urlscan.io logo urlscan.io
SecurityTrails logo

www.megamillions.com Open in urlscan Pro
2606:4700:10::6816:79d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.megamillions.com/
Effective URL: https://www.megamillions.com/
Submission: On August 24 via manual from LT — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 12 domains to perform 128 HTTP transactions. The main IP is 2606:4700:10::6816:79d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.megamillions.com. The Cisco Umbrella rank of the primary domain is 108832.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 23rd 2023. Valid for: a year.
This is the only time www.megamillions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:10::6816:69d (United States)

ASN13335 (CLOUDFLARENET, US)
www.megamillions.com
23    2606:4700:10::6816:79d (United States)

ASN13335 (CLOUDFLARENET, US)
www.megamillions.com
3    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
28    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
5    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
11    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
cm.g.doubleclick.net
8    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
6    185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
29    2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
42 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
409 KB
29 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 328
577 KB
24 megamillions.com
www.megamillions.com — Cisco Umbrella Rank: 108832
434 KB
20 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
cm.g.doubleclick.net — Cisco Umbrella Rank: 242
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371
222 KB
8 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 594
6 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 245
5 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
region1.google-analytics.com — Cisco Umbrella Rank: 2412
21 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 222
142 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
138 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1120
606 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 736
30 KB
128 12
Domain Requested by
29 s0.2mdn.net www.megamillions.com
s0.2mdn.net
28 pagead2.googlesyndication.com www.megamillions.com
pagead2.googlesyndication.com
5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
24 www.megamillions.com 1 redirects www.megamillions.com
code.jquery.com
11 tpc.googlesyndication.com 5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com
www.megamillions.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
8 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
8 cm.g.doubleclick.net 6 redirects googleads.g.doubleclick.net
6 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 googleads4.g.doubleclick.net www.megamillions.com
3 5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 www.googletagservices.com www.megamillions.com
5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com
2 www.googletagmanager.com www.megamillions.com
www.google-analytics.com
2 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
1 www.google.com tpc.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 code.jquery.com www.megamillions.com
128 18

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-23 -
2024-04-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh

This page contains 14 frames:

Primary Page: https://www.megamillions.com/
Frame ID: 7CA28F61B47587784A6134442A4BB55D
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230822/r20190131/zrt_lookup.html
Frame ID: 5AEC9C5748334C3D564641A6F1C15EA9
Requests: 1 HTTP requests in this frame

Frame: https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3E8C309A845F375C30C0CB10D97C2820
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1188353806003967&output=html&adk=1812271804&adf=3025194257&lmt=1692875805&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fwww.megamillions.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692883005333&bpp=4&bdt=926&idt=240&shv=r20230822&mjsv=m202308210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3399897240401&frm=20&pv=2&ga_vid=446175190.1692883005&ga_sid=1692883005&ga_hid=1050760212&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44798879%2C44759842%2C44759875%2C44759926%2C44800952&oid=2&pvsid=3813217123592618&tmod=347907357&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=282
Frame ID: 6655BECD1183B15083C924BBC2B1F694
Requests: 1 HTTP requests in this frame

Frame: https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BB9C553A0C51DDA25AEC4DFB1AE3A021
Requests: 19 HTTP requests in this frame

Frame: https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F472B9B92AB4EFD2D4C847B3292EB0BE
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNWMPtqhJPblkkDwuJYV4ASg_QDrKtJrkgGMxgxwG0joxaeWpgb0YYz1AJYXtAvAoAZ__Dm4BcJ4-lupRaKZsZ2GUKeTIP19XrnIna1DjILekIsatZz0QWjlwOWBUtyDCUijq0H55v1V9A4w7eP7a207XlqKO115eDXSWXhMRpGfUxqzKMs
Frame ID: E652D36CAF336DD409B2BE60F5FD55E8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNUzApk25NuOcCT7CieHZZ4EPyX1hYjmjA0aM3qWdJU7QNBe1qwQG4ZTwAyvhJeDBpizbTFxf6Y8jZVZTf9Psb6yS7oOuvs-JbEVetU21Bn5lp_sJHCtbt5y9LCPu5tTPHtNdI-9v3WOAMZ0axmr8U08envZOnNCqb9ma_FwST80KZnPVKg
Frame ID: 00698469E5086E6EF976BC0BCEE53C81
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
Frame ID: 35540A2EDB954EAE85EB26C9727A95B7
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 90225CBDA5AFA820B6E5C16F1AF56878
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0B2586ECD9F4DC85998A94CAB7735706
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
Frame ID: 75ED27FD474C1AE5B4FD40178E275158
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CBE296DF22A76813098BCFFA0894145E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C683ED464D4663394E53205E42DD0CD5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mega Millions

Page URL History Show full URLs

  1. http://www.megamillions.com/ HTTP 301
    https://www.megamillions.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

128
Requests

94 %
HTTPS

79 %
IPv6

12
Domains

18
Subdomains

19
IPs

4
Countries

1980 kB
Transfer

5785 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.megamillions.com/ HTTP 301
    https://www.megamillions.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAbLCf4-ZFTnfULrMy9p6l0&google_cver=1
Request Chain 51
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOdYPrkazmeDWyBlWMon2AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFhFumU6bm5hRBgKGfa43Es&google_cver=1
Request Chain 52
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEA9VE1EViv2APuv8MDNIuMo&google_cver=1
Request Chain 53
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc1MzU0MDI5NDE1MzQ2NjQ3NA%3D%3D
Request Chain 54
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFhFumU6bm5hRBgKGfa43Es&google_cver=1
Request Chain 55
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOdYPrkazmeDWyBlWMon2AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFhFumU6bm5hRBgKGfa43Es&google_cver=1
Request Chain 56
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEO-LLhPlT6CS7_TE1dEAQyU&google_cver=1
Request Chain 57
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc1MzU0MDI5NDE1MzQ2NjQ3NA%3D%3D

128 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.megamillions.com/
Redirect Chain
  • http://www.megamillions.com/
  • https://www.megamillions.com/
19 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
79438ed4cb30c559e5993165f188352b1bdddf6dfbc6a2bccdc63fec17e2aa5f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7fbbdf15fd201c1e-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 24 Aug 2023 13:16:44 GMT
expires
-1
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
x-ua-compatible
IE=Edge

Redirect headers

CF-RAY
7fbbdf151f9f1cab-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 24 Aug 2023 13:16:43 GMT
Expires
Thu, 24 Aug 2023 14:16:43 GMT
Location
https://www.megamillions.com/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
stylesheet.min.css
www.megamillions.com/styles/css/ 		185 KB
76 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ce4ee855ad838bb8e93c16e43e92408b52af633204be155f2bf0d4d02cd8d171
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:45 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Wed, 24 Aug 2022 18:05:27 GMT
server
cloudflare
etag
"80dc716e4b7d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7fbbdf19ab311c1e-FRA
content-length
77164
gpt.js
www.googletagservices.com/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
39192faec21dd2fb08406b2c31162421e80d25199c6178685b92bbd4538c300e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28738
x-xss-protection
0
server
cafe
etag
289 / 19593 / 31077272 / config-hash: 3424708419300321049
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 24 Aug 2023 13:16:44 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3e5e7d48e0f6f7021fd1dd11565576fa80fd27820b1ea437ed4f5d2610ac6b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50876
x-xss-protection
0
server
cafe
etag
14059777999354469900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 24 Aug 2023 13:16:45 GMT
WebResource.axd
www.megamillions.com/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/WebResource.axd?d=ZIQniEr9Mywq2t6w0aFkmfevBKkcSs_6bpPr1WgPVOUlKh-_KfHL6_GLwG_j5wygKHT2Io177gD_3d9wGGzhTAdNM801&t=638240199755514788
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:44 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 04 Jul 2023 02:26:15 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public
cf-ray
7fbbdf19ab351c1e-FRA
expires
Fri, 23 Aug 2024 11:28:03 GMT
ScriptResource.axd
www.megamillions.com/ 		100 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/ScriptResource.axd?d=brRkt1L0_30B7QS6tm7pqQt_F5EeFdvk5YVfxDqljjCdodU_QQ8Tb10b9vuvGEKsD3o792ejp_1xYU_sVqu1AvyRBofc8uLp8jFwNTZ2GKkJUSqDdlNQhtDsJVbuqA-m--yE_WD9ptrjC6d-6dIfL-gnr-E1&t=96346c8
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:44 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 24 Aug 2023 11:28:03 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public
cf-ray
7fbbdf19ab391c1e-FRA
content-length
25609
expires
Fri, 23 Aug 2024 11:28:03 GMT
ScriptResource.axd
www.megamillions.com/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/ScriptResource.axd?d=i6bzkVdG9d-PWMRGhCyhO_KGYvHpc647dfE4sb6HFu8IbYM5e_v3Np4HW-FaVLqMNyuVMWmbLM9gTkRyJQovHm5icSk4pkNqqfM_cWgtreN_AcKMH-xswtVFWKWtx_7aMra27TzZq2jjzpQq9ec6UEY1QiOs7zInnFE5PUnAcok_wx3d0&t=96346c8
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:44 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 24 Aug 2023 09:32:29 GMT
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public
cf-ray
7fbbdf19ab3a1c1e-FRA
content-length
9984
expires
Fri, 23 Aug 2024 09:32:29 GMT
logo_MM_233x110.png
www.megamillions.com/GLC-Megamillions/media/images/logos/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.megamillions.com/GLC-Megamillions/media/images/logos/logo_MM_233x110.png
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7c07f37793f58b1f6f7371465d9aa2a44a60f072658b3e320d63da269e098bd4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:45 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 12 Mar 2021 18:02:09 GMT
server
cloudflare
etag
"329b1cd26917d71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7fbbdf1de9eb1c1e-FRA
content-length
32071
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://www.megamillions.com/
Origin
https://www.megamillions.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:44 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1692883004.dop257.fr8.t,1692883004.cds343.fr8.hn,1692883004.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
scripts.min.js
www.megamillions.com/scripts/ 		1017 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/scripts/scripts.min.js?v=20220701
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ddd3f525a6f64abee80be8f8887a7840c3b0ae84c0f998061bd921aae32dd3e3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:45 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 01 Jul 2022 14:16:54 GMT
server
cloudflare
etag
"0cfe236558dd81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7fbbdf1de9ee1c1e-FRA
content-length
74205
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/ 		403 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/pubads_impl.js?cb=31077272
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
276c9e02c58a3c043348cb103438d3e09044b2698481197f84e123d487a1253c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 06:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
22938
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129841
x-xss-protection
0
server
cafe
etag
17107103858499901094
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 23 Aug 2024 06:54:27 GMT
gtm.js
www.googletagmanager.com/ 		159 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5G7656B
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
40306e4280da463798d4aa10abd0e01c930d9a78faa1d5934eeec293bb232b88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60688
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 24 Aug 2023 13:16:45 GMT
truncated
/ 		60 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
636cc1523f3c1d2b2c03edb0e47eacb4f597b91b773bc8b8be4c14fe2d4b8880

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
logo_MM_115x54.png
www.megamillions.com/GLC-Megamillions/media/images/logos/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.megamillions.com/GLC-Megamillions/media/images/logos/logo_MM_115x54.png
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
34cce832fafd4507ca484d1662ac1ff62f68a844f9adb362867c60688761238b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:45 GMT
cf-cache-status
EXPIRED
last-modified
Fri, 12 Mar 2021 18:02:05 GMT
server
cloudflare
etag
"5ed99acf6917d71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7fbbdf1df9ff1c1e-FRA
content-length
12493
montserrat-v12-latin-regular.woff2
www.megamillions.com/styles/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/styles/fonts/montserrat-v12-latin-regular.woff2
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin
https://www.megamillions.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:45 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 12 Dec 2018 00:10:00 GMT
server
cloudflare
etag
"0fc9b5af91d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7fbbdf1dfa091c1e-FRA
content-length
18684
montserrat-v12-latin-600.woff2
www.megamillions.com/styles/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/styles/fonts/montserrat-v12-latin-600.woff2
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
867222183f7b4fdace7636718acb18b75476fc82e388130e0c06d7ec1103273d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin
https://www.megamillions.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:45 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 12 Dec 2018 00:10:00 GMT
server
cloudflare
etag
"0fc9b5af91d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7fbbdf1dfa0e1c1e-FRA
content-length
18752
montserrat-v12-latin-700.woff2
www.megamillions.com/styles/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/styles/fonts/montserrat-v12-latin-700.woff2
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin
https://www.megamillions.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:45 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 12 Dec 2018 00:10:00 GMT
server
cloudflare
etag
"0fc9b5af91d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7fbbdf1dfa111c1e-FRA
content-length
18956
montserrat-v12-latin-900italic.woff2
www.megamillions.com/styles/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/styles/fonts/montserrat-v12-latin-900italic.woff2
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7c4dc0511bf663fdc5442fe187473916350a74a68341d87dbdd633c8d1cebd3f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin
https://www.megamillions.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:45 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 12 Dec 2018 00:10:00 GMT
server
cloudflare
etag
"0fc9b5af91d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7fbbdf1dfa151c1e-FRA
content-length
19104
montserrat-v12-latin-italic.woff2
www.megamillions.com/styles/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/styles/fonts/montserrat-v12-latin-italic.woff2
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a629a2424ad41d63e025ac8d0756268ddd76877ed1d4f3a7a24109f13047289a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin
https://www.megamillions.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:45 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 12 Dec 2018 00:10:00 GMT
server
cloudflare
etag
"0fc9b5af91d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7fbbdf1e0a181c1e-FRA
content-length
19164
montserrat-v12-latin-500.woff2
www.megamillions.com/styles/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/styles/fonts/montserrat-v12-latin-500.woff2
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin
https://www.megamillions.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:45 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 12 Dec 2018 00:10:00 GMT
server
cloudflare
etag
"0fc9b5af91d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7fbbdf1e0a1d1c1e-FRA
content-length
18728
montserrat-v12-latin-300.woff2
www.megamillions.com/styles/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/styles/fonts/montserrat-v12-latin-300.woff2
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ea23fa178c761c715a00c4ceaa9b93ed323da784a903df018a4fb04b10288ca3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin
https://www.megamillions.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:45 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 12 Dec 2018 00:10:00 GMT
server
cloudflare
etag
"0fc9b5af91d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7fbbdf1e0a251c1e-FRA
content-length
18444
Flaticon.woff
www.megamillions.com/styles/fonts/ 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/styles/fonts/Flaticon.woff
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
45f4c8f64c6bab2f4bf1c372bd075be57c67ff285ab0820ce4572f76a6968e1d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin
https://www.megamillions.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:45 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Thu, 01 Nov 2018 17:00:47 GMT
server
cloudflare
etag
W/"8091a6f472d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/font-woff
cache-control
public, max-age=691200
cf-ray
7fbbdf1e2a621c1e-FRA
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/ 		392 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1188353806003967&plah=www.megamillions.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f0f37f368e39a68841b91036c0e79f9074f5519ad9ed04ad9cb40a44121e4839
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134690
x-xss-protection
0
server
cafe
etag
8953953217086136637
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 24 Aug 2023 13:16:45 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230822/r20190131/ Frame 5AEC 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230822/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.megamillions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5613
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 11:43:12 GMT
etag
9878862242593084568
expires
Thu, 07 Sep 2023 11:43:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5G7656B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 24 Aug 2023 11:44:23 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5542
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 24 Aug 2023 13:44:23 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3813217123592618&correlator=4355934340795241&eid=31076399%2C31077254%2C31077255%2C31077272%2C31068366%2C31077190&output=ldjh&gdfp_req=1&vrg=202308210101&ptt=17&impl=fifs&iu_parts=21814838932%2Cmmcglc_homepage_728x90%2Cmmcglc_300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C300x250&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1692883005417&lmt=1692875805&adxs=538%2C1055&adys=26%2C591&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.megamillions.com%2F&vis=1&psz=1150x96%7C300x15&msz=837x0%7C300x0&fws=4%2C4&ohw=1150%2C1150&ga_vid=446175190.1692883005&ga_sid=1692883005&ga_hid=1050760212&ga_fc=false&dlt=1692883004407&idt=972&adks=537333458%2C1420342407&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/pubads_impl.js?cb=31077272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41b0be0e652dacd0fd7386c708b329372f307e685977b1962eaae12cc5dc1b80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:45 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13837
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.megamillions.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3E8C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/pubads_impl.js?cb=31077272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.megamillions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 13:16:45 GMT
expires
Fri, 23 Aug 2024 13:16:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		15 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1050760212&t=pageview&_s=1&dl=https%3A%2F%2Fwww.megamillions.com%2F&ul=en-us&de=UTF-8&dt=Mega%20Millions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAAABAAAAAC~&jid=263034751&gjid=1711389901&cid=446175190.1692883005&tid=UA-130954248-1&_gid=3503359.1692883006&_r=1&_slc=1&gtm=45He38l0n815G7656B&z=542826037
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e057509264c5a413f27383e5c2ee24564a3a0a335b6d411dd38cd9315072a411
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.megamillions.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.megamillions.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		399 B
606 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.megamillions.com&callback=_gfp_s_&client=ca-pub-1188353806003967
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1188353806003967&plah=www.megamillions.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
07032e8bcef81ac0a3314c1e91f2974d5895b60bd0f24b1925ca296c32a0463e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
254
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6655 		603 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1188353806003967&output=html&adk=1812271804&adf=3025194257&lmt=1692875805&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fwww.megamillions.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692883005333&bpp=4&bdt=926&idt=240&shv=r20230822&mjsv=m202308210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3399897240401&frm=20&pv=2&ga_vid=446175190.1692883005&ga_sid=1692883005&ga_hid=1050760212&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44798879%2C44759842%2C44759875%2C44759926%2C44800952&oid=2&pvsid=3813217123592618&tmod=347907357&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=282
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1188353806003967&plah=www.megamillions.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.megamillions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 13:16:45 GMT
expires
Thu, 24 Aug 2023 13:16:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		220 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LEMB5MVZDM&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
60a4c2adf55a446516ca71102322052818a2a63d618988021c5399140515baed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80594
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 24 Aug 2023 13:16:45 GMT
collect
region1.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LEMB5MVZDM&gtm=45je38l0&_p=1050760212&ul=en-us&sr=1600x1200&cid=446175190.1692883005&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.megamillions.com%2F&dt=Mega%20Millions&sid=1692883005&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEMB5MVZDM&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.megamillions.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BB9C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/pubads_impl.js?cb=31077272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.megamillions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 13:16:45 GMT
expires
Fri, 23 Aug 2024 13:16:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F472 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/pubads_impl.js?cb=31077272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.megamillions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 13:16:45 GMT
expires
Fri, 23 Aug 2024 13:16:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame E652 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNWMPtqhJPblkkDwuJYV4ASg_QDrKtJrkgGMxgxwG0joxaeWpgb0YYz1AJYXtAvAoAZ__Dm4BcJ4-lupRaKZsZ2GUKeTIP19XrnIna1DjILekIsatZz0QWjlwOWBUtyDCUijq0H55v1V9A4w7eP7a207XlqKO115eDXSWXhMRpGfUxqzKMs
Requested by
Host: 5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com
URL: https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 13:16:45 GMT
expires
Thu, 24 Aug 2023 13:16:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame BB9C 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com
URL: https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 24 Aug 2023 13:16:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BB9C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BLSuUMChIOBsKw4pXxOvDr2Et1iT0WiOzILLsChE2ME2hVf8D5nnJ0DBOEMvTtnim8m-dECmSFgF5R9HkC-DmX4jlJn4gBtO_pELsJw7tzHP6e6J0
Requested by
Host: 5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com
URL: https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BB9C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6622889146910777929&x=1&ct=76
Requested by
Host: 5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com
URL: https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame BB9C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com
URL: https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 12:55:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
1257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 12:55:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame BB9C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com
URL: https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 14:09:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
83240
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Sep 2023 14:09:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BB9C 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com
URL: https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57781
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692618714633496"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Aug 2023 13:16:45 GMT
GetLatestDrawData
www.megamillions.com/cmspages/utilservice.asmx/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/cmspages/utilservice.asmx/GetLatestDrawData
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8e5da3bbceb113a86469643352a53fc7e0174393cf50831faf6a24cd1202f318
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.megamillions.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 24 Aug 2023 13:16:46 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
cf-ray
7fbbdf233a291c1e-FRA
GetTopRandomWinners
www.megamillions.com/cmspages/utilservice.asmx/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/cmspages/utilservice.asmx/GetTopRandomWinners
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
76ecac9e305bdc4ee2f225e90a14df382164193882dbb70bb3cad88aca812180
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.megamillions.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 24 Aug 2023 13:16:46 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
cf-ray
7fbbdf233a2c1c1e-FRA
GetLotteryStateData
www.megamillions.com/CMSPages/UtilService.asmx/ 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/CMSPages/UtilService.asmx/GetLotteryStateData
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9abdc8e81f6991a8f0f31564e8713c0fba6b0779e8371cd3bfa40d520a04e616
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.megamillions.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Thu, 24 Aug 2023 13:16:46 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
cf-ray
7fbbdf233a2f1c1e-FRA
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0069 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNUzApk25NuOcCT7CieHZZ4EPyX1hYjmjA0aM3qWdJU7QNBe1qwQG4ZTwAyvhJeDBpizbTFxf6Y8jZVZTf9Psb6yS7oOuvs-JbEVetU21Bn5lp_sJHCtbt5y9LCPu5tTPHtNdI-9v3WOAMZ0axmr8U08envZOnNCqb9ma_FwST80KZnPVKg
Requested by
Host: 5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com
URL: https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 13:16:45 GMT
expires
Thu, 24 Aug 2023 13:16:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame F472 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com
URL: https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 24 Aug 2023 13:16:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F472 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AukgaOOeouQimHt_KDaBri6e0Zqw7dT_uSKbwXPCS9n7Xj5KYzNjs0j1Jg5i-GELogLzODUrnYkHvuyrzRUe4VBrzUNfljkZNm4ppmDYy90a0uUUU
Requested by
Host: 5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com
URL: https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F472 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9603294228702560910&x=1&ct=76
Requested by
Host: 5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com
URL: https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame F472 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/window_focus_fy2021.js
Requested by
Host: 5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com
URL: https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 12:55:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
1257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Sep 2023 12:55:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/ Frame F472 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com
URL: https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 14:09:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
83240
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Sep 2023 14:09:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F472 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com
URL: https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57781
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692618714633496"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Aug 2023 13:16:45 GMT
rum
dsum-sec.casalemedia.com/ Frame E652
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAbLCf4-ZFTnfULrMy9p6l0&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAbLCf4-ZFTnfULrMy9p6l0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNWMPtqhJPblkkDwuJYV4ASg_QDrKtJrkgGMxgxwG0joxaeWpgb0YYz1AJYXtAvAoAZ__Dm4BcJ4-lupRaKZsZ2GUKeTIP19XrnIna1DjILekIsatZz0QWjlwOWBUtyDCUijq0H55v1V9A4w7eP7a207XlqKO115eDXSWXhMRpGfUxqzKMs
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Aug 2023 13:16:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAbLCf4-ZFTnfULrMy9p6l0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E652
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOdYPrkazmeDWyBlWMon2AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFhFumU6bm5hRBgKGfa43Es&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFhFumU6bm5hRBgKGfa43Es&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNWMPtqhJPblkkDwuJYV4ASg_QDrKtJrkgGMxgxwG0joxaeWpgb0YYz1AJYXtAvAoAZ__Dm4BcJ4-lupRaKZsZ2GUKeTIP19XrnIna1DjILekIsatZz0QWjlwOWBUtyDCUijq0H55v1V9A4w7eP7a207XlqKO115eDXSWXhMRpGfUxqzKMs
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Aug 2023 13:16:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFhFumU6bm5hRBgKGfa43Es&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame E652
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEA9VE1EViv2APuv8MDNIuMo&google_cver=1
43 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEA9VE1EViv2APuv8MDNIuMo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNWMPtqhJPblkkDwuJYV4ASg_QDrKtJrkgGMxgxwG0joxaeWpgb0YYz1AJYXtAvAoAZ__Dm4BcJ4-lupRaKZsZ2GUKeTIP19XrnIna1DjILekIsatZz0QWjlwOWBUtyDCUijq0H55v1V9A4w7eP7a207XlqKO115eDXSWXhMRpGfUxqzKMs
Protocol
H2
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:46 GMT
an-x-request-uuid
aa1ba485-827e-4321-a98b-dbda769bc3bd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.101; 80.255.7.101; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEA9VE1EViv2APuv8MDNIuMo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E652
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc1MzU0MDI5NDE1MzQ2NjQ3NA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc1MzU0MDI5NDE1MzQ2NjQ3NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMY1eDDmAEwAQ&v=APEucNWMPtqhJPblkkDwuJYV4ASg_QDrKtJrkgGMxgxwG0joxaeWpgb0YYz1AJYXtAvAoAZ__Dm4BcJ4-lupRaKZsZ2GUKeTIP19XrnIna1DjILekIsatZz0QWjlwOWBUtyDCUijq0H55v1V9A4w7eP7a207XlqKO115eDXSWXhMRpGfUxqzKMs
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:46 GMT
an-x-request-uuid
264fc7c8-93de-40b3-bebd-d5dbe7b82e29
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc1MzU0MDI5NDE1MzQ2NjQ3NA%3D%3D
x-proxy-origin
80.255.7.101; 80.255.7.101; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0069
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFhFumU6bm5hRBgKGfa43Es&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFhFumU6bm5hRBgKGfa43Es&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNUzApk25NuOcCT7CieHZZ4EPyX1hYjmjA0aM3qWdJU7QNBe1qwQG4ZTwAyvhJeDBpizbTFxf6Y8jZVZTf9Psb6yS7oOuvs-JbEVetU21Bn5lp_sJHCtbt5y9LCPu5tTPHtNdI-9v3WOAMZ0axmr8U08envZOnNCqb9ma_FwST80KZnPVKg
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Aug 2023 13:16:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFhFumU6bm5hRBgKGfa43Es&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0069
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOdYPrkazmeDWyBlWMon2AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFhFumU6bm5hRBgKGfa43Es&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFhFumU6bm5hRBgKGfa43Es&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNUzApk25NuOcCT7CieHZZ4EPyX1hYjmjA0aM3qWdJU7QNBe1qwQG4ZTwAyvhJeDBpizbTFxf6Y8jZVZTf9Psb6yS7oOuvs-JbEVetU21Bn5lp_sJHCtbt5y9LCPu5tTPHtNdI-9v3WOAMZ0axmr8U08envZOnNCqb9ma_FwST80KZnPVKg
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 24 Aug 2023 13:16:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFhFumU6bm5hRBgKGfa43Es&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0069
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEO-LLhPlT6CS7_TE1dEAQyU&google_cver=1
43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEO-LLhPlT6CS7_TE1dEAQyU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNUzApk25NuOcCT7CieHZZ4EPyX1hYjmjA0aM3qWdJU7QNBe1qwQG4ZTwAyvhJeDBpizbTFxf6Y8jZVZTf9Psb6yS7oOuvs-JbEVetU21Bn5lp_sJHCtbt5y9LCPu5tTPHtNdI-9v3WOAMZ0axmr8U08envZOnNCqb9ma_FwST80KZnPVKg
Protocol
H2
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:46 GMT
an-x-request-uuid
635f94f2-239a-441d-abbf-172df8f73f03
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.101; 80.255.7.101; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEO-LLhPlT6CS7_TE1dEAQyU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0069
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc1MzU0MDI5NDE1MzQ2NjQ3NA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc1MzU0MDI5NDE1MzQ2NjQ3NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYteHDmAEwAQ&v=APEucNUzApk25NuOcCT7CieHZZ4EPyX1hYjmjA0aM3qWdJU7QNBe1qwQG4ZTwAyvhJeDBpizbTFxf6Y8jZVZTf9Psb6yS7oOuvs-JbEVetU21Bn5lp_sJHCtbt5y9LCPu5tTPHtNdI-9v3WOAMZ0axmr8U08envZOnNCqb9ma_FwST80KZnPVKg
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:46 GMT
an-x-request-uuid
8518cbf5-4630-4cca-b931-59a8bdf50807
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzc1MzU0MDI5NDE1MzQ2NjQ3NA%3D%3D
x-proxy-origin
80.255.7.101; 80.255.7.101; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BB9C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4346729723283&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BB9C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4346729723283&version=m202307240101&ct=76&x=1&cor=6622889146910778000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame BB9C 		89 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DQM0AQpyFRXQJ-tUKXgKM4xwAicURGWvWsA3_yld7erjgAtdr-1MSedQQbliktSZclJaz631lO3MAmkG95GdiYTEGldw&cry=1&dbm_d=AKAmf-Bv8teaLEBXHS9ZY8w0TaJ6meg5PdduoCPN76XXtOeDcMfUtYKfqt5roYSHeT1P2UTkY28pewDswvqSxG4ippzZ1s3PsqLsDVJesVyCxxxrdWkAbrqnGSGbtcwb5aVX3byRJlr-420m9TEmVKXHg53wghrQVZEUcvuWY_b5heOVnvq2jHrYeTi1JmEyPN85fzN2ASzu-bHcShVJXjVR053XOUo_w7XklrNWEX8gAve0-yU2TOYDo25RLKUNmdgPWhiSDrxBHZEO5KFVw3ja4VgaiAJXm0lUoI_dhfcEyBLVHW1F1yBQqSoCJtTPwJbek3k3rezZtQ5NL6znT7IWcT5L3ZEWjL7HpXOKYxnM7zYCbwFwPNoEcis7duP-q_4ApNojnTg394Z9ngFGxkr18pTQ6FZKPz8yLKZO0FWvlpvO7tBI8OiOQ60S9joSN55f4aC87OYR1du9JIf4Fh8mUvV5AaBfFo1cAhCLCOongrGicvSQvEbYAo5U-LKGCuN58JpdkHYBxi4vBQ8S4orAch2yZiF1eqzTrrwgUExiYGWuMkBx6PAIGW9mqehia4MyNik1xRo-pJ2WxZF6Ik9IP0M9m_YNoe5DPQNG_cooJ1EUU2_XSLCuuROLW05KWxn1OpP0MdIoeT-VpfYrNdb-RUtfuSj_mUp8ibTxnGyy_0ANn-go-T7fFGSdUNqzXuAslV_7DSiRYIb2YZEnVjzRvT4XdC0u1UJDiXIJiXkJstx_WBzp2MV4uHKEJ0Z8iOqbNCSxUCbAWGd7P2l4FpCTssa4HbbQiD9eqe5yjN7P8DluLBpze4LCGT4VuleGf5sRQHnbwCytSFR2I6MfKbuoerD2NwsIvjemCXjLvFj1qvQ2BWc0nclARjQPJFIId3wtMBLEm98lMSEYMEeg8Q9hS6I1bNyyX39S5Sf2cqiEK5LxtqhXqXYuwgdXQLg33OyZySesuifQSbIWVjpFbDjlm3G5L7sYmuftt9_bAtli1xb7ChtJUEOiYjrW6s0V8Mz1Z-PufWQnsq1_05FIKbiB1MzoP8RFOEoBLAqhqFrJqg9OKbfMir-Y8J1bgWl7Q_UHmtcsvmHGV5rwx-VGRm0J-wm_X35Cy1Oyq-4WScofacLT1BJZN4iA_benZAab48nJjIw09VHlNUTsDRnyeV0GESgFVVumqWRN36JdGVqeZqodGQDjN5QiH_DVbwZ6rNeSCQPjL-k23fiMHJBca8rwPmrngcQvUHrFPkXUWysh62AcI-f5rPlx4Lu0kqONulNEgcU0bVIHWsfeZRNUNvXx2x4fYuLuE5TuU4ixewmKxsW1kNF88CHRBc4EK0nd66Jx4qJHw8lqgfHOaitIMinKlsRoVe6RSGUL-cRuwe959krgQnFGfxq8rWFZ67PSAxuKOiuDBBTEMIie6H4cV3E3WVrcvu4IaVkdsxMpbYtoh2o35UJlzmqtfE9Xd4uJnQClayB3Lo-tWOiWCb7UtPR40nYU8tkPePN31hHo9vTQtUO_Z0S1_GWBeauFtq5MMYIvDKTRKeGY_JkRbqZaK2TqVy3RmTR-9G8roZBBYKzXDedAXX7L4yZdNqC1nZz2WyLJWXxP5H3M6WJBU6MsYOMf2P3ZsiAb_7aTgl_GJ1rhYyd_HZHPZc1nMmuPBV3aCZQTGajBa9hI0Fhz41HEyFymJirSck-ZbkbpQvF2Uk0GQZsFMPjDfidmTBvMfDHys1Tjai4nDpfrRd3gEiNEEzE48sbFME7zfLBTEv4z90qDYk49iCNhlCW91EA7nzh9TiqjJL3m3ZhUWzKggAy5X0XxoIIuzuOV3doVNDT0m9LodmsbxzJa9aun4n24ypuHWAueKrJRisKkjY6KUuMhA8EJn-lXjJQk-6vQpEENkofIRqp19RHtiwHzfEtPsI2KbbUP4KLdDuTpClpbJERdr5enc1fRBOp8rmuq26ZkrTP6AQoFI8yNkEr1GZfE5MbTATFSObK9f20EonFZHwVdsPlj9tyh5-3iRuamM9wc6RGo5tPGErEUOaSKME5dGzpXP889Pyhk3HGPrr62cyU_8UhOXgujUfsd-EdnPGqoJu1JDG-wd4zei5BRHf--PfvsKX7XW0BJcureOiUxQjblREm5lqjFg3VerKfYqPTS1mCzuiJEFq_fMd2tYL99MjKhJqdHAbJ7lIVw7d3ueVK6kOgvTbvLC83Iiz80r98vxzZ1swIa4mPscvpesuFU4NGPVFt22QIThhLP2rq6Mls_H7XhwPS6X8AQr6SPI_Qhwi0FLAOCQBxVyLt0fUT_6Gy-Tw72FE1d3hfwiye2Rk7BK6i9Ii_O4-Wi3oNrcueVV_vb3ggIDbinPoZgoKDMGPbbPQNzjGUr1COzB4M0wVai4xlsKgkvoR6-oOvi1fFQxb9nkw8IxH3ny9OjvTEoJV_ep7iuSt4jheH2heHjT6tqeZe6npuoO6VEEcRmJFumcO-aymY8UXfCmCdchzYfJmaSF1I8DyoLDPRPOCLDctmc8BcUNLVK8If0-NJrukrxqRIZEUvnL5t_frC3NYLZ4MJZ8MxALqeeMkzp2UL2MWZ51HwqqXwxUIRfrMGa_aCrMaFYtMQ5t6niebsBPsos4e9hk-JcB55SHijozS6p60i5jbiyiltOpgCdHFaWigbpMSUuzVhVkwQxYaiN0-sxznIKRtgq3BCFacHYm2H3dXCPCXi2BsLfMeF0sT48DR5Fp9wYERExFsOgFhSCFWb3pqP48gHE3S9aWXnVVM27_sm4IsDkfgvAXBzlsmtJxZWwTfxhH1cFztcQoFADOi0_4k0W-zLWfsPz91NiJ4iz8L0xMjcg6eo1y-DovHfnreRv2bhd8nXjJHp_UJK9nEHTfKbnUwFuIahJt-6-N9y-Yudh9e--7i_73PLXYrHEhLBLSiuHLLWXvKaw19N_RNEhMQaf0f9SYrB0Zki__2Inv0aMu-ZW85C7b3XnKWqiiH9Y-52j1zeoetKUskMAeUmKqIf-YVYUXlow18JxNIBktkTvSecWA9WYkjatuwqmkacOM2EunJSekkGHnPRVbUmM59S3LYqD71KhU6jDZ-sfApY_h-TaOxksJzX6ss1H0_imD_o2f04uXQnQ5oVVoANsghTcBtYcAmt7V_1g1kZv7oIniiYUR0i0wMLSHxZ72ZeLVZJfcchZ8aktFjC2OZA0el-dy0VheJsucTDc7g81MTGZ6nmw4SJO033Bfn3xnTT-K0Gm92PBam2g1So9M35YNCDBGLV3IyHjoshpNY5kdrCR9U1yNo3FdtmzwNDQhIl0mzSpSkXT0gq8cqIDBnDvdFMamL_xMd-u3rptw0eXtAMwq3gOIiQ4T4xPa84UI7RHrZh8ENosPBWjeTK71wxWAZ8noOi4_qesTmeFyghUID3vc5T0Tct3uUDTQNxKlG4aylu6pnqSgPw_ptL5oveZWuA2l6Pc9udMvktiBOCKismEF47aQ_5X9hsNRPH5ORqL-0RR2v4zVlTUpHjZ-5DPybDTmlD9fQD1VutQDvGLBxvxsyWnnJHF7GT78g&cid=CAQSSwBpAlJWrE32G1EmeKAszzLMg2bM2VH9ZuIeJOLAsDS2fI5EQ-X06U1rgfF-FgQsxdlDO58TEivLE5vmdSD_xCWjgyEMGMgQb9bucxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.megamillions.com%2F&ds=l&xdt=1&iif=1&cor=6622889146910778000&adk=250412560&idt=139&cac=0&dtd=26
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa0f4b30121109e897514069b80d0c25e3c5cd9a070680034bdd9626e1de6c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37891
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F472 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6520543005100&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F472 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6520543005100&version=m202307240101&ct=76&x=1&cor=9603294228702560000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F472 		90 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B36AianWSZqa_ZtOajoPYcBC3Dm0ZuOYowCZ-kr545rw48J-NwOa0-QRFeNpe-HHflwve3bwjrg0ySI9A77jc-XpKJjg&cry=1&dbm_d=AKAmf-AfvqPiizyeKvKfpl2_GvKiUfJKELs9Hv958IwUVWgH2HCW10qsiIUHMe2SCpgoW-ugPTq0Bz2DO8qK44NNxlKWoCQ7e7Mqo8bAQVFPmfWDBwmDyme47w4YJWHPaBqtsrAPDVooJpyb7wPUE39iQrQ2XkksXEijkJg5vCe40m2YJScOi3IFoPXWd2xjvl5AfltqQcuVOateOb_xBeoer1Ge5BzUuWix72g-ewshUldftAXg8q49FU1WCHesAQYQT2-vvXq2MQfssZ2z3npO8fEXBRahcUN-ODmWHGSSrxpNULYbaVMyVQV6Rhud3Q2dVU924eJ6megB2YtyJ7rl8Mlt6wVIENjh58sFy8dl5HOhCpPFEGduU0eYw1EKkCCAaR3nPKd61wNa6gfdPnE6FNEy5nYKl5mbwHJY9VPQ-lffXCsQu9HbFyKxObPeCdHrnBjhA9M0biPijJzaL9O1Gsoch8zJq-_4G6cyQyH8G-QUGJWJb3MShUXT_yY18cLEsg0Hd5nvqE6diG9ZPefqYj2Vd2Vl8aZp5u00l_DWoV9TtWc571QDw2diQe8f5rbFRVKMaLTT_Jq09AOFM7kvBEWVGHwQ8uASwrknI2VIAkdYtmf26cO-5j-tuH_P2mRB8axmeLDEKz4STK7cMIrTsEO60eGb2SZjDkTRIWlFwP4T9EhHh8Vljwu-NFFuX6gQo0vx_TCu6e1DYa_1PehZ4U5IuB9eflPpFveA37T_IhtgtnzOLE-xYW6VmMPoN2v5WlziXh0K166DGuQgPuNRBcSX0V_xD-krSaJOOnNpperpP2A2LF6mM5NW2x404DSHF41pIGIfAtMd-HnscoN-ufhKu4hV0sglIhtLj18UaaKcmyiO8ePxTdqIqa9HwTK_8XNm20AK8xCrmZWLaKhIA3EM5rdqRgbXz5H7dnzmAyhUzj06bfA500Vz8xTqFa7dSTUC45BwRmpbk4R7UMUOxhMHkGn9FYEsOeyxGc-HD-_cbqOLdf5eUa9gWqQvy5B7bZa2Wf7xQpCTj9N_IUg5e2zoj4I04Jsd0XOQkhIjQMBntIJwOduuFoCTlmxkxAyQfOPiGf4alZFoKzSZj4DZWDtdeaL5sSNThCH5QoHX4YuEwte2J7zTvBwckt0RAO32Vmw1hpT2r28qVzkmzQcpKCYtHQtsvfOoHNdoy9dcg9vTCfjHljACMUpCdd0YvYBgaTOtoAICAh2lveoMp6Oz3sSXvCs9YJCcMbEtwlny_yPlceMlxIyYNRuv4KsseqFsxn52GC6UUbdhFImH6_HrXK-jpmrGVNphnJcgInvaHn6PDhqWS_Q_ux5pVpNKV_fa0CFEn_wgCKGIL7kmD-jAPaH1ZuE-WpXegq_cS0_n5DmCoGYcGlcBAUL42UI6Pl2F3HzKgImcH8pRzybOGooYAkJI72ZK-mP55NmakYzj6HtsXchRnhoZFJHjzhtpH-Af_xdEr8MkBzrXYAJfy2ZWJ-tCba9VDeIPEPkTkKku3Y_c2H4oU_JSSkIHfiIKsf1HQzJieQbb2Ey54Lt2RKnj-4doO8-XIjAstcx8rfoPwRpd5nD5aQqvTr2CZsXbumtF5bZCs9Q9F99rwDczB1JpE_NZ79u8HuSlKEFMXGO-eXHerKrP8dO5IYc68TgYVH5TiC_JKs1KTiYGNhY7qfEgwVUzs8hmzGtKZKxJ23Wk4TlmJos1YI_enAYSn6zJQnMtccN-qbAKp7D3QKaYVuaKrxaSyomiRb2FPsHIIDzb42pcEGSl84-Ut1KJSDAki4GmD5Tphzvk8mdKpFCEnqx9gE2TI2eBrpPQzuQYdwHAvg7ck0YZOnjDYbIIGSPpOdlP7wnQKr8y4RKNQa1f9a9bndkcKNaXqrbPe4z_RPe9rL9he9pPXea3XIArEjnKJwLoYzl5ebzFjgXC7_gXfwAXoX8LmoFeqN0N2i79c58RPQUBm50kpt0ylm2a0Q3ntEDm2u8co8llIyCSw-82De4p8saM5N9-O59astNx38AnG_jKg0o77CeMJVvvTddOwffOr-ZTyqL-AYaK-TPQ8XLzn6b2llwlruOWtYp1o4SJEJbMIjc-tGo5w7FYfqCziC6iuRId2744mr6V0UFxDilkqJ8BxfyrgbobvisXjGSBPKgDscvCQDlrVF41PUgEPrtavDmOvnBxlX1L5MXmd-WqLLUEWHUx1V0DcKmYpKXfkkXiGVpKLpRWF5OangKM98NZljzydDpNIS_rh7B16xMgTxbt0CTCbxUoxIAQAE5ogm_p-3uvVNPr2RkXBUOVuCwRMlbg5aKcjcpZlabpXSZPKPrQdn3hNmYki2IO3CPScWtTIXVKGfKv5brDQ6MZsXzrEU6SpZ081jybKw7P7x4IJ5RueMoHKTA7ynpOVigONwU_n5IR-VFpm04dDCrRKpGIaszSg4Uv-r3tPLIKEwMEqMjd-bgSKX9lYxIXC3G8Xe-GumLpqKP6ySAm1H44kcXewG5yKlYS7tle2-neLH86robV0COnqBGqbBadunMqMFaSuo_tZsdpZ1l9FI-fvQacHzkK0AnuJHd_msj1BclhWhNdErPX_-e8286OQsnlzirBXUULSv9aoppXN0XqxLO43Fq7sTky8w3ByynFoTmMX9nL6eovgpnfpMWCHEZHZrFMe24nj9tvekCCAfLTGHIyQtCCYXtflGz-C9v9Sdej5JLestvsnMhtHOdDwrXDBkAxTgz5pHCdNSTzGS07DvWVW9HY0LMUyuD6JvPWa2K9l54j6_R21QfCrjNgwONha3YQ0njzbrAGwqjQ2Q_dRASHWJcbDDnATkzMJogmUpXQSGgH56ulcMLBq6JY_NM2bVt-UxmsjFGr205gOTZRuaxslilRowrjhkIrODpiDj98Y756xCeQ5QiGbZiqd3XRT62kCfze3TMQkkv1wGdskmkTA1IHz5nZLGlXBSkVptfVzqn5pWh6mDiJW8xpUfIstFaJ80YI64KZY-ecmtmp4aZiUhss7wB0kK_kMpnpdP_5iNsSm3--b5eLkdbY_Z_OzCPlJ5874ba9zotqtWt1-zGFJDQ6aVd-YLIcGzkamS7C41G5jrdbSv3wy5XfVQ6hvqdty7akYPaMSDvtmFlcVKDihfqBBOCHC94Ycj1yoyx8ll-oOoMKf1zFXNyr5uABwWhmK1ZRC6cOHo4fR2YHrIYxRmInvYKAZvaRtxaZRa5KJxf0dMAcqykuAKLYCklXidPavHxk4XSFNJ0lvbxETkQQ4_5iDeQx2Gk01bHgH-ym5tewzxgrRcjdsoM7ZHyyWUWG4JahViR_Eh3taqBD6dnpOsElbIP96X_hGJqheTYmNwKBShXHaJIxQENLodn95yoexyeEMvHyCjfhmtNu7MeFx4Iyk3bDHHIT9xBioYbRY6rYCIe_cb-2nCBZCZZhnvAFsEztk_FgspGP8ZKSWrRlhxs9Bt3aStjSiz_9Wp26M-hPijQsoSH2a-s_a46VxCXR-uG3j9q6t8nshpucI98RASt2C7MjD_HwETeIWUXolN374UfeK1WdZwPTKuab_6Kf4hoo2JQ&cid=CAQSSwBpAlJWrE32G1EmeKAszzLMg2bM2VH9ZuIeJOLAsDS2fI5EQ-X06U1rgfF-FgQsxdlDO58TEivLE5vmdSD_xCWjgyEMGMgQb9bucxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.megamillions.com%2F&ds=l&xdt=1&iif=1&cor=9603294228702560000&adk=1964084972&idt=195&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4d3857f716df845698c265d551ab31c0d95e9d987e557ffe540d01bbf627164
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38066
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame BB9C 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
Origin
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 18:51:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66345
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 24 Aug 2023 18:51:01 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230822/r20110914/elements/html/ Frame BB9C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230822/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DQM0AQpyFRXQJ-tUKXgKM4xwAicURGWvWsA3_yld7erjgAtdr-1MSedQQbliktSZclJaz631lO3MAmkG95GdiYTEGldw&cry=1&dbm_d=AKAmf-Bv8teaLEBXHS9ZY8w0TaJ6meg5PdduoCPN76XXtOeDcMfUtYKfqt5roYSHeT1P2UTkY28pewDswvqSxG4ippzZ1s3PsqLsDVJesVyCxxxrdWkAbrqnGSGbtcwb5aVX3byRJlr-420m9TEmVKXHg53wghrQVZEUcvuWY_b5heOVnvq2jHrYeTi1JmEyPN85fzN2ASzu-bHcShVJXjVR053XOUo_w7XklrNWEX8gAve0-yU2TOYDo25RLKUNmdgPWhiSDrxBHZEO5KFVw3ja4VgaiAJXm0lUoI_dhfcEyBLVHW1F1yBQqSoCJtTPwJbek3k3rezZtQ5NL6znT7IWcT5L3ZEWjL7HpXOKYxnM7zYCbwFwPNoEcis7duP-q_4ApNojnTg394Z9ngFGxkr18pTQ6FZKPz8yLKZO0FWvlpvO7tBI8OiOQ60S9joSN55f4aC87OYR1du9JIf4Fh8mUvV5AaBfFo1cAhCLCOongrGicvSQvEbYAo5U-LKGCuN58JpdkHYBxi4vBQ8S4orAch2yZiF1eqzTrrwgUExiYGWuMkBx6PAIGW9mqehia4MyNik1xRo-pJ2WxZF6Ik9IP0M9m_YNoe5DPQNG_cooJ1EUU2_XSLCuuROLW05KWxn1OpP0MdIoeT-VpfYrNdb-RUtfuSj_mUp8ibTxnGyy_0ANn-go-T7fFGSdUNqzXuAslV_7DSiRYIb2YZEnVjzRvT4XdC0u1UJDiXIJiXkJstx_WBzp2MV4uHKEJ0Z8iOqbNCSxUCbAWGd7P2l4FpCTssa4HbbQiD9eqe5yjN7P8DluLBpze4LCGT4VuleGf5sRQHnbwCytSFR2I6MfKbuoerD2NwsIvjemCXjLvFj1qvQ2BWc0nclARjQPJFIId3wtMBLEm98lMSEYMEeg8Q9hS6I1bNyyX39S5Sf2cqiEK5LxtqhXqXYuwgdXQLg33OyZySesuifQSbIWVjpFbDjlm3G5L7sYmuftt9_bAtli1xb7ChtJUEOiYjrW6s0V8Mz1Z-PufWQnsq1_05FIKbiB1MzoP8RFOEoBLAqhqFrJqg9OKbfMir-Y8J1bgWl7Q_UHmtcsvmHGV5rwx-VGRm0J-wm_X35Cy1Oyq-4WScofacLT1BJZN4iA_benZAab48nJjIw09VHlNUTsDRnyeV0GESgFVVumqWRN36JdGVqeZqodGQDjN5QiH_DVbwZ6rNeSCQPjL-k23fiMHJBca8rwPmrngcQvUHrFPkXUWysh62AcI-f5rPlx4Lu0kqONulNEgcU0bVIHWsfeZRNUNvXx2x4fYuLuE5TuU4ixewmKxsW1kNF88CHRBc4EK0nd66Jx4qJHw8lqgfHOaitIMinKlsRoVe6RSGUL-cRuwe959krgQnFGfxq8rWFZ67PSAxuKOiuDBBTEMIie6H4cV3E3WVrcvu4IaVkdsxMpbYtoh2o35UJlzmqtfE9Xd4uJnQClayB3Lo-tWOiWCb7UtPR40nYU8tkPePN31hHo9vTQtUO_Z0S1_GWBeauFtq5MMYIvDKTRKeGY_JkRbqZaK2TqVy3RmTR-9G8roZBBYKzXDedAXX7L4yZdNqC1nZz2WyLJWXxP5H3M6WJBU6MsYOMf2P3ZsiAb_7aTgl_GJ1rhYyd_HZHPZc1nMmuPBV3aCZQTGajBa9hI0Fhz41HEyFymJirSck-ZbkbpQvF2Uk0GQZsFMPjDfidmTBvMfDHys1Tjai4nDpfrRd3gEiNEEzE48sbFME7zfLBTEv4z90qDYk49iCNhlCW91EA7nzh9TiqjJL3m3ZhUWzKggAy5X0XxoIIuzuOV3doVNDT0m9LodmsbxzJa9aun4n24ypuHWAueKrJRisKkjY6KUuMhA8EJn-lXjJQk-6vQpEENkofIRqp19RHtiwHzfEtPsI2KbbUP4KLdDuTpClpbJERdr5enc1fRBOp8rmuq26ZkrTP6AQoFI8yNkEr1GZfE5MbTATFSObK9f20EonFZHwVdsPlj9tyh5-3iRuamM9wc6RGo5tPGErEUOaSKME5dGzpXP889Pyhk3HGPrr62cyU_8UhOXgujUfsd-EdnPGqoJu1JDG-wd4zei5BRHf--PfvsKX7XW0BJcureOiUxQjblREm5lqjFg3VerKfYqPTS1mCzuiJEFq_fMd2tYL99MjKhJqdHAbJ7lIVw7d3ueVK6kOgvTbvLC83Iiz80r98vxzZ1swIa4mPscvpesuFU4NGPVFt22QIThhLP2rq6Mls_H7XhwPS6X8AQr6SPI_Qhwi0FLAOCQBxVyLt0fUT_6Gy-Tw72FE1d3hfwiye2Rk7BK6i9Ii_O4-Wi3oNrcueVV_vb3ggIDbinPoZgoKDMGPbbPQNzjGUr1COzB4M0wVai4xlsKgkvoR6-oOvi1fFQxb9nkw8IxH3ny9OjvTEoJV_ep7iuSt4jheH2heHjT6tqeZe6npuoO6VEEcRmJFumcO-aymY8UXfCmCdchzYfJmaSF1I8DyoLDPRPOCLDctmc8BcUNLVK8If0-NJrukrxqRIZEUvnL5t_frC3NYLZ4MJZ8MxALqeeMkzp2UL2MWZ51HwqqXwxUIRfrMGa_aCrMaFYtMQ5t6niebsBPsos4e9hk-JcB55SHijozS6p60i5jbiyiltOpgCdHFaWigbpMSUuzVhVkwQxYaiN0-sxznIKRtgq3BCFacHYm2H3dXCPCXi2BsLfMeF0sT48DR5Fp9wYERExFsOgFhSCFWb3pqP48gHE3S9aWXnVVM27_sm4IsDkfgvAXBzlsmtJxZWwTfxhH1cFztcQoFADOi0_4k0W-zLWfsPz91NiJ4iz8L0xMjcg6eo1y-DovHfnreRv2bhd8nXjJHp_UJK9nEHTfKbnUwFuIahJt-6-N9y-Yudh9e--7i_73PLXYrHEhLBLSiuHLLWXvKaw19N_RNEhMQaf0f9SYrB0Zki__2Inv0aMu-ZW85C7b3XnKWqiiH9Y-52j1zeoetKUskMAeUmKqIf-YVYUXlow18JxNIBktkTvSecWA9WYkjatuwqmkacOM2EunJSekkGHnPRVbUmM59S3LYqD71KhU6jDZ-sfApY_h-TaOxksJzX6ss1H0_imD_o2f04uXQnQ5oVVoANsghTcBtYcAmt7V_1g1kZv7oIniiYUR0i0wMLSHxZ72ZeLVZJfcchZ8aktFjC2OZA0el-dy0VheJsucTDc7g81MTGZ6nmw4SJO033Bfn3xnTT-K0Gm92PBam2g1So9M35YNCDBGLV3IyHjoshpNY5kdrCR9U1yNo3FdtmzwNDQhIl0mzSpSkXT0gq8cqIDBnDvdFMamL_xMd-u3rptw0eXtAMwq3gOIiQ4T4xPa84UI7RHrZh8ENosPBWjeTK71wxWAZ8noOi4_qesTmeFyghUID3vc5T0Tct3uUDTQNxKlG4aylu6pnqSgPw_ptL5oveZWuA2l6Pc9udMvktiBOCKismEF47aQ_5X9hsNRPH5ORqL-0RR2v4zVlTUpHjZ-5DPybDTmlD9fQD1VutQDvGLBxvxsyWnnJHF7GT78g&cid=CAQSSwBpAlJWrE32G1EmeKAszzLMg2bM2VH9ZuIeJOLAsDS2fI5EQ-X06U1rgfF-FgQsxdlDO58TEivLE5vmdSD_xCWjgyEMGMgQb9bucxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.megamillions.com%2F&ds=l&xdt=1&iif=1&cor=6622889146910778000&adk=250412560&idt=139&cac=0&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 14:10:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
83153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Sep 2023 14:10:53 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230822/r20110914/ Frame BB9C 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230822/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DQM0AQpyFRXQJ-tUKXgKM4xwAicURGWvWsA3_yld7erjgAtdr-1MSedQQbliktSZclJaz631lO3MAmkG95GdiYTEGldw&cry=1&dbm_d=AKAmf-Bv8teaLEBXHS9ZY8w0TaJ6meg5PdduoCPN76XXtOeDcMfUtYKfqt5roYSHeT1P2UTkY28pewDswvqSxG4ippzZ1s3PsqLsDVJesVyCxxxrdWkAbrqnGSGbtcwb5aVX3byRJlr-420m9TEmVKXHg53wghrQVZEUcvuWY_b5heOVnvq2jHrYeTi1JmEyPN85fzN2ASzu-bHcShVJXjVR053XOUo_w7XklrNWEX8gAve0-yU2TOYDo25RLKUNmdgPWhiSDrxBHZEO5KFVw3ja4VgaiAJXm0lUoI_dhfcEyBLVHW1F1yBQqSoCJtTPwJbek3k3rezZtQ5NL6znT7IWcT5L3ZEWjL7HpXOKYxnM7zYCbwFwPNoEcis7duP-q_4ApNojnTg394Z9ngFGxkr18pTQ6FZKPz8yLKZO0FWvlpvO7tBI8OiOQ60S9joSN55f4aC87OYR1du9JIf4Fh8mUvV5AaBfFo1cAhCLCOongrGicvSQvEbYAo5U-LKGCuN58JpdkHYBxi4vBQ8S4orAch2yZiF1eqzTrrwgUExiYGWuMkBx6PAIGW9mqehia4MyNik1xRo-pJ2WxZF6Ik9IP0M9m_YNoe5DPQNG_cooJ1EUU2_XSLCuuROLW05KWxn1OpP0MdIoeT-VpfYrNdb-RUtfuSj_mUp8ibTxnGyy_0ANn-go-T7fFGSdUNqzXuAslV_7DSiRYIb2YZEnVjzRvT4XdC0u1UJDiXIJiXkJstx_WBzp2MV4uHKEJ0Z8iOqbNCSxUCbAWGd7P2l4FpCTssa4HbbQiD9eqe5yjN7P8DluLBpze4LCGT4VuleGf5sRQHnbwCytSFR2I6MfKbuoerD2NwsIvjemCXjLvFj1qvQ2BWc0nclARjQPJFIId3wtMBLEm98lMSEYMEeg8Q9hS6I1bNyyX39S5Sf2cqiEK5LxtqhXqXYuwgdXQLg33OyZySesuifQSbIWVjpFbDjlm3G5L7sYmuftt9_bAtli1xb7ChtJUEOiYjrW6s0V8Mz1Z-PufWQnsq1_05FIKbiB1MzoP8RFOEoBLAqhqFrJqg9OKbfMir-Y8J1bgWl7Q_UHmtcsvmHGV5rwx-VGRm0J-wm_X35Cy1Oyq-4WScofacLT1BJZN4iA_benZAab48nJjIw09VHlNUTsDRnyeV0GESgFVVumqWRN36JdGVqeZqodGQDjN5QiH_DVbwZ6rNeSCQPjL-k23fiMHJBca8rwPmrngcQvUHrFPkXUWysh62AcI-f5rPlx4Lu0kqONulNEgcU0bVIHWsfeZRNUNvXx2x4fYuLuE5TuU4ixewmKxsW1kNF88CHRBc4EK0nd66Jx4qJHw8lqgfHOaitIMinKlsRoVe6RSGUL-cRuwe959krgQnFGfxq8rWFZ67PSAxuKOiuDBBTEMIie6H4cV3E3WVrcvu4IaVkdsxMpbYtoh2o35UJlzmqtfE9Xd4uJnQClayB3Lo-tWOiWCb7UtPR40nYU8tkPePN31hHo9vTQtUO_Z0S1_GWBeauFtq5MMYIvDKTRKeGY_JkRbqZaK2TqVy3RmTR-9G8roZBBYKzXDedAXX7L4yZdNqC1nZz2WyLJWXxP5H3M6WJBU6MsYOMf2P3ZsiAb_7aTgl_GJ1rhYyd_HZHPZc1nMmuPBV3aCZQTGajBa9hI0Fhz41HEyFymJirSck-ZbkbpQvF2Uk0GQZsFMPjDfidmTBvMfDHys1Tjai4nDpfrRd3gEiNEEzE48sbFME7zfLBTEv4z90qDYk49iCNhlCW91EA7nzh9TiqjJL3m3ZhUWzKggAy5X0XxoIIuzuOV3doVNDT0m9LodmsbxzJa9aun4n24ypuHWAueKrJRisKkjY6KUuMhA8EJn-lXjJQk-6vQpEENkofIRqp19RHtiwHzfEtPsI2KbbUP4KLdDuTpClpbJERdr5enc1fRBOp8rmuq26ZkrTP6AQoFI8yNkEr1GZfE5MbTATFSObK9f20EonFZHwVdsPlj9tyh5-3iRuamM9wc6RGo5tPGErEUOaSKME5dGzpXP889Pyhk3HGPrr62cyU_8UhOXgujUfsd-EdnPGqoJu1JDG-wd4zei5BRHf--PfvsKX7XW0BJcureOiUxQjblREm5lqjFg3VerKfYqPTS1mCzuiJEFq_fMd2tYL99MjKhJqdHAbJ7lIVw7d3ueVK6kOgvTbvLC83Iiz80r98vxzZ1swIa4mPscvpesuFU4NGPVFt22QIThhLP2rq6Mls_H7XhwPS6X8AQr6SPI_Qhwi0FLAOCQBxVyLt0fUT_6Gy-Tw72FE1d3hfwiye2Rk7BK6i9Ii_O4-Wi3oNrcueVV_vb3ggIDbinPoZgoKDMGPbbPQNzjGUr1COzB4M0wVai4xlsKgkvoR6-oOvi1fFQxb9nkw8IxH3ny9OjvTEoJV_ep7iuSt4jheH2heHjT6tqeZe6npuoO6VEEcRmJFumcO-aymY8UXfCmCdchzYfJmaSF1I8DyoLDPRPOCLDctmc8BcUNLVK8If0-NJrukrxqRIZEUvnL5t_frC3NYLZ4MJZ8MxALqeeMkzp2UL2MWZ51HwqqXwxUIRfrMGa_aCrMaFYtMQ5t6niebsBPsos4e9hk-JcB55SHijozS6p60i5jbiyiltOpgCdHFaWigbpMSUuzVhVkwQxYaiN0-sxznIKRtgq3BCFacHYm2H3dXCPCXi2BsLfMeF0sT48DR5Fp9wYERExFsOgFhSCFWb3pqP48gHE3S9aWXnVVM27_sm4IsDkfgvAXBzlsmtJxZWwTfxhH1cFztcQoFADOi0_4k0W-zLWfsPz91NiJ4iz8L0xMjcg6eo1y-DovHfnreRv2bhd8nXjJHp_UJK9nEHTfKbnUwFuIahJt-6-N9y-Yudh9e--7i_73PLXYrHEhLBLSiuHLLWXvKaw19N_RNEhMQaf0f9SYrB0Zki__2Inv0aMu-ZW85C7b3XnKWqiiH9Y-52j1zeoetKUskMAeUmKqIf-YVYUXlow18JxNIBktkTvSecWA9WYkjatuwqmkacOM2EunJSekkGHnPRVbUmM59S3LYqD71KhU6jDZ-sfApY_h-TaOxksJzX6ss1H0_imD_o2f04uXQnQ5oVVoANsghTcBtYcAmt7V_1g1kZv7oIniiYUR0i0wMLSHxZ72ZeLVZJfcchZ8aktFjC2OZA0el-dy0VheJsucTDc7g81MTGZ6nmw4SJO033Bfn3xnTT-K0Gm92PBam2g1So9M35YNCDBGLV3IyHjoshpNY5kdrCR9U1yNo3FdtmzwNDQhIl0mzSpSkXT0gq8cqIDBnDvdFMamL_xMd-u3rptw0eXtAMwq3gOIiQ4T4xPa84UI7RHrZh8ENosPBWjeTK71wxWAZ8noOi4_qesTmeFyghUID3vc5T0Tct3uUDTQNxKlG4aylu6pnqSgPw_ptL5oveZWuA2l6Pc9udMvktiBOCKismEF47aQ_5X9hsNRPH5ORqL-0RR2v4zVlTUpHjZ-5DPybDTmlD9fQD1VutQDvGLBxvxsyWnnJHF7GT78g&cid=CAQSSwBpAlJWrE32G1EmeKAszzLMg2bM2VH9ZuIeJOLAsDS2fI5EQ-X06U1rgfF-FgQsxdlDO58TEivLE5vmdSD_xCWjgyEMGMgQb9bucxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.megamillions.com%2F&ds=l&xdt=1&iif=1&cor=6622889146910778000&adk=250412560&idt=139&cac=0&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 14:09:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
83245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11511
x-xss-protection
0
server
cafe
etag
961974302080011826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Sep 2023 14:09:21 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BB9C 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 20:05:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
61861
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Aug 2024 20:05:45 GMT
truncated
/ Frame BB9C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3af3fe1d9ee0f91fd52716ac75f12a6774346acdc1cbda6c9572b722ea60efe9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
MOLottery_Logo.jpg.aspx
www.megamillions.com/getmedia/333e09a6-a875-410a-8a6d-af26c5bc947d/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.megamillions.com/getmedia/333e09a6-a875-410a-8a6d-af26c5bc947d/MOLottery_Logo.jpg.aspx?ext=.jpg&width=220
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f1a78e5cd385d1e4cb3ba302da4d392d38e34a9108c7f2cde85539a12aca201f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:46 GMT
cf-cache-status
EXPIRED
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-disposition
inline; filename="MOLottery_Logo.jpg"
content-length
10215
last-modified
Sat, 13 Feb 2021 05:04:05 GMT
server
cloudflare
etag
"2/13/2021 5:04:05 AM"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7fbbdf25df791c1e-FRA
expires
Thu, 24 Aug 2023 13:16:45 GMT
OK-Logo.jpg.aspx
www.megamillions.com/getmedia/4436cd9c-0602-448b-9954-acaf0713ab53/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.megamillions.com/getmedia/4436cd9c-0602-448b-9954-acaf0713ab53/OK-Logo.jpg.aspx?ext=.jpg&width=220
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c0874c4dce1b1574e15e833e13cac204bb66cd4e93b92e346e33b0efacbf7fa9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:46 GMT
cf-cache-status
EXPIRED
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-disposition
inline; filename="OK-Logo.jpg"
content-length
6673
last-modified
Sat, 19 Aug 2023 04:06:23 GMT
server
cloudflare
etag
"8/19/2023 4:06:23 AM"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7fbbdf25df7a1c1e-FRA
expires
Thu, 24 Aug 2023 13:16:45 GMT
Eash_NE-winner.jpg.aspx
www.megamillions.com/getmedia/60aaf2d0-0076-4755-ad59-b381f22a6b4e/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.megamillions.com/getmedia/60aaf2d0-0076-4755-ad59-b381f22a6b4e/Eash_NE-winner.jpg.aspx?ext=.jpg&width=220
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3a745299b23a8fa5444f94a5cc5e7cdeb4f9cfeb201fec2cea2dc5fc39e3d153
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:46 GMT
cf-cache-status
EXPIRED
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-disposition
inline; filename="Eash_NE-winner.jpg"
content-length
11289
last-modified
Sat, 12 Aug 2023 03:16:47 GMT
server
cloudflare
etag
"8/12/2023 3:16:47 AM"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7fbbdf25df7c1c1e-FRA
expires
Thu, 24 Aug 2023 13:16:45 GMT
montserrat-v12-latin-700italic.woff2
www.megamillions.com/styles/fonts/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.megamillions.com/styles/fonts/montserrat-v12-latin-700italic.woff2
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:79d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
975707e0f84fdf7439284679f4ae53d7e244140753e5d1dbb50ddf9a30d1c1b8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.megamillions.com/styles/css/stylesheet.min.css?v=20220325
Origin
https://www.megamillions.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:46 GMT
cf-cache-status
EXPIRED
last-modified
Wed, 12 Dec 2018 00:10:00 GMT
server
cloudflare
etag
"0fc9b5af91d41:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7fbbdf25df7d1c1e-FRA
content-length
19384
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame F472 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
Origin
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 18:51:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66345
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 24 Aug 2023 18:51:01 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230822/r20110914/elements/html/ Frame F472 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230822/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B36AianWSZqa_ZtOajoPYcBC3Dm0ZuOYowCZ-kr545rw48J-NwOa0-QRFeNpe-HHflwve3bwjrg0ySI9A77jc-XpKJjg&cry=1&dbm_d=AKAmf-AfvqPiizyeKvKfpl2_GvKiUfJKELs9Hv958IwUVWgH2HCW10qsiIUHMe2SCpgoW-ugPTq0Bz2DO8qK44NNxlKWoCQ7e7Mqo8bAQVFPmfWDBwmDyme47w4YJWHPaBqtsrAPDVooJpyb7wPUE39iQrQ2XkksXEijkJg5vCe40m2YJScOi3IFoPXWd2xjvl5AfltqQcuVOateOb_xBeoer1Ge5BzUuWix72g-ewshUldftAXg8q49FU1WCHesAQYQT2-vvXq2MQfssZ2z3npO8fEXBRahcUN-ODmWHGSSrxpNULYbaVMyVQV6Rhud3Q2dVU924eJ6megB2YtyJ7rl8Mlt6wVIENjh58sFy8dl5HOhCpPFEGduU0eYw1EKkCCAaR3nPKd61wNa6gfdPnE6FNEy5nYKl5mbwHJY9VPQ-lffXCsQu9HbFyKxObPeCdHrnBjhA9M0biPijJzaL9O1Gsoch8zJq-_4G6cyQyH8G-QUGJWJb3MShUXT_yY18cLEsg0Hd5nvqE6diG9ZPefqYj2Vd2Vl8aZp5u00l_DWoV9TtWc571QDw2diQe8f5rbFRVKMaLTT_Jq09AOFM7kvBEWVGHwQ8uASwrknI2VIAkdYtmf26cO-5j-tuH_P2mRB8axmeLDEKz4STK7cMIrTsEO60eGb2SZjDkTRIWlFwP4T9EhHh8Vljwu-NFFuX6gQo0vx_TCu6e1DYa_1PehZ4U5IuB9eflPpFveA37T_IhtgtnzOLE-xYW6VmMPoN2v5WlziXh0K166DGuQgPuNRBcSX0V_xD-krSaJOOnNpperpP2A2LF6mM5NW2x404DSHF41pIGIfAtMd-HnscoN-ufhKu4hV0sglIhtLj18UaaKcmyiO8ePxTdqIqa9HwTK_8XNm20AK8xCrmZWLaKhIA3EM5rdqRgbXz5H7dnzmAyhUzj06bfA500Vz8xTqFa7dSTUC45BwRmpbk4R7UMUOxhMHkGn9FYEsOeyxGc-HD-_cbqOLdf5eUa9gWqQvy5B7bZa2Wf7xQpCTj9N_IUg5e2zoj4I04Jsd0XOQkhIjQMBntIJwOduuFoCTlmxkxAyQfOPiGf4alZFoKzSZj4DZWDtdeaL5sSNThCH5QoHX4YuEwte2J7zTvBwckt0RAO32Vmw1hpT2r28qVzkmzQcpKCYtHQtsvfOoHNdoy9dcg9vTCfjHljACMUpCdd0YvYBgaTOtoAICAh2lveoMp6Oz3sSXvCs9YJCcMbEtwlny_yPlceMlxIyYNRuv4KsseqFsxn52GC6UUbdhFImH6_HrXK-jpmrGVNphnJcgInvaHn6PDhqWS_Q_ux5pVpNKV_fa0CFEn_wgCKGIL7kmD-jAPaH1ZuE-WpXegq_cS0_n5DmCoGYcGlcBAUL42UI6Pl2F3HzKgImcH8pRzybOGooYAkJI72ZK-mP55NmakYzj6HtsXchRnhoZFJHjzhtpH-Af_xdEr8MkBzrXYAJfy2ZWJ-tCba9VDeIPEPkTkKku3Y_c2H4oU_JSSkIHfiIKsf1HQzJieQbb2Ey54Lt2RKnj-4doO8-XIjAstcx8rfoPwRpd5nD5aQqvTr2CZsXbumtF5bZCs9Q9F99rwDczB1JpE_NZ79u8HuSlKEFMXGO-eXHerKrP8dO5IYc68TgYVH5TiC_JKs1KTiYGNhY7qfEgwVUzs8hmzGtKZKxJ23Wk4TlmJos1YI_enAYSn6zJQnMtccN-qbAKp7D3QKaYVuaKrxaSyomiRb2FPsHIIDzb42pcEGSl84-Ut1KJSDAki4GmD5Tphzvk8mdKpFCEnqx9gE2TI2eBrpPQzuQYdwHAvg7ck0YZOnjDYbIIGSPpOdlP7wnQKr8y4RKNQa1f9a9bndkcKNaXqrbPe4z_RPe9rL9he9pPXea3XIArEjnKJwLoYzl5ebzFjgXC7_gXfwAXoX8LmoFeqN0N2i79c58RPQUBm50kpt0ylm2a0Q3ntEDm2u8co8llIyCSw-82De4p8saM5N9-O59astNx38AnG_jKg0o77CeMJVvvTddOwffOr-ZTyqL-AYaK-TPQ8XLzn6b2llwlruOWtYp1o4SJEJbMIjc-tGo5w7FYfqCziC6iuRId2744mr6V0UFxDilkqJ8BxfyrgbobvisXjGSBPKgDscvCQDlrVF41PUgEPrtavDmOvnBxlX1L5MXmd-WqLLUEWHUx1V0DcKmYpKXfkkXiGVpKLpRWF5OangKM98NZljzydDpNIS_rh7B16xMgTxbt0CTCbxUoxIAQAE5ogm_p-3uvVNPr2RkXBUOVuCwRMlbg5aKcjcpZlabpXSZPKPrQdn3hNmYki2IO3CPScWtTIXVKGfKv5brDQ6MZsXzrEU6SpZ081jybKw7P7x4IJ5RueMoHKTA7ynpOVigONwU_n5IR-VFpm04dDCrRKpGIaszSg4Uv-r3tPLIKEwMEqMjd-bgSKX9lYxIXC3G8Xe-GumLpqKP6ySAm1H44kcXewG5yKlYS7tle2-neLH86robV0COnqBGqbBadunMqMFaSuo_tZsdpZ1l9FI-fvQacHzkK0AnuJHd_msj1BclhWhNdErPX_-e8286OQsnlzirBXUULSv9aoppXN0XqxLO43Fq7sTky8w3ByynFoTmMX9nL6eovgpnfpMWCHEZHZrFMe24nj9tvekCCAfLTGHIyQtCCYXtflGz-C9v9Sdej5JLestvsnMhtHOdDwrXDBkAxTgz5pHCdNSTzGS07DvWVW9HY0LMUyuD6JvPWa2K9l54j6_R21QfCrjNgwONha3YQ0njzbrAGwqjQ2Q_dRASHWJcbDDnATkzMJogmUpXQSGgH56ulcMLBq6JY_NM2bVt-UxmsjFGr205gOTZRuaxslilRowrjhkIrODpiDj98Y756xCeQ5QiGbZiqd3XRT62kCfze3TMQkkv1wGdskmkTA1IHz5nZLGlXBSkVptfVzqn5pWh6mDiJW8xpUfIstFaJ80YI64KZY-ecmtmp4aZiUhss7wB0kK_kMpnpdP_5iNsSm3--b5eLkdbY_Z_OzCPlJ5874ba9zotqtWt1-zGFJDQ6aVd-YLIcGzkamS7C41G5jrdbSv3wy5XfVQ6hvqdty7akYPaMSDvtmFlcVKDihfqBBOCHC94Ycj1yoyx8ll-oOoMKf1zFXNyr5uABwWhmK1ZRC6cOHo4fR2YHrIYxRmInvYKAZvaRtxaZRa5KJxf0dMAcqykuAKLYCklXidPavHxk4XSFNJ0lvbxETkQQ4_5iDeQx2Gk01bHgH-ym5tewzxgrRcjdsoM7ZHyyWUWG4JahViR_Eh3taqBD6dnpOsElbIP96X_hGJqheTYmNwKBShXHaJIxQENLodn95yoexyeEMvHyCjfhmtNu7MeFx4Iyk3bDHHIT9xBioYbRY6rYCIe_cb-2nCBZCZZhnvAFsEztk_FgspGP8ZKSWrRlhxs9Bt3aStjSiz_9Wp26M-hPijQsoSH2a-s_a46VxCXR-uG3j9q6t8nshpucI98RASt2C7MjD_HwETeIWUXolN374UfeK1WdZwPTKuab_6Kf4hoo2JQ&cid=CAQSSwBpAlJWrE32G1EmeKAszzLMg2bM2VH9ZuIeJOLAsDS2fI5EQ-X06U1rgfF-FgQsxdlDO58TEivLE5vmdSD_xCWjgyEMGMgQb9bucxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.megamillions.com%2F&ds=l&xdt=1&iif=1&cor=9603294228702560000&adk=1964084972&idt=195&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 14:10:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
83153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Sep 2023 14:10:53 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230822/r20110914/ Frame F472 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230822/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B36AianWSZqa_ZtOajoPYcBC3Dm0ZuOYowCZ-kr545rw48J-NwOa0-QRFeNpe-HHflwve3bwjrg0ySI9A77jc-XpKJjg&cry=1&dbm_d=AKAmf-AfvqPiizyeKvKfpl2_GvKiUfJKELs9Hv958IwUVWgH2HCW10qsiIUHMe2SCpgoW-ugPTq0Bz2DO8qK44NNxlKWoCQ7e7Mqo8bAQVFPmfWDBwmDyme47w4YJWHPaBqtsrAPDVooJpyb7wPUE39iQrQ2XkksXEijkJg5vCe40m2YJScOi3IFoPXWd2xjvl5AfltqQcuVOateOb_xBeoer1Ge5BzUuWix72g-ewshUldftAXg8q49FU1WCHesAQYQT2-vvXq2MQfssZ2z3npO8fEXBRahcUN-ODmWHGSSrxpNULYbaVMyVQV6Rhud3Q2dVU924eJ6megB2YtyJ7rl8Mlt6wVIENjh58sFy8dl5HOhCpPFEGduU0eYw1EKkCCAaR3nPKd61wNa6gfdPnE6FNEy5nYKl5mbwHJY9VPQ-lffXCsQu9HbFyKxObPeCdHrnBjhA9M0biPijJzaL9O1Gsoch8zJq-_4G6cyQyH8G-QUGJWJb3MShUXT_yY18cLEsg0Hd5nvqE6diG9ZPefqYj2Vd2Vl8aZp5u00l_DWoV9TtWc571QDw2diQe8f5rbFRVKMaLTT_Jq09AOFM7kvBEWVGHwQ8uASwrknI2VIAkdYtmf26cO-5j-tuH_P2mRB8axmeLDEKz4STK7cMIrTsEO60eGb2SZjDkTRIWlFwP4T9EhHh8Vljwu-NFFuX6gQo0vx_TCu6e1DYa_1PehZ4U5IuB9eflPpFveA37T_IhtgtnzOLE-xYW6VmMPoN2v5WlziXh0K166DGuQgPuNRBcSX0V_xD-krSaJOOnNpperpP2A2LF6mM5NW2x404DSHF41pIGIfAtMd-HnscoN-ufhKu4hV0sglIhtLj18UaaKcmyiO8ePxTdqIqa9HwTK_8XNm20AK8xCrmZWLaKhIA3EM5rdqRgbXz5H7dnzmAyhUzj06bfA500Vz8xTqFa7dSTUC45BwRmpbk4R7UMUOxhMHkGn9FYEsOeyxGc-HD-_cbqOLdf5eUa9gWqQvy5B7bZa2Wf7xQpCTj9N_IUg5e2zoj4I04Jsd0XOQkhIjQMBntIJwOduuFoCTlmxkxAyQfOPiGf4alZFoKzSZj4DZWDtdeaL5sSNThCH5QoHX4YuEwte2J7zTvBwckt0RAO32Vmw1hpT2r28qVzkmzQcpKCYtHQtsvfOoHNdoy9dcg9vTCfjHljACMUpCdd0YvYBgaTOtoAICAh2lveoMp6Oz3sSXvCs9YJCcMbEtwlny_yPlceMlxIyYNRuv4KsseqFsxn52GC6UUbdhFImH6_HrXK-jpmrGVNphnJcgInvaHn6PDhqWS_Q_ux5pVpNKV_fa0CFEn_wgCKGIL7kmD-jAPaH1ZuE-WpXegq_cS0_n5DmCoGYcGlcBAUL42UI6Pl2F3HzKgImcH8pRzybOGooYAkJI72ZK-mP55NmakYzj6HtsXchRnhoZFJHjzhtpH-Af_xdEr8MkBzrXYAJfy2ZWJ-tCba9VDeIPEPkTkKku3Y_c2H4oU_JSSkIHfiIKsf1HQzJieQbb2Ey54Lt2RKnj-4doO8-XIjAstcx8rfoPwRpd5nD5aQqvTr2CZsXbumtF5bZCs9Q9F99rwDczB1JpE_NZ79u8HuSlKEFMXGO-eXHerKrP8dO5IYc68TgYVH5TiC_JKs1KTiYGNhY7qfEgwVUzs8hmzGtKZKxJ23Wk4TlmJos1YI_enAYSn6zJQnMtccN-qbAKp7D3QKaYVuaKrxaSyomiRb2FPsHIIDzb42pcEGSl84-Ut1KJSDAki4GmD5Tphzvk8mdKpFCEnqx9gE2TI2eBrpPQzuQYdwHAvg7ck0YZOnjDYbIIGSPpOdlP7wnQKr8y4RKNQa1f9a9bndkcKNaXqrbPe4z_RPe9rL9he9pPXea3XIArEjnKJwLoYzl5ebzFjgXC7_gXfwAXoX8LmoFeqN0N2i79c58RPQUBm50kpt0ylm2a0Q3ntEDm2u8co8llIyCSw-82De4p8saM5N9-O59astNx38AnG_jKg0o77CeMJVvvTddOwffOr-ZTyqL-AYaK-TPQ8XLzn6b2llwlruOWtYp1o4SJEJbMIjc-tGo5w7FYfqCziC6iuRId2744mr6V0UFxDilkqJ8BxfyrgbobvisXjGSBPKgDscvCQDlrVF41PUgEPrtavDmOvnBxlX1L5MXmd-WqLLUEWHUx1V0DcKmYpKXfkkXiGVpKLpRWF5OangKM98NZljzydDpNIS_rh7B16xMgTxbt0CTCbxUoxIAQAE5ogm_p-3uvVNPr2RkXBUOVuCwRMlbg5aKcjcpZlabpXSZPKPrQdn3hNmYki2IO3CPScWtTIXVKGfKv5brDQ6MZsXzrEU6SpZ081jybKw7P7x4IJ5RueMoHKTA7ynpOVigONwU_n5IR-VFpm04dDCrRKpGIaszSg4Uv-r3tPLIKEwMEqMjd-bgSKX9lYxIXC3G8Xe-GumLpqKP6ySAm1H44kcXewG5yKlYS7tle2-neLH86robV0COnqBGqbBadunMqMFaSuo_tZsdpZ1l9FI-fvQacHzkK0AnuJHd_msj1BclhWhNdErPX_-e8286OQsnlzirBXUULSv9aoppXN0XqxLO43Fq7sTky8w3ByynFoTmMX9nL6eovgpnfpMWCHEZHZrFMe24nj9tvekCCAfLTGHIyQtCCYXtflGz-C9v9Sdej5JLestvsnMhtHOdDwrXDBkAxTgz5pHCdNSTzGS07DvWVW9HY0LMUyuD6JvPWa2K9l54j6_R21QfCrjNgwONha3YQ0njzbrAGwqjQ2Q_dRASHWJcbDDnATkzMJogmUpXQSGgH56ulcMLBq6JY_NM2bVt-UxmsjFGr205gOTZRuaxslilRowrjhkIrODpiDj98Y756xCeQ5QiGbZiqd3XRT62kCfze3TMQkkv1wGdskmkTA1IHz5nZLGlXBSkVptfVzqn5pWh6mDiJW8xpUfIstFaJ80YI64KZY-ecmtmp4aZiUhss7wB0kK_kMpnpdP_5iNsSm3--b5eLkdbY_Z_OzCPlJ5874ba9zotqtWt1-zGFJDQ6aVd-YLIcGzkamS7C41G5jrdbSv3wy5XfVQ6hvqdty7akYPaMSDvtmFlcVKDihfqBBOCHC94Ycj1yoyx8ll-oOoMKf1zFXNyr5uABwWhmK1ZRC6cOHo4fR2YHrIYxRmInvYKAZvaRtxaZRa5KJxf0dMAcqykuAKLYCklXidPavHxk4XSFNJ0lvbxETkQQ4_5iDeQx2Gk01bHgH-ym5tewzxgrRcjdsoM7ZHyyWUWG4JahViR_Eh3taqBD6dnpOsElbIP96X_hGJqheTYmNwKBShXHaJIxQENLodn95yoexyeEMvHyCjfhmtNu7MeFx4Iyk3bDHHIT9xBioYbRY6rYCIe_cb-2nCBZCZZhnvAFsEztk_FgspGP8ZKSWrRlhxs9Bt3aStjSiz_9Wp26M-hPijQsoSH2a-s_a46VxCXR-uG3j9q6t8nshpucI98RASt2C7MjD_HwETeIWUXolN374UfeK1WdZwPTKuab_6Kf4hoo2JQ&cid=CAQSSwBpAlJWrE32G1EmeKAszzLMg2bM2VH9ZuIeJOLAsDS2fI5EQ-X06U1rgfF-FgQsxdlDO58TEivLE5vmdSD_xCWjgyEMGMgQb9bucxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.megamillions.com%2F&ds=l&xdt=1&iif=1&cor=9603294228702560000&adk=1964084972&idt=195&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 14:09:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
83245
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11511
x-xss-protection
0
server
cafe
etag
961974302080011826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Sep 2023 14:09:21 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F472 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 20:05:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
61861
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Aug 2024 20:05:45 GMT
truncated
/ Frame F472 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0eddd38c3ee8879fc453552b02bda1e2d94f754840e732a5786b2361214b41a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/7073955107534177015/ Frame 3554 		27 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ff4dc66fd6532e1fad835ddd8dd2d5bd85bf16c8446917b35cba94f9ba3fdf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
7620
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5302
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 11:09:46 GMT
expires
Fri, 23 Aug 2024 11:09:46 GMT
last-modified
Mon, 14 Aug 2023 08:46:10 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame BB9C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstz2u97FCA_m1gpX470K1iHCY6cTjp9btOI5hy7cIS2TgC7WzRUoOS-1JYmqv91OUIJ3bdi5rPlDa8xerBrMO5VQivsQO12hetaszKxDbz6LWNjq3pMKFU5hPphfMrNOQkPxK_38Mh4zz3ah53net727r2qqZAG5mv77Cnij6BL7VYh6EuF1LQsJ88f_kr2TliZbW9on3aE4noQCEFtdZuB6krIfnLOjwbc3NjkH5YgRpgDNMmCYp6aMX9j3CnevJ9EPDLsKkv2qI1S5U8hm1AL_p72xLQlnEgAFmToBs7Qvn5qrxod9rqYM8S2bflbT07yl5sBvdPcXaOAtBPFMYNmpHSD0aD0Sl3SqQ4NQr9nX6U2wg0zLUys8kg2OxcM-xCxpHaXg12sNIZx3RZU1Ta4gHa-fzDxgh-3kyOq9XGqrxnQ2kYOCYF-8BySGe1bHYDyioWe68XOsE6cpK-4tkTn0wK_A3E5dZ2kMoHcaoMWO514YCwyRFuOvysQmEf3L3WwrQcUaFkbAuDQOaA3vOu1w8bcxRY9gDbt7deBikhvwY9FAgMFmwdLaFsFSwK1VsczlDM_ySSD9y255zqtUNw_2b58ByeQBYMCCrjrC9-hdC8KsrHFYYMKF6fOKRmJNERAGdYuEdRkefqGqjEqQiEz2fLvPqRgiu9W_zCJmHpTH8SHP_xflThUyE7dTRzP5s8HBef9K4WYjUKW3G4fbsWZbSFErUk6kM458wflqiKHYEdu4jO-hJJBXrQrqqM_2Zgl1bg5N_AkddVzeQBjaMHpdfW7c5y0e_X3npl0QW3WX4d2vy4mI9wsTkTax8UDdnTmGSh6DPjOwxuAK00oLc5AccATJmzTqvCR1jeJDx2_YUw3o-vEOsgYUPBGViC2kPMwO4UHVFg0KEtwDyhSJHQpShAgMj-D5XkQNhDewGRWA4VAf5Kngr6a6qfe01rBfrhkuBjyAobejkueT9fsswDs1N36S1PUBfzMGOs_G55aMaFXA1ASWSXiW_30d2H6Ab9mjK0RjcTPiejmyXzGi8GOeqVfD1DU9rRpK1bWeNqOB4RItRuXLwFljjgdu1ba5-1kSpoGbeNzCBtWsH6Idn36DUfU-yw1CIk7zzWrx8ZpLvD5bgV7BNU3wvzmiAhW0jJgdPXKbJ7mpd56zH9slXkQTe5bcD-S_L-FvGXbEy3yoJuORjkqVmXCkT07BG85hbIzxVPUnbdYsjpynxt2Zr3t2WdvpKbqdZMSwt8OdUe6qrXEygybuTMrebxZNkd_bpfTML1CTMDSURbyxRFiapLBpmD4hMN1F7b2ZTIoIsn6vneCp2ZuyraKti_oaGPIjpXtkiZwvHz0iIztU4s&sai=AMfl-YTCLLHZ61Ug3_lDxaXqV-hJZAt5TuUNh_obbB7hJyUa5EkjEMIA14nnQRgHpTQKHr6Twfkdcnno5h6DlvuoIUu0qqM2Sw0T_8Qo2O9EmVfXWhmr0Y2ZZbV7C2Txyn2x24Gcrj9rgHUAHBcJpLimaNjnQiLce_3g_-TjcU2jPDfOw_4ZuizPnJts-A3r3DCfsuG7HmWjLihix5JF71I0gCfNCc9t_Y0pCUa5_UBK-H3T_bkoFujrt53pGEbGaWjeixY4ZCDbIbI46-ZpS2BVWxc8arNZKx2nCR1SQ49tfms_JuxYvbHbIMY&sig=Cg0ArKJSzGtJWLTvbPueEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=245&cbvp=1&cstd=242&cisv=r20230822.74813&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 24 Aug 2023 13:16:46 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 24 Aug 2023 13:16:46 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9022 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
100019
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Aug 2023 09:29:47 GMT
expires
Thu, 22 Aug 2024 09:29:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0B25 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
100019
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Aug 2023 09:29:47 GMT
expires
Thu, 22 Aug 2024 09:29:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/12691273737138261013/ Frame 75ED 		28 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e68ab091dcaac5da2cf84298622805b8a9a002137b779a0416c8358ceaded22d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
8146
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5415
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 11:01:00 GMT
expires
Fri, 23 Aug 2024 11:01:00 GMT
last-modified
Mon, 14 Aug 2023 08:45:30 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F472 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNNPbCdPb6uUHn4Kji-wmALBYyxSrtVe59o5bpwsLez0e4mlBlZylxUJv73c_h3XAbM2cz3lwzrylHAWcGs_jtS6TO4o2QginQtTChMI97CQ3X7b6KZvGBagXUl_-qlgAPwFTTu1ZrMDaHNvJvxC40MZrK7BwUtNhtE_-RLAn8SLbF0x4Mr6KFjucJyPODGuAb6Lpy8P8lnzFCmDuEabFVLUycQsxNfGjRjxcv8s0UcwaTjopwiwCewOlHOn9U3bkcd_SerCgJm8lkqVmvBc3jqoeBuH65Tueis1SwyQk4lGIkqtZc3pDnWCMblJcIBUU4zQj8H7CtA7CTQf8OJa23K_4w_hSFDnxo7IXXB_jKFO5NAyXX5CK4QXNVILZapRKWcULT57LrOnwMTM8PbbruvEEIYOItma21LZ_xAJ-NhJAUM2bS8SQZVLTnyfB5imCRN6xnGHsr2wxbMwl04LnrA8szdEI4WG6JYi6lECmT8ReJm2Nz4bnpWn3qkhAL1Ry1s37S0h2Fd-qeOn6GQutRuOE-gG1Q_27NF6vTEYD5SebFOG1eHcEl-y_psB1MVGYNxwzxULjE1l_QPA7i3q234DBXMIbeC5gA60KAe13yNl5yn16NcJKcOgY72ZJl4wG_Fl6GnLkOteTZMKw1KGNLO-QQ02rBkKIpisDr1SjQqym_DBFh-UtsTnkN4yVcviOyKo9RS27UwN_88F1cUU-APR8xxj8QnKP7SAl5zFob-pmG0Ab4JTz5AeVg4MwV6CbgfqeV9OSYZFEJCjoNKR9jthnFLe7UFbMtxDs_T-KLT9H5ixLSUFGSeh3ubb0my9cXLTNJ66E0R1MmHTGP6FW1qtJpVsW2Iaq-xnY0W8qZjB13EZ2tTVJlXaCB-kwGoozrtX07qOKOIgKW-zUg9gILa-4RP50xIHqpnHzI5RTWbJPBzUIV3GiEMrLOFMiXb8CEV2PnKhoNyOiNays3wTqSg-4lyCTogC-0Y3GQmqPeBRFVxEEd0vDVMPB1f6gvVV3MilPApv0iYK2XZIOMdvPwBvCtUXwgZEdd6y9exOCmsXAO6BeZUR0NygnrymZDpVvoADQd_Wrdh4FjLFCTgXM_PhXzstrnu30aBsvwrxesFwUzeclgtccKmfWC1yPv7gliJoC-YBxMtJYkvWRXTj_h-rUK5IDdyhi3bYI92a2wiAkUsbrZRGuXijXcEwZfinTkZ3RaNpsO_0rIWKZ5ow0C1SvRLucOYSaGCSDFdifDa8vuU6JYPJoWiJ_Qsu3dm57CDYd7r5c8bHS2VjuklHKWMnc9MXAazIg5Kz0qyj-LeyrHWlKGo_t-SgcrMoW1iKGffrTwzOE10QBi3nyLse8enDZyjiF9&sai=AMfl-YTjE3nGecSkMlJb8FrZWYdoOvSHPtmPqXJPg_VEWbmALpWpN2KBIeFbwF8t4WTgHJERIPKhKlIMWwW6O1bynPwnHIpwnDupm-YA_Tc1h9Rcc1FrHpPUvrEitAdewzbINFGYQHDKOoi6keN3kc0j8A9me2r99RvBu0l7FYFZJBVaag8q3Cf5Zloxs2cboPpp0bFFVJS9jZdeXfQ4cJhcLXG8uQkbqruT7z5v9gR02E8sUVp9LJNkErpjV5xT-wny59o52puBwCnxzi10usqXE6oaTP-0Fc_IgrRHcOgKEZHrZLivI7S1vJQ&sig=Cg0ArKJSzDFgwM6NkL6REAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=151&cbvp=1&cstd=149&cisv=r20230822.37694&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 24 Aug 2023 13:16:46 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 24 Aug 2023 13:16:46 GMT
-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
pagead2.googlesyndication.com/bg/ Frame 9022 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:53:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
5026
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14754
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Aug 2024 11:53:00 GMT
-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
pagead2.googlesyndication.com/bg/ Frame 0B25 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:53:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
5026
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14754
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Aug 2024 11:53:00 GMT
cc6b3873eb176a8a951ef41188915745.js
s0.2mdn.net/sadbundle/7073955107534177015/ Frame 3554 		131 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7073955107534177015/cc6b3873eb176a8a951ef41188915745.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6c6dd40aae49f4a05c22b99e451d3230f78086a1a65d05e243f10e13942275f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:09:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7619
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38112
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:46:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 11:09:47 GMT
190740797d80b1049e624ef11d8e67ae.js
s0.2mdn.net/sadbundle/12691273737138261013/ Frame 75ED 		131 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12691273737138261013/190740797d80b1049e624ef11d8e67ae.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b78f9af2b63768474e2dff1a73b9ad3a7a31b158cc7395afc55f86725e75a150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:01:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8146
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38114
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:45:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 11:01:00 GMT
9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 3554 		1 KB
642 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7073955107534177015/media/9c69f07deadda884c61396a404004929.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:09:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7619
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
613
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:46:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 11:09:47 GMT
7d4bab0f087eef2090a9e1d7a7de0806.png
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 3554 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7073955107534177015/media/7d4bab0f087eef2090a9e1d7a7de0806.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85a27fcbaeaeb55eb3c904d80ea5ed4fca6f0ca2bf7aaa056cbee3abd619803a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:09:47 GMT
x-content-type-options
nosniff
age
7619
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10207
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:46:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 11:09:47 GMT
4a36b3c3ac57aa1342d4dff68a270b57.jpg
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 3554 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7073955107534177015/media/4a36b3c3ac57aa1342d4dff68a270b57.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1862caa79dc3c7272dc5ff90c7f8ca7d356005f0a4bd5d0812771305c2fb2f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:09:47 GMT
x-content-type-options
nosniff
age
7619
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7904
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:46:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 11:09:47 GMT
6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 3554 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7073955107534177015/media/6d7052ff6df13eae564657f4b45cc79a.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7618
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2640
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:46:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 11:09:48 GMT
9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/12691273737138261013/media/ Frame 75ED 		1 KB
642 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12691273737138261013/media/9c69f07deadda884c61396a404004929.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:01:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8146
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
613
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:45:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 11:01:00 GMT
da31ed3788e96cf03d1a48a187c7ab84.png
s0.2mdn.net/sadbundle/12691273737138261013/media/ Frame 75ED 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12691273737138261013/media/da31ed3788e96cf03d1a48a187c7ab84.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50a1bd531b87bf322748dbde57c9023eb9bea95bed15c35c3e06fa130443aa69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:01:00 GMT
x-content-type-options
nosniff
age
8146
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16035
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:45:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 11:01:00 GMT
3cacc47ba04bb023761e049580602db7.jpg
s0.2mdn.net/sadbundle/12691273737138261013/media/ Frame 75ED 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12691273737138261013/media/3cacc47ba04bb023761e049580602db7.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11b8b4fb9f9509a15bcc1aae9d7bc3df6c99df550ecc3ec7a3fc1e5b83a1acd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 21:10:46 GMT
x-content-type-options
nosniff
age
489960
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7289
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:45:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Aug 2024 21:10:46 GMT
6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/12691273737138261013/media/ Frame 75ED 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12691273737138261013/media/6d7052ff6df13eae564657f4b45cc79a.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:01:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8146
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2640
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:45:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 11:01:00 GMT
ibm_plex_sans_500_normal.ttf
s0.2mdn.net/sadbundle/7073955107534177015/fonts/ Frame 3554 		173 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7073955107534177015/fonts/ibm_plex_sans_500_normal.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7618
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81411
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:46:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 11:09:48 GMT
ibm_plex_sans_500_normal.ttf
s0.2mdn.net/sadbundle/12691273737138261013/fonts/ Frame 75ED 		173 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12691273737138261013/fonts/ibm_plex_sans_500_normal.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:01:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8146
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81411
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:45:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 11:01:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame BB9C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstz2u97FCA_m1gpX470K1iHCY6cTjp9btOI5hy7cIS2TgC7WzRUoOS-1JYmqv91OUIJ3bdi5rPlDa8xerBrMO5VQivsQO12hetaszKxDbz6LWNjq3pMKFU5hPphfMrNOQkPxK_38Mh4zz3ah53net727r2qqZAG5mv77Cnij6BL7VYh6EuF1LQsJ88f_kr2TliZbW9on3aE4noQCEFtdZuB6krIfnLOjwbc3NjkH5YgRpgDNMmCYp6aMX9j3CnevJ9EPDLsKkv2qI1S5U8hm1AL_p72xLQlnEgAFmToBs7Qvn5qrxod9rqYM8S2bflbT07yl5sBvdPcXaOAtBPFMYNmpHSD0aD0Sl3SqQ4NQr9nX6U2wg0zLUys8kg2OxcM-xCxpHaXg12sNIZx3RZU1Ta4gHa-fzDxgh-3kyOq9XGqrxnQ2kYOCYF-8BySGe1bHYDyioWe68XOsE6cpK-4tkTn0wK_A3E5dZ2kMoHcaoMWO514YCwyRFuOvysQmEf3L3WwrQcUaFkbAuDQOaA3vOu1w8bcxRY9gDbt7deBikhvwY9FAgMFmwdLaFsFSwK1VsczlDM_ySSD9y255zqtUNw_2b58ByeQBYMCCrjrC9-hdC8KsrHFYYMKF6fOKRmJNERAGdYuEdRkefqGqjEqQiEz2fLvPqRgiu9W_zCJmHpTH8SHP_xflThUyE7dTRzP5s8HBef9K4WYjUKW3G4fbsWZbSFErUk6kM458wflqiKHYEdu4jO-hJJBXrQrqqM_2Zgl1bg5N_AkddVzeQBjaMHpdfW7c5y0e_X3npl0QW3WX4d2vy4mI9wsTkTax8UDdnTmGSh6DPjOwxuAK00oLc5AccATJmzTqvCR1jeJDx2_YUw3o-vEOsgYUPBGViC2kPMwO4UHVFg0KEtwDyhSJHQpShAgMj-D5XkQNhDewGRWA4VAf5Kngr6a6qfe01rBfrhkuBjyAobejkueT9fsswDs1N36S1PUBfzMGOs_G55aMaFXA1ASWSXiW_30d2H6Ab9mjK0RjcTPiejmyXzGi8GOeqVfD1DU9rRpK1bWeNqOB4RItRuXLwFljjgdu1ba5-1kSpoGbeNzCBtWsH6Idn36DUfU-yw1CIk7zzWrx8ZpLvD5bgV7BNU3wvzmiAhW0jJgdPXKbJ7mpd56zH9slXkQTe5bcD-S_L-FvGXbEy3yoJuORjkqVmXCkT07BG85hbIzxVPUnbdYsjpynxt2Zr3t2WdvpKbqdZMSwt8OdUe6qrXEygybuTMrebxZNkd_bpfTML1CTMDSURbyxRFiapLBpmD4hMN1F7b2ZTIoIsn6vneCp2ZuyraKti_oaGPIjpXtkiZwvHz0iIztU4s&sai=AMfl-YTCLLHZ61Ug3_lDxaXqV-hJZAt5TuUNh_obbB7hJyUa5EkjEMIA14nnQRgHpTQKHr6Twfkdcnno5h6DlvuoIUu0qqM2Sw0T_8Qo2O9EmVfXWhmr0Y2ZZbV7C2Txyn2x24Gcrj9rgHUAHBcJpLimaNjnQiLce_3g_-TjcU2jPDfOw_4ZuizPnJts-A3r3DCfsuG7HmWjLihix5JF71I0gCfNCc9t_Y0pCUa5_UBK-H3T_bkoFujrt53pGEbGaWjeixY4ZCDbIbI46-ZpS2BVWxc8arNZKx2nCR1SQ49tfms_JuxYvbHbIMY&sig=Cg0ArKJSzGtJWLTvbPueEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=678&vt=11&dtpt=433&dett=3&cstd=242&cisv=r20230822.74813&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 24 Aug 2023 13:16:46 GMT
9c69f07deadda884c61396a404004929.svg
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 3554 		1 KB
642 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7073955107534177015/media/9c69f07deadda884c61396a404004929.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/cc6b3873eb176a8a951ef41188915745.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:09:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7621
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
613
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:46:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 11:09:47 GMT
6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 3554 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7073955107534177015/media/6d7052ff6df13eae564657f4b45cc79a.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/cc6b3873eb176a8a951ef41188915745.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7620
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2640
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:46:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 11:09:48 GMT
d39bc38b8e1b6d2ecf4f73f6f40ab434.png
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 3554 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7073955107534177015/media/d39bc38b8e1b6d2ecf4f73f6f40ab434.png
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c77f9f006debdee2ec120a6349a31bf3678e42001251f2c4495b32f5fb77598f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:09:48 GMT
x-content-type-options
nosniff
age
7620
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3654
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:46:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 11:09:48 GMT
7d4bab0f087eef2090a9e1d7a7de0806.png
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 3554 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7073955107534177015/media/7d4bab0f087eef2090a9e1d7a7de0806.png
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85a27fcbaeaeb55eb3c904d80ea5ed4fca6f0ca2bf7aaa056cbee3abd619803a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:09:47 GMT
x-content-type-options
nosniff
age
7621
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10207
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:46:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 11:09:47 GMT
4a36b3c3ac57aa1342d4dff68a270b57.jpg
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 3554 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7073955107534177015/media/4a36b3c3ac57aa1342d4dff68a270b57.jpg
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1862caa79dc3c7272dc5ff90c7f8ca7d356005f0a4bd5d0812771305c2fb2f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:09:47 GMT
x-content-type-options
nosniff
age
7621
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7904
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:46:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 11:09:47 GMT
f96b1a490dda2f2b2367b9a0eb7a4039.png
s0.2mdn.net/sadbundle/12691273737138261013/media/ Frame 75ED 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12691273737138261013/media/f96b1a490dda2f2b2367b9a0eb7a4039.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14045b1e42485d4b7ab414732eef9cb5e242d6e348047317a6b0855bc5d07bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:01:01 GMT
x-content-type-options
nosniff
age
8147
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6924
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:45:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 11:01:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9022 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjNeKPljnZJTnB9yl9u8P3p2-KAAAAAA4AeAEAg&bg=!s7ClsP_NAAZGPLJIZjw7ADQBe5WfOIL2UOnJKnzi-55R__h-pOLNnD8r57EQXIL7hEuxoUrtL22cc60e5s4yVVESaDlZAgAAAVJSAAAAH2gBB5kDS7dG-8ehJEX7XPJKaumSgMwSLJG8nRtdhIlnFRNeMCR6aEUUfsPVXUSMaaW-7bURXPatWoHQrwvYJR-Y6ZG_k3mhGjRqFRR9isSV7F7NN4xvAOGn4l6Y35hPkeN1yNv0-AQgYactZmqb_6jpxsgCVUwNbM2cDEJgIxIjVBFN8e1cU6BY4P2RZfv5tBGmhmHQsCOkywhdKUB0zaChGztLVQu9eqLsY2IJYf-8lhY1o3GmfXN2taMogG4dXNRTF3V4AmijrvE8VV1qCiczJ1tZgYrO7bSwR__YJehAHsC1F7XDTeyo4aUXilg-x_St-XtZ7H60_sv-cPltlqr6VVyvjoAJMcL8L7fTA1jgp2uq1eQOXQhZNcHfphMapKz6WXRUOvSgtjGJPHtiah9sMMSSj4k0oeJjG-RVEgSe91uHBQ_DrJfoPlG52zkGpMmrLkVz9Zmmhftor6cbLyQz6IJwgICUmX6K8WVptkDOcBGrR4EgAZgGN2zkW_hdEHj99cLYOFW4T6KmTu53c2MijX1qxBa43zmzzywhGoBnZU9fP-rNLzYoteAhiz15gBWm5pzGlNeFdEftfcaZ4u0S9JCBnE1fT2kDIHYdP0uryXwJ-WfIpIFdBrlFC7PSLUpWpUkAmVf4OgHE3sVokWuBKf723R_-QDmNrIJCa_g3FvWb74q4Buch2279XNNX6maHib2Zmx9jeyElZNIMI-O7OKraotw2iHGW6r_UVjrr_QnIJGRx1UPD9cHRu2reNq-UwhzLqHe2HL4CUDZ_TPVwPzAEKufOs5WZOirEQx0IrHjMzjXPw82Ti2l4BNGZnGw9sUK0nKoAgHA6RUwWSs6cSvw3nn3wGGsJyJCsVl_gtuxUelWT31iExhsUq9xyCJTUBq8LkRJLYzHsohf_4kLvCJhNj7dtkbY810J7yjB2mzOnNSd9XjoIHFjpNbe2a0Vobg6A1tgBeWfAkzGuzUpevGq4S18ZhP_9YO7yhUhLMpZR1K-Uq7xStDw1b-oNPH8aFS2V8kaykq14cmiVo4ozZBUMmot4n-t6tznAuFxoE9SwDxA6ISRXaRpyYKmrYPZAW7cnuHf0f0HuZ00mYNDu3g4epxEfYD77DmqUIDlGlA
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B25 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLvCxPljnZML3CvKcjuwPn4q8EAAAAAA4AeAEAg&bg=!g4ClgM_NAAZGPLJIZjw7ADQBe5WfONYqakc0TKX7afNChDqSeT6LG0VSSfAqR8n3K0dyxuW8gwmEG4wKEhtHtKp6n_eiAgAAAWdSAAAAB2gBB5kDSZFaK7l_YvVDJXAMe_jcG6jAGkHoRAWhc4LRrmIW_gyIFXYaABmgtd4ev9x0NzCC6WCPwvyqf4O5wxKtYu9pFB69L8Ed5QK-QCE4x5Os3I324rafu3GEh6zUhskhs7hpBoJDsAUy-h115YSfsdE73a2aHUncPE1Gb61ZQ58B5PKMmXOur2Wp8_hucgB0AOHODwvug-GioTTtYz4geP4U4pfDTMM6kUVrzQxFlI9PV3wkZqIyAFCnDjoQn9zdgn3fCV-47fxTgquJz-uvuhOpsYZtslgIt6M6ljvT0HpwgSpmhln2AOBVNZp5gK2bGsa3B7rXypxmnOgHPultMU40INW3dqkTQVKKiL0QL6Dpyf6fvkQSipY4I3UnzkNl3ajfFO5g18y7svC0mVgDXo2pzE531AjKxdcHkx5j0xbp85IvuywjNawqxudRVN4Vzwxle9t6y4lGrRaZDNzZzgBIboeppL1kp-gwYLUoXg6AI0p1fs-sgt_luGzQ-IDvq89uTXausvIfhf831y8ZLVStwzOHyIp3h-kstoTUgeVH0SeC4iaWZt_4qJNlvtJF3_uqWArv-X5bxEKU9OtsCGuOj38hratPZ7N4wHQV06ukGnZ9JlKRsngNhjBZRQkKbzxetlhVck3hW76-LxukD0E9RX-vLXeNHRS1GT1MHGOR2fZ3-0RrPBb9aLYwOkqmX-o16McdIvtM9gueQ97PXLc7V8EKGT1mv4GBjXkkhUjr42uIpTtSg0mQl-MwP8NwhWaHw1F2DvQHqf6An-ljFna-MIiImuLuA3K9pYFBa2BxU2bsMXZmZBpdhbr0i3KXAXCVRRiWxJoEzBIiT-wGHofzPpMm4JBeR6AiXdm6uwgds5Q11Yim7lpF_a6qxAkSMGcI3XClfU6W3Y7Ods4tD6iVvPA_QqXrY7B9bi0x03dg1ZMQTwbifAmqHPYYGT713QkEYD0_T8CvU0x2t95feEzdhQK_MOiKW-Gs_ALok9V-qDLWDFcyGj_jR4DDCzvJa-g4l2iqOm_R1MS-xP6eHr7-Nm3Fy4Nst8DFpuWwdXZCgr7r41Ul6f-Ua83xNBmRKoWF2OzZwXHmDx33XcjxjGOW6ByhlaUq5cg629A
Requested by
Host: 5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com
URL: https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BB9C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsup0eQzyCt28JP9DH8Y2wM-tsPONDUEH9qjG98sBuitZB5uACaraW6x_Gn1XhqocGfX5iAF53MGKfWsVWeI53lfMPHm6PJ-QM876hRJogAirMHtrW1vdOCtXJvyvb3JPXrOFZgKVRiVaTXQ&sai=AMfl-YROHxuhtwCFdxB1D7atIVr1ORHDzFTNTHAjDb1Hq0mfjqviOhxDLmscQ6W6Ucg0GxQD0WPqXDGc7z6bhoBu-Ye-3ER6_UpnPZsgVUGAKMvewDMWyp5l7u8_VzvmANaQwixk0jZfkhqwo5jd&sig=Cg0ArKJSzAyNk5thUiTQEAE&cid=CAQSSwBpAlJWrE32G1EmeKAszzLMg2bM2VH9ZuIeJOLAsDS2fI5EQ-X06U1rgfF-FgQsxdlDO58TEivLE5vmdSD_xCWjgyEMGMgQb9bucxgB&id=lidar2&mcvt=1000&p=26,538,116,1266&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230821&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=537333458&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692883005841&rpt=486&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F472 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCCB2iiGPHYR44bjrE_iJh1QUmn3E25JKMweWoAdVHHnst8jV_YCHAFFhqrT0HxO-36Jg7twmxsuEFyhhtItT6AVXcZqaSXdajbo1xvPzrOSF7amTZH0qgtJXXvkt0FIi94WbbbmvN71oL&sai=AMfl-YTUGXDRutuLhRjmbm8ZtZzparJLXRReRuPf52FQM7OiwTFPva9_K1TR6f3bOZQb8eVFyucQwcqY-j7TAEGu_8TYHfVXjhQieeQ6UQ06vP0qyEb7bXg-_D472zqRty0b23BdeEXFtzhVpRCZ&sig=Cg0ArKJSzDbPgWeewWE7EAE&cid=CAQSSwBpAlJWrE32G1EmeKAszzLMg2bM2VH9ZuIeJOLAsDS2fI5EQ-X06U1rgfF-FgQsxdlDO58TEivLE5vmdSD_xCWjgyEMGMgQb9bucxgB&id=lidar2&mcvt=1000&p=724,1055,974,1355&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230821&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1420342407&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692883005853&rpt=590&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BB9C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4346729723283&version=m202307240101&ct=76&x=1&cor=6622889146910778000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F472 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNNPbCdPb6uUHn4Kji-wmALBYyxSrtVe59o5bpwsLez0e4mlBlZylxUJv73c_h3XAbM2cz3lwzrylHAWcGs_jtS6TO4o2QginQtTChMI97CQ3X7b6KZvGBagXUl_-qlgAPwFTTu1ZrMDaHNvJvxC40MZrK7BwUtNhtE_-RLAn8SLbF0x4Mr6KFjucJyPODGuAb6Lpy8P8lnzFCmDuEabFVLUycQsxNfGjRjxcv8s0UcwaTjopwiwCewOlHOn9U3bkcd_SerCgJm8lkqVmvBc3jqoeBuH65Tueis1SwyQk4lGIkqtZc3pDnWCMblJcIBUU4zQj8H7CtA7CTQf8OJa23K_4w_hSFDnxo7IXXB_jKFO5NAyXX5CK4QXNVILZapRKWcULT57LrOnwMTM8PbbruvEEIYOItma21LZ_xAJ-NhJAUM2bS8SQZVLTnyfB5imCRN6xnGHsr2wxbMwl04LnrA8szdEI4WG6JYi6lECmT8ReJm2Nz4bnpWn3qkhAL1Ry1s37S0h2Fd-qeOn6GQutRuOE-gG1Q_27NF6vTEYD5SebFOG1eHcEl-y_psB1MVGYNxwzxULjE1l_QPA7i3q234DBXMIbeC5gA60KAe13yNl5yn16NcJKcOgY72ZJl4wG_Fl6GnLkOteTZMKw1KGNLO-QQ02rBkKIpisDr1SjQqym_DBFh-UtsTnkN4yVcviOyKo9RS27UwN_88F1cUU-APR8xxj8QnKP7SAl5zFob-pmG0Ab4JTz5AeVg4MwV6CbgfqeV9OSYZFEJCjoNKR9jthnFLe7UFbMtxDs_T-KLT9H5ixLSUFGSeh3ubb0my9cXLTNJ66E0R1MmHTGP6FW1qtJpVsW2Iaq-xnY0W8qZjB13EZ2tTVJlXaCB-kwGoozrtX07qOKOIgKW-zUg9gILa-4RP50xIHqpnHzI5RTWbJPBzUIV3GiEMrLOFMiXb8CEV2PnKhoNyOiNays3wTqSg-4lyCTogC-0Y3GQmqPeBRFVxEEd0vDVMPB1f6gvVV3MilPApv0iYK2XZIOMdvPwBvCtUXwgZEdd6y9exOCmsXAO6BeZUR0NygnrymZDpVvoADQd_Wrdh4FjLFCTgXM_PhXzstrnu30aBsvwrxesFwUzeclgtccKmfWC1yPv7gliJoC-YBxMtJYkvWRXTj_h-rUK5IDdyhi3bYI92a2wiAkUsbrZRGuXijXcEwZfinTkZ3RaNpsO_0rIWKZ5ow0C1SvRLucOYSaGCSDFdifDa8vuU6JYPJoWiJ_Qsu3dm57CDYd7r5c8bHS2VjuklHKWMnc9MXAazIg5Kz0qyj-LeyrHWlKGo_t-SgcrMoW1iKGffrTwzOE10QBi3nyLse8enDZyjiF9&sai=AMfl-YTjE3nGecSkMlJb8FrZWYdoOvSHPtmPqXJPg_VEWbmALpWpN2KBIeFbwF8t4WTgHJERIPKhKlIMWwW6O1bynPwnHIpwnDupm-YA_Tc1h9Rcc1FrHpPUvrEitAdewzbINFGYQHDKOoi6keN3kc0j8A9me2r99RvBu0l7FYFZJBVaag8q3Cf5Zloxs2cboPpp0bFFVJS9jZdeXfQ4cJhcLXG8uQkbqruT7z5v9gR02E8sUVp9LJNkErpjV5xT-wny59o52puBwCnxzi10usqXE6oaTP-0Fc_IgrRHcOgKEZHrZLivI7S1vJQ&sig=Cg0ArKJSzDFgwM6NkL6REAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2638&vt=11&dtpt=2487&dett=3&cstd=149&cisv=r20230822.37694&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.megamillions.com
URL: https://www.megamillions.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 24 Aug 2023 13:16:49 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308210101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/pubads_impl.js?cb=31077272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5e47be797c885594bd761877df8032c263f6db9ad47060f3204c42913bbefc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11750
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1050760212&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.megamillions.com%2F&ul=en-us&de=UTF-8&dt=Mega%20Millions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=Percentage&el=25%25&_u=aAjAAAABAAAAAC~&jid=&gjid=&cid=446175190.1692883005&tid=UA-130954248-1&_gid=3503359.1692883006&gtm=45He38l0n815G7656B&z=1127190805
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Aug 2023 21:06:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
58230
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1050760212&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.megamillions.com%2F&ul=en-us&de=UTF-8&dt=Mega%20Millions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=Percentage&el=50%25&_u=aAjAAAABAAAAAC~&jid=&gjid=&cid=446175190.1692883005&tid=UA-130954248-1&_gid=3503359.1692883006&gtm=45He38l0n815G7656B&z=1979952916
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Aug 2023 21:06:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
58230
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1050760212&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.megamillions.com%2F&ul=en-us&de=UTF-8&dt=Mega%20Millions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=Percentage&el=75%25&_u=aAjAAAABAAAAAC~&jid=&gjid=&cid=446175190.1692883005&tid=UA-130954248-1&_gid=3503359.1692883006&gtm=45He38l0n815G7656B&z=1889892364
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 Aug 2023 21:06:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
58230
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/pubads_impl.js?cb=31077272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 24 Aug 2023 13:16:49 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CBE2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.megamillions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1179
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 12:57:10 GMT
expires
Fri, 23 Aug 2024 12:57:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C683 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b92399ab0505118d0ab7675e34fc78fd748e5ec1a486a12e6c9ce4cc654014fd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ldho5nl-3yCdoDiu_Iq02w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.megamillions.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
535
content-security-policy
script-src 'report-sample' 'nonce-Ldho5nl-3yCdoDiu_Iq02w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 24 Aug 2023 13:16:49 GMT
expires
Thu, 24 Aug 2023 13:16:49 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
pagead2.googlesyndication.com/bg/ Frame CBE2 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:53:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
5029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14754
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Aug 2024 11:53:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C683 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308210101&jk=3813217123592618&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame CBE2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?l_NZ6Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 13:16:49 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame F472 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6520543005100&version=m202307240101&ct=76&x=1&cor=9603294228702560000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Aug 2023 13:16:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308210101&jk=3813217123592618&bg=!VValVhnNAAZGPLJIZjw7ADQBe5WfOG1vEYsfWDkqZ4ML8p9InQ8ePU1XECqjwc5G4UNgKVCiuUJ2Dg1Ll0WCgTOISct1AgAAAH9SAAAACGgBB5kC7De60FP2Y5EcThjjU8x8n-8tDpWR4ZyH6MgYGoNsBJzwH4lwGDSuOTPIXf_QkVeOYOk3Pj-YIu7IWST759a8lxZ_w5GJBiZCqh2AGOiw_A2gpwXy2jsGT9y2zmIiJApCoH4ScVXnix0FkbEAf08yKghWdVMVCEVY1ibeNXbaP923UQFGJsBF2m9Ot-bpcVWL_TPa3YwuUXV683u4rbKedHMO0-qDcmhxmLle_MmjQ6kC7I3v-wxDUQTuGRGNnixT4B3Olz6jaQ0j6PBSysO_z38suBwXmS0nE1Z0wpNNAtkeUqOQMQj9-iWD6Wu2COFoe0fS_nLi8F0nn4pJpw2v_wdm3owKzNjDkZx0ybJX-r85qDjZ6pW_fQ6cCLt-j5inoAHaOPeq8-CqaGPfcNJMquWkHROHcShm7Bwnnv9FdOWLAi6AeKrB7cX2Ew6itxMoXwE7rufJJVX8MX89DUWnga57U5xUBIcS-1PnZO9bAJKTD7B3DHkJcWXKzX1YCOlJ0US9EUswAadC1WqJTx8tzOtP8W3abJIN4TIqCbSGnAyrsaBVS62zoUqpQm-dZOyjsd0rWRTAsMgVYngtEFIL-EKjOEmE7kVKFgRD1cYQMz0lzGoGQfTKUrCkZdrtn5Lm7jRm6JeRb1B9y6h6b178F0EoT5e1o8WAasLN7wiIVozTTgSdG3lzERSM5dADkU5OBW2L6PCpiR6YLcSgeEvDNUhAwFAAtTA472gsED8OPgNYjwHT9zGDgnh4z7TT7UTQ5HEH0NuTjCiRAdoKWlbaTdPw9OfFz2zowGFAzKqRQaGWXu-LaeQS25_P7dhX5OW7eJABWb7hILrO4veL5ubERcEGwNwv5YQTXf2XwvQFEhS7ZTyliO5xI4nTnsMWYmtPWRVbkPlMNNdUCCN68zpH3WTd_DISQamKnjd00f2AVMuvo6YnVcMCkN9Fu7JFTzmKdfm_HyS7ww4CpSES7ooWwU1v0wvUvn_Hm-eRAx4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.megamillions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers
6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 3554 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7073955107534177015/media/6d7052ff6df13eae564657f4b45cc79a.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073955107534177015/cc6b3873eb176a8a951ef41188915745.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7622
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2640
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:46:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 11:09:48 GMT
d39bc38b8e1b6d2ecf4f73f6f40ab434.png
s0.2mdn.net/sadbundle/7073955107534177015/media/ Frame 3554 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7073955107534177015/media/d39bc38b8e1b6d2ecf4f73f6f40ab434.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c77f9f006debdee2ec120a6349a31bf3678e42001251f2c4495b32f5fb77598f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:09:48 GMT
x-content-type-options
nosniff
age
7622
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3654
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:46:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 11:09:48 GMT
ibm_plex_sans_700_normal.ttf
s0.2mdn.net/sadbundle/7073955107534177015/fonts/ Frame 3554 		172 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7073955107534177015/fonts/ibm_plex_sans_700_normal.ttf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7073955107534177015/index.html?ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:09:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7618
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76650
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:46:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 11:09:52 GMT
6d7052ff6df13eae564657f4b45cc79a.svg
s0.2mdn.net/sadbundle/12691273737138261013/media/ Frame 75ED 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12691273737138261013/media/6d7052ff6df13eae564657f4b45cc79a.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12691273737138261013/190740797d80b1049e624ef11d8e67ae.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:01:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8150
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2640
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:45:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 11:01:00 GMT
2f746b2da0a7141497458aa87c51cb26.png
s0.2mdn.net/sadbundle/12691273737138261013/media/ Frame 75ED 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12691273737138261013/media/2f746b2da0a7141497458aa87c51cb26.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60e4d178cce4a76b62f9d8fe57b4216cc29e78e0b11ee891f029b71a03666094
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:01:05 GMT
x-content-type-options
nosniff
age
8145
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11511
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:45:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 11:01:05 GMT
ibm_plex_sans_700_normal.ttf
s0.2mdn.net/sadbundle/12691273737138261013/fonts/ Frame 75ED 		172 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12691273737138261013/fonts/ibm_plex_sans_700_normal.ttf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:01:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8145
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76650
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:45:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 11:01:05 GMT
f96b1a490dda2f2b2367b9a0eb7a4039.png
s0.2mdn.net/sadbundle/12691273737138261013/media/ Frame 75ED 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12691273737138261013/media/f96b1a490dda2f2b2367b9a0eb7a4039.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14045b1e42485d4b7ab414732eef9cb5e242d6e348047317a6b0855bc5d07bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12691273737138261013/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 11:01:01 GMT
x-content-type-options
nosniff
age
8149
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6924
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 08:45:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 11:01:01 GMT

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| gptadslots object| dataLayer object| adsbygoogle object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| PM_Postback function| PM_Callback function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find function| Type object| Sys object| _events object| CMS function| $ function| jQuery number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| nativeSplit boolean| compliantExecNpcg object| MMFunctions function| thousands_separators function| getQuerystringValue function| setCookie function| getCookie number| pageLoadCount function| pageLoad function| moment function| Picker boolean| isDropdown number| decimals object| stateResults object| GoogleGcLKhOms object| google_image_requests

19 Cookies

Domain/Path Name / Value
www.megamillions.com/ Name: CMSPreferredCulture
Value: en-US
www.megamillions.com/ Name: CMSCsrfCookie
Value: IR+xRWpZAl65JCx8aS8VG2/x5uXW4kt7Q6cz9prX
www.megamillions.com/ Name: ASP.NET_SessionId
Value: 2s1oolhl4rdjzq33mgvikwam
www.megamillions.com/ Name: __cflb
Value: 04dToR4AC4wcCE4urZzR1GyV6AzFjqbJP8y3yqtCJq
.megamillions.com/ Name: _gcl_au
Value: 1.1.1235565500.1692883005
.megamillions.com/ Name: _ga
Value: GA1.2.446175190.1692883005
.megamillions.com/ Name: _gid
Value: GA1.2.3503359.1692883006
.megamillions.com/ Name: _gat_UA-130954248-1
Value: 1
.megamillions.com/ Name: __gads
Value: ID=601b11c31e68a825:T=1692883005:RT=1692883005:S=ALNI_MaDv125c9hFaxR-u_tU0ViRjHCr4Q
.megamillions.com/ Name: __gpi
Value: UID=00000c8eb4414ab0:T=1692883005:RT=1692883005:S=ALNI_MZaZl1sS3JaEl2u2x1pFO2P8HCSfA
.doubleclick.net/ Name: IDE
Value: AHWqTUnqyy0aUE0Xe4t7wj9auHTaUJ8tqx3WpW2lZelDEI5cQTzINsW_5j3U3ioQ
.doubleclick.net/ Name: APC
Value: AfxxVi6K1Uc0wTvoz15XVdsNULO061gN7LXS9cBvfTM3IPap_7A27Q
.casalemedia.com/ Name: CMID
Value: ZOdYPrkazmeDWyBlWMon2AAA
.casalemedia.com/ Name: CMPS
Value: 3372
.casalemedia.com/ Name: CMPRO
Value: 3372
.adnxs.com/ Name: uuid2
Value: 7753540294153466474
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In8d91nE!]tbPl1M>e)ZlrFUfJ+tGXxpW^+hDN8^i0)J3Ov?Pt]xE]*/SO[80.ZJ0o7+3If)y3KL9D3I?+adaUEX
www.megamillions.com/ Name: __cfwaitingroom
Value: ChhyQjhDV3JPY1E4dE1SK1hkcStKNXRBPT0SrAI1dktRL0xkMGZkSXJ3dVZsaVlxbllyaWQzbGZYUy85QU1MOGRXKy9QUlN1N094NStWNEx2NTBxbG9zclNHczBWWE9TSHJlNDFkNDNJTVluUktCYVprTjVrWUl2eHdlTjNSbmJubm9DUlNDY1lnM3A3RnVrWlRxODlacHMxYjh3My9RS0JUOVVxcnl1ZW1tejlCRk14YnFFcWFVYmJTRWNsbjRSek84SW5CTi84M1Z6MFpJZGRLemZDRUVHQ0ZtVDZGNFJuaU83emc3NzgzSU0vVnNhcmpRaGNSc1FVeTJrbXAvRGNiZEZablpBazFpK2dtQVkwT0J4aWg0ekxyMXZkbC9JbXJ6Z0ptMzhGQ2NNd3RXTlFVSVhENExRMlh5d1R6VEtxRmtScnZZRT0%3D
.megamillions.com/ Name: _ga_LEMB5MVZDM
Value: GS1.2.1692883005.1.0.1692883009.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5d3370e86cb91fcb266467e6b01a9b04.safeframe.googlesyndication.com
cm.g.doubleclick.net
code.jquery.com
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.megamillions.com
172.217.18.2
172.217.23.98
185.80.39.216
185.89.211.84
2001:4860:4802:34::36
2001:4de0:ac18::1:a:3b
2606:4700:10::6816:69d
2606:4700:10::6816:79d
2a00:1450:4001:800::200e
2a00:1450:4001:803::2008
2a00:1450:4001:80b::2006
2a00:1450:4001:810::2001
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2001
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
07032e8bcef81ac0a3314c1e91f2974d5895b60bd0f24b1925ca296c32a0463e
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11b8b4fb9f9509a15bcc1aae9d7bc3df6c99df550ecc3ec7a3fc1e5b83a1acd2
11ddde88c29ef7e51f5c03da7fde285085469879139d006f631a62dba9bbd069
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14045b1e42485d4b7ab414732eef9cb5e242d6e348047317a6b0855bc5d07bd6
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1862caa79dc3c7272dc5ff90c7f8ca7d356005f0a4bd5d0812771305c2fb2f39
1e5e47be797c885594bd761877df8032c263f6db9ad47060f3204c42913bbefc
276c9e02c58a3c043348cb103438d3e09044b2698481197f84e123d487a1253c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34cce832fafd4507ca484d1662ac1ff62f68a844f9adb362867c60688761238b
39192faec21dd2fb08406b2c31162421e80d25199c6178685b92bbd4538c300e
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3a745299b23a8fa5444f94a5cc5e7cdeb4f9cfeb201fec2cea2dc5fc39e3d153
3af3fe1d9ee0f91fd52716ac75f12a6774346acdc1cbda6c9572b722ea60efe9
3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb
40306e4280da463798d4aa10abd0e01c930d9a78faa1d5934eeec293bb232b88
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
41b0be0e652dacd0fd7386c708b329372f307e685977b1962eaae12cc5dc1b80
45f4c8f64c6bab2f4bf1c372bd075be57c67ff285ab0820ce4572f76a6968e1d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a1bd531b87bf322748dbde57c9023eb9bea95bed15c35c3e06fa130443aa69
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
5ff4dc66fd6532e1fad835ddd8dd2d5bd85bf16c8446917b35cba94f9ba3fdf7
60a4c2adf55a446516ca71102322052818a2a63d618988021c5399140515baed
60e4d178cce4a76b62f9d8fe57b4216cc29e78e0b11ee891f029b71a03666094
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
636cc1523f3c1d2b2c03edb0e47eacb4f597b91b773bc8b8be4c14fe2d4b8880
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
76ecac9e305bdc4ee2f225e90a14df382164193882dbb70bb3cad88aca812180
79438ed4cb30c559e5993165f188352b1bdddf6dfbc6a2bccdc63fec17e2aa5f
7c07f37793f58b1f6f7371465d9aa2a44a60f072658b3e320d63da269e098bd4
7c4dc0511bf663fdc5442fe187473916350a74a68341d87dbdd633c8d1cebd3f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
856c41d7d47bba74b107e526ef8f49968fb2a3a129cdc3c5ef5899ba3c2dc181
85a27fcbaeaeb55eb3c904d80ea5ed4fca6f0ca2bf7aaa056cbee3abd619803a
867222183f7b4fdace7636718acb18b75476fc82e388130e0c06d7ec1103273d
8e5da3bbceb113a86469643352a53fc7e0174393cf50831faf6a24cd1202f318
975707e0f84fdf7439284679f4ae53d7e244140753e5d1dbb50ddf9a30d1c1b8
9abdc8e81f6991a8f0f31564e8713c0fba6b0779e8371cd3bfa40d520a04e616
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a3e5e7d48e0f6f7021fd1dd11565576fa80fd27820b1ea437ed4f5d2610ac6b6
a4d3857f716df845698c265d551ab31c0d95e9d987e557ffe540d01bbf627164
a629a2424ad41d63e025ac8d0756268ddd76877ed1d4f3a7a24109f13047289a
aa0f4b30121109e897514069b80d0c25e3c5cd9a070680034bdd9626e1de6c1d
b0eddd38c3ee8879fc453552b02bda1e2d94f754840e732a5786b2361214b41a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b78f9af2b63768474e2dff1a73b9ad3a7a31b158cc7395afc55f86725e75a150
b92399ab0505118d0ab7675e34fc78fd748e5ec1a486a12e6c9ce4cc654014fd
c0874c4dce1b1574e15e833e13cac204bb66cd4e93b92e346e33b0efacbf7fa9
c6c6dd40aae49f4a05c22b99e451d3230f78086a1a65d05e243f10e13942275f
c77f9f006debdee2ec120a6349a31bf3678e42001251f2c4495b32f5fb77598f
caf195ab94cbfaf21aaae06763f8600b9801e4a8423311963e8e913cddc06150
ce4ee855ad838bb8e93c16e43e92408b52af633204be155f2bf0d4d02cd8d171
ddd3f525a6f64abee80be8f8887a7840c3b0ae84c0f998061bd921aae32dd3e3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e057509264c5a413f27383e5c2ee24564a3a0a335b6d411dd38cd9315072a411
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
e68ab091dcaac5da2cf84298622805b8a9a002137b779a0416c8358ceaded22d
ea23fa178c761c715a00c4ceaa9b93ed323da784a903df018a4fb04b10288ca3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f37f368e39a68841b91036c0e79f9074f5519ad9ed04ad9cb40a44121e4839
f1a78e5cd385d1e4cb3ba302da4d392d38e34a9108c7f2cde85539a12aca201f
fa3efcb1022504df85ff9f59acd76923266eb8a078b3e746457223967d82ba2e
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e