=364&isd=0&lsd=0&met=mue&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://aa02e126beb83aa2e9f818688a360dd9.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 02 Feb 2022 15:53:57 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	viewability Show response hal900023.redintelligence.net/ Frame 0BC9	0 150 B	33ms 11ms	Script text/html	78.46.23.46 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900023.redintelligence.net/viewability?s=57400400189202500710616011858023&a=e40b766a&vb=v Requested by Host: hal900023.redintelligence.net URL: https://hal900023.redintelligence.net/request_content.php?s=57400400189202500710616011858023&a=dbe57b68 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.46.23.46.78.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://hal900023.redintelligence.net/request_content.php?s=57400400189202500710616011858023&a=dbe57b68 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 02 Feb 2022 15:53:57 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8