urlscan.io logo urlscan.io
SecurityTrails logo

powerball.com Open in urlscan Pro
52.205.67.70  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://powerball.com/
Effective URL: https://powerball.com/
Submission: On April 16 via manual from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 50 IPs in 9 countries across 59 domains to perform 334 HTTP transactions. The main IP is 52.205.67.70, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is powerball.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 11th 2020. Valid for: a year.
This is the only time powerball.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 25 52.205.67.70 14618 (AMAZON-AES)
1 2600:9000:210... 16509 (AMAZON-02)
25 52.216.207.237 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a02:2638:1::3 44788 (ASN-CRITE...)
1 18.213.53.66 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
2 34.95.69.49 15169 (GOOGLE)
2 178.250.0.165 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
1 13.32.25.111 16509 (AMAZON-02)
7 79 34.98.64.218 15169 (GOOGLE)
6 99.84.155.134 16509 (AMAZON-02)
6 34.98.126.214 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
6 104.16.190.66 13335 (CLOUDFLAR...)
4 2.18.234.21 16625 (AKAMAI-AS)
4 213.19.162.61 3356 (LEVEL3)
4 152.199.21.35 15133 (EDGECAST)
4 185.64.189.112 62713 (AS-PUBMATIC)
25 216.58.212.162 15169 (GOOGLE)
6 2a00:1288:110... 34010 (YAHOO-IRD)
12 12 3.125.99.7 16509 (AMAZON-02)
16 16 35.158.9.168 16509 (AMAZON-02)
2 2 34.241.18.230 16509 (AMAZON-02)
12 18 52.51.154.44 16509 (AMAZON-02)
20 26 216.58.212.130 15169 (GOOGLE)
6 6 185.29.132.144 30419 (MEDIAMATH...)
6 6 2620:116:800d... 16509 (AMAZON-02)
9 9 37.157.2.238 198622 (ADFORM)
6 52.18.90.176 16509 (AMAZON-02)
2 2 18.158.167.137 16509 (AMAZON-02)
1 1 34.192.210.97 14618 (AMAZON-AES)
1 1 185.64.189.110 62713 (AS-PUBMATIC)
2 2 159.253.128.188 36351 (SOFTLAYER)
2 3.125.174.207 16509 (AMAZON-02)
3 3 185.33.220.145 29990 (ASN-APPNEX)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 66.155.71.25 13768 (COGECO-PEER1)
2 3.66.103.53 16509 (AMAZON-02)
3 3 151.101.114.49 54113 (FASTLY)
4 4 188.165.4.142 16276 (OVH)
4 4 51.222.80.231 16276 (OVH)
3 3 52.48.248.240 16509 (AMAZON-02)
2 2 2001:678:cb4:... 56396 (TURN)
2 4 35.186.253.211 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
6 2600:9000:210... 16509 (AMAZON-02)
2 213.19.147.150 3356 (LEVEL3)
2 2 193.0.160.128 54312 (ROCKETFUEL)
2 104.111.218.85 16625 (AKAMAI-AS)
2 3.126.63.176 16509 (AMAZON-02)
2 4 72.251.249.9 29791 (VOXEL-DOT...)
2 104.111.242.245 16625 (AKAMAI-AS)
2 34.96.105.8 15169 (GOOGLE)
2 4 52.95.116.38 16509 (AMAZON-02)
2 2 34.205.250.95 14618 (AMAZON-AES)
2 135.125.8.70 16276 (OVH)
2 52.35.124.117 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
10 2.18.235.93 16625 (AKAMAI-AS)
4 4 18.158.93.70 16509 (AMAZON-02)
2 2 35.210.178.101 15169 (GOOGLE)
334 50
25    52.205.67.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-67-70.compute-1.amazonaws.com
powerball.com
1    2600:9000:2104:7200:15:3f44:b280:21 (United States)

ASN16509 (AMAZON-02, US)
d2si3hiz85fm4q.cloudfront.net
25    52.216.207.237 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:20::681a:7ad (United States)

ASN13335 (CLOUDFLARENET, US)
code.ionicframework.com
3    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    18.213.53.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-53-66.compute-1.amazonaws.com
s.gweini.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
2    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    13.32.25.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-25-111.fra56.r.cloudfront.net
fs.gweini.com
79    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
lanista-bidder-d.openx.net
eu-u.openx.net
us-u.openx.net
6    99.84.155.134 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-155-134.txl52.r.cloudfront.net
d2tbmvllb55wxq.cloudfront.net
6    34.98.126.214 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 214.126.98.34.bc.googleusercontent.com
api.lanistaads.com
18    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
4    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
4    213.19.162.61 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
4    152.199.21.35 (United States)

ASN15133 (EDGECAST, US)
adserver.adtechus.com
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
25    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
securepubads.g.doubleclick.net
6    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
12    3.125.99.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
16    35.158.9.168 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
2    34.241.18.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
r.scoota.co
18    52.51.154.44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-154-44.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
26    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net
cm.g.doubleclick.net
6    185.29.132.144 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
9    37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
6    52.18.90.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
2    18.158.167.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.creative-serving.com
1    34.192.210.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
2    3.125.174.207 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-174-207.eu-central-1.compute.amazonaws.com
j.mrpdata.net
3    185.33.220.145 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
ib.adnxs.com
2    2a02:fa8:8806:20::2010 (United States)

ASN41041 (VCLK-EU-SE, US)
openx2-match.dotomi.com
2    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    3.66.103.53 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
match.justpremium.com
3    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    188.165.4.142 (France)

ASN16276 (OVH, FR)
green.erne.co
4    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
pixel.onaudience.com
3    52.48.248.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.crwdcntrl.net
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
4    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
6    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
77da5e4d71dda1e908b6f29e27a1e929.safeframe.googlesyndication.com
8d91326dfe3875d1c9c3c10e035e58eb.safeframe.googlesyndication.com
91381cfce1252bba543b5b36080293dc.safeframe.googlesyndication.com
77435924f9313dfa7fe52419e1d3ea4f.safeframe.googlesyndication.com
d8d00c858a05120dd7e1a9b9faf5eab9.safeframe.googlesyndication.com
5e35c87121912fa19f86df9e780d26bd.safeframe.googlesyndication.com
18    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
19    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2600:9000:2104:a00:e:ff8:b40:93a1 (United States)

ASN16509 (AMAZON-02, US)
deio3v2go54x9.cloudfront.net
2    213.19.147.150 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
2    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    104.111.218.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-85.deploy.static.akamaitechnologies.com
ad.yieldlab.net
2    3.126.63.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
4    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
2    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
tr.blismedia.com
4    52.95.116.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    34.205.250.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
2    135.125.8.70 (France)

ASN16276 (OVH, FR)
gu.dyntrk.com
2    52.35.124.117 (Boardman, United States)

ASN16509 (AMAZON-02, US)
wowyowapi.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
csi.gstatic.com
10    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
lg3.media.net
4    18.158.93.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-93-70.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
2    35.210.178.101 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 101.178.210.35.bc.googleusercontent.com
a.volvelle.tech
Apex Domain
Subdomains		 Transfer
83 openx.net
lanista-bidder-d.openx.net
eu-u.openx.net
us-u.openx.net
rtb.openx.net
361 KB
52 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
677 KB
43 googlesyndication.com
77da5e4d71dda1e908b6f29e27a1e929.safeframe.googlesyndication.com
tpc.googlesyndication.com
8d91326dfe3875d1c9c3c10e035e58eb.safeframe.googlesyndication.com
91381cfce1252bba543b5b36080293dc.safeframe.googlesyndication.com
pagead2.googlesyndication.com
77435924f9313dfa7fe52419e1d3ea4f.safeframe.googlesyndication.com
d8d00c858a05120dd7e1a9b9faf5eab9.safeframe.googlesyndication.com
5e35c87121912fa19f86df9e780d26bd.safeframe.googlesyndication.com
143 KB
25 amazonaws.com
s3.amazonaws.com
2 MB
25 powerball.com
powerball.com
261 KB
18 bidr.io
match.prod.bidr.io
9 KB
18 googletagservices.com
www.googletagservices.com
505 KB
16 bidswitch.net
x.bidswitch.net
5 KB
13 cloudfront.net
d2si3hiz85fm4q.cloudfront.net
d2tbmvllb55wxq.cloudfront.net
deio3v2go54x9.cloudfront.net
2 MB
12 w55c.net
pm.w55c.net
9 KB
10 media.net
contextual.media.net
lg3.media.net
109 KB
9 adform.net
c1.adform.net
4 KB
6 google.com
adservice.google.com
775 B
6 google.de
adservice.google.de
1 KB
6 adsrvr.org
match.adsrvr.org
2 KB
6 quantserve.com
pixel.quantserve.com
3 KB
6 mathtag.com
sync.mathtag.com
4 KB
6 yahoo.com
pr-bh.ybp.yahoo.com
4 KB
6 districtm.io
dmx.districtm.io
840 B
6 lanistaads.com
api.lanistaads.com
387 B
5 pubmatic.com
hbopenbid.pubmatic.com
image2.pubmatic.com
1 KB
4 mfadsrvr.com
rtb.mfadsrvr.com
3 KB
4 amazon-adsystem.com
aax-eu.amazon-adsystem.com
2 KB
4 lijit.com
ce.lijit.com
2 KB
4 onaudience.com
pixel.onaudience.com
2 KB
4 erne.co
green.erne.co
1007 B
4 adtechus.com
adserver.adtechus.com
256 B
4 rubiconproject.com
fastlane.rubiconproject.com
6 KB
4 casalemedia.com
as-sec.casalemedia.com
2 KB
3 crwdcntrl.net
sync.crwdcntrl.net
2 KB
3 everesttech.net
sync-tm.everesttech.net
713 B
3 adnxs.com
ib.adnxs.com
3 KB
3 criteo.com
bidder.criteo.com
gum.criteo.com
436 B
3 criteo.net
static.criteo.net
38 KB
2 volvelle.tech
a.volvelle.tech
1 KB
2 wowyowapi.com
wowyowapi.com
2 KB
2 dyntrk.com
gu.dyntrk.com
430 B
2 ipredictive.com
sync.ipredictive.com
874 B
2 blismedia.com
tr.blismedia.com
249 B
2 teads.tv
sync.teads.tv
344 B
2 advertising.com
pixel.advertising.com
249 B
2 yieldlab.net
ad.yieldlab.net
720 B
2 rfihub.com
p.rfihub.com
1 KB
2 1rx.io
sync.1rx.io
374 B
2 turn.com
ad.turn.com
882 B
2 justpremium.com
match.justpremium.com
521 B
2 sitescout.com
pixel-sync.sitescout.com
560 B
2 dotomi.com
openx2-match.dotomi.com
207 B
2 mrpdata.net
j.mrpdata.net
150 B
2 simpli.fi
um.simpli.fi
1014 B
2 creative-serving.com
ads.creative-serving.com
1 KB
2 scoota.co
r.scoota.co
1 KB
2 clean.gg
i.clean.gg
104 B
2 google-analytics.com
www.google-analytics.com
19 KB
2 gweini.com
s.gweini.com
fs.gweini.com
24 KB
2 ionicframework.com
code.ionicframework.com
110 KB
1 gstatic.com
csi.gstatic.com
331 B
1 stackadapt.com
sync.srv.stackadapt.com
619 B
1 googleapis.com
fonts.googleapis.com
1 KB
334 59
Domain Requested by
34 us-u.openx.net 2 redirects eu-u.openx.net
34 eu-u.openx.net 4 redirects powerball.com
eu-u.openx.net
26 cm.g.doubleclick.net 20 redirects eu-u.openx.net
25 securepubads.g.doubleclick.net powerball.com
securepubads.g.doubleclick.net
25 s3.amazonaws.com powerball.com
s3.amazonaws.com
25 powerball.com 4 redirects powerball.com
19 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
powerball.com
18 tpc.googlesyndication.com powerball.com
18 match.prod.bidr.io 12 redirects eu-u.openx.net
18 www.googletagservices.com powerball.com
d2si3hiz85fm4q.cloudfront.net
16 x.bidswitch.net 16 redirects
12 pm.w55c.net 12 redirects
11 lanista-bidder-d.openx.net 1 redirects powerball.com
lanista-bidder-d.openx.net
9 c1.adform.net 9 redirects
6 contextual.media.net wowyowapi.com
contextual.media.net
powerball.com
6 deio3v2go54x9.cloudfront.net d2si3hiz85fm4q.cloudfront.net
6 adservice.google.com powerball.com
6 adservice.google.de powerball.com
6 match.adsrvr.org eu-u.openx.net
6 pixel.quantserve.com 6 redirects
6 sync.mathtag.com 6 redirects
6 pr-bh.ybp.yahoo.com eu-u.openx.net
6 dmx.districtm.io d2tbmvllb55wxq.cloudfront.net
6 api.lanistaads.com powerball.com
6 d2tbmvllb55wxq.cloudfront.net d2si3hiz85fm4q.cloudfront.net
4 rtb.mfadsrvr.com 4 redirects
4 lg3.media.net wowyowapi.com
4 aax-eu.amazon-adsystem.com 2 redirects eu-u.openx.net
4 ce.lijit.com 2 redirects eu-u.openx.net
4 rtb.openx.net 2 redirects eu-u.openx.net
4 pixel.onaudience.com 4 redirects
4 green.erne.co 4 redirects
4 hbopenbid.pubmatic.com d2tbmvllb55wxq.cloudfront.net
4 adserver.adtechus.com d2tbmvllb55wxq.cloudfront.net
4 fastlane.rubiconproject.com d2tbmvllb55wxq.cloudfront.net
4 as-sec.casalemedia.com d2tbmvllb55wxq.cloudfront.net
3 sync.crwdcntrl.net 3 redirects
3 sync-tm.everesttech.net 3 redirects
3 ib.adnxs.com 3 redirects
3 static.criteo.net powerball.com
2 a.volvelle.tech 2 redirects
2 wowyowapi.com powerball.com
2 gu.dyntrk.com eu-u.openx.net
2 sync.ipredictive.com 2 redirects
2 tr.blismedia.com eu-u.openx.net
2 sync.teads.tv eu-u.openx.net
2 pixel.advertising.com eu-u.openx.net
2 ad.yieldlab.net eu-u.openx.net
2 p.rfihub.com 2 redirects
2 sync.1rx.io eu-u.openx.net
2 ad.turn.com 2 redirects
2 match.justpremium.com eu-u.openx.net
2 pixel-sync.sitescout.com 2 redirects
2 openx2-match.dotomi.com eu-u.openx.net
2 j.mrpdata.net eu-u.openx.net
2 um.simpli.fi 2 redirects
2 ads.creative-serving.com 2 redirects
2 r.scoota.co 2 redirects
2 bidder.criteo.com static.criteo.net
2 i.clean.gg d2si3hiz85fm4q.cloudfront.net
2 www.google-analytics.com powerball.com
www.google-analytics.com
2 code.ionicframework.com powerball.com
code.ionicframework.com
1 csi.gstatic.com securepubads.g.doubleclick.net
1 5e35c87121912fa19f86df9e780d26bd.safeframe.googlesyndication.com powerball.com
1 d8d00c858a05120dd7e1a9b9faf5eab9.safeframe.googlesyndication.com powerball.com
1 77435924f9313dfa7fe52419e1d3ea4f.safeframe.googlesyndication.com powerball.com
1 91381cfce1252bba543b5b36080293dc.safeframe.googlesyndication.com powerball.com
1 8d91326dfe3875d1c9c3c10e035e58eb.safeframe.googlesyndication.com powerball.com
1 77da5e4d71dda1e908b6f29e27a1e929.safeframe.googlesyndication.com powerball.com
1 image2.pubmatic.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 fs.gweini.com d2si3hiz85fm4q.cloudfront.net
1 gum.criteo.com d2si3hiz85fm4q.cloudfront.net
1 stats.g.doubleclick.net www.google-analytics.com
1 s.gweini.com powerball.com
1 fonts.googleapis.com powerball.com
1 d2si3hiz85fm4q.cloudfront.net powerball.com
334 77

This site contains no links.

Subject Issuer Validity Valid
*.powerball.com
Go Daddy Secure Certificate Authority - G2		 2020-12-11 -
2022-01-12		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2020-08-04 -
2021-08-09		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
ionicframework.com
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
gweini.com
Amazon		 2020-12-08 -
2022-01-06		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2021-04-15 -
2021-07-14		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
api.lanistaads.com
GTS CA 1D2		 2021-03-20 -
2021-06-18		 3 months crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.adtechus.com
GeoTrust RSA CA 2018		 2019-08-07 -
2021-08-07		 2 years crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.mrpdata.net
Amazon		 2020-12-04 -
2022-01-02		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
tracking.justpremium.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
*.yieldlab.net
DigiCert SHA2 Secure Server CA		 2021-03-09 -
2022-03-14		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
teads.tv
R3		 2021-02-18 -
2021-05-19		 3 months crt.sh
tr.blismedia.com
GTS CA 1D2		 2021-03-03 -
2021-06-01		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
gu.dyntrk.com
R3		 2021-04-11 -
2021-07-10		 3 months crt.sh
wowyowapi.com
Amazon		 2020-09-08 -
2021-10-08		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh

This page contains 34 frames:

Primary Page: https://powerball.com/
Frame ID: F6BE07AE7BAE48DA1F387A34544EC2A8
Requests: 67 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=powerball.com
Frame ID: ACEBD00D518E1C5877BFE40360F9D7BE
Requests: 1 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: 24DDB68CE461948C02C33EFE954DD19E
Requests: 14 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: 49D61778F9789621936F65028913F487
Requests: 14 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: CAF07FF0783C210AB163408EE9F23435
Requests: 19 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: BFBE86F45BDEFA13C77BB4CFA116ADD2
Requests: 19 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: 49DDCE853BDDD915F8DB92E6649F8695
Requests: 19 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: 8FD87B9CB1127CC16DAEFD0A1E6EA0A9
Requests: 19 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Frame ID: FE5C1E9C61F8883482810898A31204BB
Requests: 11 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Frame ID: E44EC69C5A5A2563E7BA423FF211D961
Requests: 11 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Frame ID: 450372E506812EDD510514E73998F5CC
Requests: 11 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Frame ID: 4D05817BC334B2B3282556CE88B2631F
Requests: 11 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: CD122A325C7CC5FB556EA8B6ABD06796
Requests: 11 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: 8E0E889169965188070C4FF6161A4AEB
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 30479BBB52991D73E2DF7DD4CF55438F
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVf-arYCHewS1ghZfsRjJX66x5ar2_wP63IkDzTh0x4CUyMXtBRITC6tgt4wK7Qj6DlSEDPPK8U4QyMGmEAgDZQG-WLXoPQozEsYN-JoctR-tAeFmgtldCWSpcHfIO4FpPFAi4erWqLTg0eTJ04eC9qHhjnxjoSCkELJJlH4KVRE5nOdv2_nw07y1lClGTXGmf3tkAoWaLwFdAsp5CgczIPmI_9CQY0gzugVXn3VNefuFwv6ek2MjNnjuRwJqqXCN5aQ9IPkLbxEYt6zqo8EIQlO6yeoTcnlSj_50Dm3P4G022EQpE&sai=AMfl-YRfVNc26JYIa3ZrLgIu14TsSumfi3u8IHvAUvZR2sr8o5ARg4w1Nh4YsXIXGsvZU-5KqCVgQBCC27Qy29XsecdfcbBKUX8RQKWHEzQEi7Cr6qDUwFGeuOghBX0fhyPH&sig=Cg0ArKJSzO9o0cwKuhAcEAE&urlfix=1&adurl=
Frame ID: D4EB73A2B20EF243D497D092F5D11E45
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsugx7OXADuwdaciamlaYaWsZweYJijpyvqS7JAMrHnO_CVAXA_JDpkASMvfhFBsTgSxjc2jm4ejx06HB6J7ljYg8GaPWtcwNwClP0FWmIWxKmuXl6SMQp8x-m-Z4yGAlS7Nnl1AQ8geHOk_39KXPUOg_EIcxTrmfMyfsgK1jqEXt5jqrYY351W73lRNvhfoSnR6-0o_bnI3bbAIgA6AXjl0QIe_-UE-zWeBjiHYfFPuTBSpUDdcrEqaV7ryVxHOhW737R93Disvhe40X1Mswp2Nzi0qQMg7Z-SpqOw6zqKepUB0GCk_Jd0VBwU&sai=AMfl-YTUfJVJTi5_HUS7bHn1zR9C-A3pBK5nnPA8AwmyfCly0nOqfzJx4ACsy0_LV2cgkKFSprIzU7MIYf8y4w2hy7fyJYv9XE51Fhz2AqR_nGU3CGu1bDaUftRgQRSD7UA-&sig=Cg0ArKJSzPHJD-IFg1TxEAE&urlfix=1&adurl=
Frame ID: F2A4A257B5E829C5A76EC5A7D01339A4
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswmDFb_KUi-yKIsmyOcK9A862ZsGz1NOgOdo8IOuzXO8zrm1tVbQXzNBrrAD47s33U0JsLDRXAVc6Fez-zp2qHg_UWabEDGXah7yRlomkp8VrLd3uPSqrcKVn_UxCQ0rA6hw2MWDbj6pLJD3flKLDkBFi39pSCFuQjhh4kxP29Hoee7QudxfJmgHIYZZ1GYN9YyzgAUSKgZo5j4kF2R-SD0W3rSV2VjsVM2HoVK-gXBXd_oPRM93jxAN-AUDWGc7heT8kohZV141r0SfmAtcdTMXoyCdwJlQQVqy9IxifJ1JRUj6d6&sai=AMfl-YSB6nxHb0FCs43PNEc9un_DcAvCd8iDKAUmXR7h94fjCEbTmNLZDTtPTCX3iJ0RDjb46FOi0Z4uWAJRKISi0dVPilXF6QYgQqAOkzptoWD9wg2bonk5pZVieQGDY6nV&sig=Cg0ArKJSzC7fiHnpz2tWEAE&urlfix=1&adurl=
Frame ID: 9DE12AFAA225774FA11F424BB2B77024
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAO84bvnPYlmBseoRl6OD-y2fl2P-Zxc8CNIX94zQwuK-UzwwiJIXnwo-2EsCzY-tOWz9qb_sCgYA7oftpk9RKfjV0OJFLXRL7Fv8liM2DxFYF5JxZYSZwzRINcqkThrivpGY0g8IlNjjyEH_LxS_YXweN7IjLBL0JWAmYduQf1YUtTMzOxbGijIC_WuIRrckHCpyP1sYTTRnB2ASTE_-7uLCo5JpcAs2YxjZLySAQdAUNq4ex-fZz1VRHhwI7DVX4ntR6tpqyJnUJcdJfv4EMDUzBzdOt8rR7DWzsg9BDbGfXHmJq&sai=AMfl-YTKRUrwfjFXpPX85QfRj4H_paF_CUx7uQ6BO8tjkO-Dn-HtaN-Z-JjPBjmZlqbIVCsDJdaxujK0vFVBnsy1pBwKT1wCW9BYC-G8avuzy3kuPpAJiinXqsgq9nIDegQ&sig=Cg0ArKJSzI2m9fBfYOGuEAE&urlfix=1&adurl=
Frame ID: F2065B071A46102A4F752F3551F6CB5B
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst79rcxNpqYeTkYCxIOnITP_dAbnU54XSXbkyAz56thn1VQErZJ7k4XIkArtgfx3mgBw-_jEhTy8_iMGU2fWhA37VrYeB1WWvxG5y6OV_ZmLw8CWFCkpKn3WdlSS5A08un4ExOmmITmPnbdr7lc1NZHTh4YvEJFKmaZXMz9wLxHL-M_axUzxJFI49cR0rDlZYdhVEtVVp_6vg13T-umOZ0AwmMnBPNEJSP80RYqhSPRzil6rlkjJmcDd2LoRnoa7DPxU12q9BglbjWmkZOVSj244JBZzwZjp6p6bxOQsUGNGPDIbfo9&sai=AMfl-YQo12DSuodD1y-BKXNkVsewyI32CbyK6O9sPfNnrwhzVO-HUptgZwkqt7TvjZ_cuV4i-fI6EJtx7e2qw1WyLCHJcFhqMydGDwIyivRiMXQLaLvi17_yUXbHiCu2wm4&sig=Cg0ArKJSzH28fpST99rjEAE&urlfix=1&adurl=
Frame ID: 60CEE3FE8B01AE203EDBF3545D72E4D6
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGrQl1NNGebe8JbcKPVNG0ckx1UFpx8zuCByMfb0u_ypnTkS4LCJolQCTzVJ3yaRp-4drcXyehUMDEvG6BcaMHALagO8Loz-dBAPxuDe7p5-UBeF9D9ukTOFt6hzYQ4EbVUaq-0JoLuPzoLh6OGawBBqY4SXc1HU7QHDD0PhxqInMz7GIOlOj9hoeCEdFlD2SUBi5InQQjVpTN3lHDwil-QjfauLSjm7aVX8HHGkQ5NXJKqAVoIqiO6wVZHeMfAVzUQQMkPYEGxcZt-Yvi-x-NrXQWDHTjJKRfptLVcj7wodxTNizs&sig=Cg0ArKJSzFC1FFkR4zm7EAE&urlfix=1&adurl=
Frame ID: 3B181B82FCB65DF5F87C18A0BD6B2AF1
Requests: 7 HTTP requests in this frame

Frame: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=powerball.com
Frame ID: 176BE88DBC9E680088B5D07249E03C69
Requests: 5 HTTP requests in this frame

Frame: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=powerball.com
Frame ID: 12033D0C35B3D0476F4DD07D35C0BD5D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 4032EB2ED0342D217F054F8A7ED179FA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: B978E117755DAC1EBE232477E35110C9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 68084256382D676AEED438619B03FBEC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 4292C1393BE28AF75BAFB16FF6EB6C63
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: F875FF8E064A72ADF6F7390EAE0080DA
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU2R40WC&https=1&itype=CM
Frame ID: 712BA64534239FF408D75B773FB846EB
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU2R40WC&https=1&itype=CM
Frame ID: 816AD7C2391D80F14DBF9B70217E35F8
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: FA8C09E526C1CC61B00C930BB4AB0D53
Requests: 11 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: C5374801BB61920F5E9D651C8BEA8CB6
Requests: 11 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: 58736DC86725BF192243FBA0B62DC841
Requests: 11 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: 003DFBEDD3C7593CAC2F2678864993B1
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://powerball.com/ HTTP 302
    https://powerball.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /^Drupal(?:\s([\d.]+))?/i
  • headers expires /19 Nov 1978/i
Overall confidence: 100%
Detected patterns
  • meta generator /^Drupal(?:\s([\d.]+))?/i
  • headers expires /19 Nov 1978/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+ionicons(?:\.min)?\.css/i

Page Statistics

334
Requests

100 %
HTTPS

29 %
IPv6

59
Domains

77
Subdomains

50
IPs

9
Countries

6434 kB
Transfer

10076 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://powerball.com/ HTTP 302
    https://powerball.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://powerball.com/s3fs-css/css/css_1DFi35umdFv1MNKkHZmJzpYn5tw5tRuSPJwTuWnxeGs.css HTTP 302
  • https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_1DFi35umdFv1MNKkHZmJzpYn5tw5tRuSPJwTuWnxeGs.css
Request Chain 4
  • https://powerball.com/s3fs-css/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css HTTP 302
  • https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
Request Chain 29
  • https://powerball.com/s3fs-js/js/js_PiiWZWXIP2qwdgCt_1MIoezFQmG2p5c7Xkbu7vAEPOI.js HTTP 302
  • https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_PiiWZWXIP2qwdgCt_1MIoezFQmG2p5c7Xkbu7vAEPOI.js
Request Chain 81
  • https://lanista-bidder-d.openx.net/w/1.0/acj?ai=87b90201-c722-478b-83c1-3fe714277706&o=20a0d620c713bc&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ifr=1&tws=1600x1200 HTTP 302
  • https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=87b90201-c722-478b-83c1-3fe714277706&o=20a0d620c713bc&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ifr=1&tws=1600x1200
Request Chain 122
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=n3dnCElZ1LxhRi5
Request Chain 123
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=00918906-0e2d-431f-bca6-493091024b3f&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=fef8a1ca-a1e7-4b63-a151-4325341ace93
Request Chain 124
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEUklVN0E4bG9BQUNzWDE0d21iZw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 125
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=cb796079-2cf4-4700-869a-1c9371ad40aa
Request Chain 126
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=BEdAngAUEZMfRUSQVhVakQRDE8IfExOfBESbEhV_
Request Chain 127
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6792912830781530008
Request Chain 129
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTJhYTZlZGYtM2FmZC02OGQwLTU2NjktNjAzY2Y0MDRiM2I2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTJhYTZlZGYtM2FmZC02OGQwLTU2NjktNjAzY2Y0MDRiM2I2&google_tc=
Request Chain 130
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKYZkeqYU4ahEFp_S2PC23A&google_cver=1
Request Chain 132
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=n3dnCElZ1LxhRi5 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=537072979&val=n3dnCElZ1LxhRi5
Request Chain 133
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=9218e55e-a321-4067-8f88-fa447e6ff8a8 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=9218e55e-a321-4067-8f88-fa447e6ff8a8 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=9bb88330-350a-40af-97fe-16998ea6e53e&ssp=openx&expires=30&user_group=5&bsw_param=9218e55e-a321-4067-8f88-fa447e6ff8a8 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=9bb88330-350a-40af-97fe-16998ea6e53e&ssp=openx&expires=30&user_group=5&bsw_param=9218e55e-a321-4067-8f88-fa447e6ff8a8 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=fef8a1ca-a1e7-4b63-a151-4325341ace93
Request Chain 134
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGaFJrN0E4bG9BQUNwQW5uQjhiQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGaFJrN0E4bG9BQUNwQW5uQjhiQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1&google_tc= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 135
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=102a6079-2cf3-4000-8588-928e7119c680
Request Chain 136
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=YA4xKGRdYCV7DDUkNA8rdTUJNSB7BjFzbgenOHXp
Request Chain 137
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3985984458423751493
Request Chain 139
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTJhYTZlZGYtM2FmZC02OGQwLTU2NjktNjAzY2Y0MDRiM2I2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTJhYTZlZGYtM2FmZC02OGQwLTU2NjktNjAzY2Y0MDRiM2I2&google_tc=
Request Chain 140
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDdl3RYq3Vctf_ibn9K9E8E&google_cver=1
Request Chain 142
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=n3dnCElZ1LxhRi5
Request Chain 143
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=openx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=OOtIwUDvSnV5DJmkrOxpw1JmEnI&user_group=1&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=fef8a1ca-a1e7-4b63-a151-4325341ace93
Request Chain 144
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADRIU7A8loAACsX14wmbg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 145
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6ad16079-2cf4-4000-9312-ea027ebe8143 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=6ad16079-2cf4-4000-9312-ea027ebe8143
Request Chain 146
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=k6pov5f5ObKIqGy-lv5y5JOsZreIq23jkq7eFT7T
Request Chain 147
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3778841830798321518
Request Chain 149
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTJhYTZlZGYtM2FmZC02OGQwLTU2NjktNjAzY2Y0MDRiM2I2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTJhYTZlZGYtM2FmZC02OGQwLTU2NjktNjAzY2Y0MDRiM2I2&google_tc=
Request Chain 150
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEML8bOD3PqsEY6Y5cAU4A4k&google_cver=1
Request Chain 152
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=6351AA925E474BC38EAA80051C55804D
Request Chain 154
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4408666218454809289
Request Chain 156
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
Request Chain 158
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YHks9wAAJiYd8QA4 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YHks9wAAJiYd8QA4&_test=YHks9wAAJiYd8QA4
Request Chain 159
  • https://green.erne.co/openx/cm HTTP 302
  • https://pixel.onaudience.com/?mapped=Vc4Mi7oFbrFj8Vg4vhpgWpld&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253DVc4Mi7oFbrFj8Vg4vhpgWpld HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253DVc4Mi7oFbrFj8Vg4vhpgWpld HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253DVc4Mi7oFbrFj8Vg4vhpgWpld HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=282f0e97a4baf3cd7c1bde1b4fea9303&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253DVc4Mi7oFbrFj8Vg4vhpgWpld HTTP 302
  • https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3DVc4Mi7oFbrFj8Vg4vhpgWpld HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=Vc4Mi7oFbrFj8Vg4vhpgWpld
Request Chain 160
  • https://ad.turn.com/r/cs?pid=9&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3636388516962881894&gdpr=1&gdpr_consent=&us_privacy=
Request Chain 161
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=4ZM3KVoMj1ql_XYy7f9HbA==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 224
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=875739025969568148
Request Chain 225
  • https://us-u.openx.net/w/1.0/cm?id=7a314129-4014-4857-bd4a-aafa9d87c263&r=https://ad.yieldlab.net/m?dt_id=2448064&ext_id= HTTP 302
  • https://ad.yieldlab.net/m?dt_id=2448064&ext_id=f43a4a5f-a317-0f71-331e-1b83c1887ce2
Request Chain 227
  • https://ce.lijit.com/merge?pid=76&3pid=522b63d5-193e-0c79-0435-8c2346574284 HTTP 302
  • https://ce.lijit.com/merge?pid=76&3pid=522b63d5-193e-0c79-0435-8c2346574284&dnr=1
Request Chain 228
  • https://eu-u.openx.net/w/1.0/cm?id=05b4ec5e-f604-4a08-bcaf-b4806bac0361&r=https://sync.teads.tv/um?eid=64&uid= HTTP 302
  • https://sync.teads.tv/um?eid=64&uid=8bbfe728-1507-0d2e-32fb-05f937a3bde0
Request Chain 230
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=6613c168-ef20-8d8e-8387-b81256d5b636 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=6613c168-ef20-8d8e-8387-b81256d5b636&dcc=t
Request Chain 231
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=03a41487-9e7c-11eb-a768-37a8b585c26b
Request Chain 234
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=1871316019233727457
Request Chain 235
  • https://us-u.openx.net/w/1.0/cm?id=7a314129-4014-4857-bd4a-aafa9d87c263&r=https://ad.yieldlab.net/m?dt_id=2448064&ext_id= HTTP 302
  • https://ad.yieldlab.net/m?dt_id=2448064&ext_id=f43a4a5f-a317-0f71-331e-1b83c1887ce2
Request Chain 237
  • https://ce.lijit.com/merge?pid=76&3pid=522b63d5-193e-0c79-0435-8c2346574284 HTTP 302
  • https://ce.lijit.com/merge?pid=76&3pid=522b63d5-193e-0c79-0435-8c2346574284&dnr=1
Request Chain 238
  • https://eu-u.openx.net/w/1.0/cm?id=05b4ec5e-f604-4a08-bcaf-b4806bac0361&r=https://sync.teads.tv/um?eid=64&uid= HTTP 302
  • https://sync.teads.tv/um?eid=64&uid=8bbfe728-1507-0d2e-32fb-05f937a3bde0
Request Chain 240
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=6613c168-ef20-8d8e-8387-b81256d5b636 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=6613c168-ef20-8d8e-8387-b81256d5b636&dcc=t
Request Chain 241
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=03b21da2-9e7c-11eb-9264-1bb6de4ce876
Request Chain 292
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=zW1ZyJLF1LxhRl5
Request Chain 293
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=fef8a1ca-a1e7-4b63-a151-4325341ace93 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=fef8a1ca-a1e7-4b63-a151-4325341ace93 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=28efa464-e9da-4db2-9c43-bc4e6080eb59&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=fef8a1ca-a1e7-4b63-a151-4325341ace93
Request Chain 294
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCbWFVN0E4bG9BQUNuVndIYjZpUQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 295
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ce1f6079-2cf7-4900-82a0-4a145538619b
Request Chain 296
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=R3A7W0MjalVcIT0BRnEhUBd0NFRccG1QQXcRiQgE
Request Chain 297
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6792912830781530008
Request Chain 300
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKYZkeqYU4ahEFp_S2PC23A&google_cver=1
Request Chain 302
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=7cpcidSs1LxhRl5
Request Chain 303
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=7bd0c4c7-2a95-4789-9056-3b9bf06970b5&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=fef8a1ca-a1e7-4b63-a151-4325341ace93
Request Chain 304
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDc1VFN0E4bG9BQUNuWDE0d21iZw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 305
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=101a6079-2cf7-4600-abf3-6b5751c03469
Request Chain 306
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=zyJpbstxOGDUc2w2nXZzbpohbGXUcG9unHdYFR55
Request Chain 307
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6792912830781530008
Request Chain 310
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKYZkeqYU4ahEFp_S2PC23A&google_cver=1
Request Chain 312
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=7cpcidSs1LxhRl5
Request Chain 313
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=fef8a1ca-a1e7-4b63-a151-4325341ace93 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=fef8a1ca-a1e7-4b63-a151-4325341ace93 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=937b2c99-2994-4206-aa93-2383fd9d9b62&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=fef8a1ca-a1e7-4b63-a151-4325341ace93
Request Chain 314
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGS2ZrN0E4bG9BQUNxWG5uQjhiQQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 315
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e0996079-2cf7-4100-ba35-be5fa0290bdd
Request Chain 316
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=0k3_l9YerpnJHPuc3EXlnoBP_s3JHKqe1x7he641
Request Chain 317
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6792912830781530008
Request Chain 320
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKYZkeqYU4ahEFp_S2PC23A&google_cver=1
Request Chain 326
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=6351AA925E474BC38EAA80051C55804D
Request Chain 328
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4408666218454809289
Request Chain 330
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
Request Chain 332
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YHks9wAAJiYd8QA4
Request Chain 333
  • https://green.erne.co/openx/cm HTTP 302
  • https://pixel.onaudience.com/?mapped=Vc4Mi7oFbrFj8Vg4vhpgWpld&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253DVc4Mi7oFbrFj8Vg4vhpgWpld HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253DVc4Mi7oFbrFj8Vg4vhpgWpld HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=282f0e97a4baf3cd7c1bde1b4fea9303&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253DVc4Mi7oFbrFj8Vg4vhpgWpld HTTP 302
  • https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3DVc4Mi7oFbrFj8Vg4vhpgWpld HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=Vc4Mi7oFbrFj8Vg4vhpgWpld
Request Chain 334
  • https://ad.turn.com/r/cs?pid=9&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3566299048738672998&gdpr=1&gdpr_consent=&us_privacy=
Request Chain 335
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=cm35ARSlxWg74Bo4P1oNxQ==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

334 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
powerball.com/
Redirect Chain
  • http://powerball.com/
  • https://powerball.com/
95 KB
95 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.67.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-67-70.compute-1.amazonaws.com
Software
Apache /
Resource Hash
03593a6d6bddbf335c57d74a88f2680e2907ba9b032e3c3885072cb7edb2e5b3
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
powerball.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:38 GMT
content-type
text/html; charset=UTF-8
server
Apache
x-content-type-options
nosniff nosniff
cache-control
max-age=86400, public
x-drupal-dynamic-cache
HIT
link
<http://powerball.com/>; rel="shortlink", <http://powerball.com/>; rel="canonical" <http://powerball.com/games/home>; rel="alternate"; hreflang="en" <http://powerball.com/es/games/home>; rel="alternate"; hreflang="es" <http://powerball.com/games/home>; rel="revision"
x-ua-compatible
IE=edge
content-language
en
x-frame-options
SAMEORIGIN
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Thu, 15 Apr 2021 14:41:46 GMT
etag
"1618497706"
vary
Cookie
x-generator
Drupal 8 (https://www.drupal.org)
x-drupal-cache
HIT

Redirect headers

Date
Fri, 16 Apr 2021 06:21:37 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
206
Connection
keep-alive
Server
Apache
X-Content-Type-Options
nosniff
Location
https://powerball.com/
Cache-Control
max-age=1209600
Expires
Fri, 30 Apr 2021 06:21:37 GMT
script.js
d2si3hiz85fm4q.cloudfront.net/ 		117 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2si3hiz85fm4q.cloudfront.net/script.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:7200:15:3f44:b280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f090e0970ee670ffb00bd0783fa690f1c56c03847ea4392ac7366d9aafcdebd5

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:38 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 11:30:38 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
etag
W/"8a8314e11bde9bf3585d3d8ff07de973"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-amz-cf-id
IG28BGrj3lryWi7kMvRA0G7aU_0z9v6EvuM1VcwmAz07B-l2lgOghQ==
css_1DFi35umdFv1MNKkHZmJzpYn5tw5tRuSPJwTuWnxeGs.css
s3.amazonaws.com/cdn.powerball.com/drupal/files/css/
Redirect Chain
  • https://powerball.com/s3fs-css/css/css_1DFi35umdFv1MNKkHZmJzpYn5tw5tRuSPJwTuWnxeGs.css
  • https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_1DFi35umdFv1MNKkHZmJzpYn5tw5tRuSPJwTuWnxeGs.css
7 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_1DFi35umdFv1MNKkHZmJzpYn5tw5tRuSPJwTuWnxeGs.css
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d43162df9ba6745bf530d2a41d9989ce9627e6dc39b51b923c9c13b969f1786b

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:39 GMT
Last-Modified
Fri, 09 Apr 2021 11:52:28 GMT
Server
AmazonS3
x-amz-request-id
ETAE23TKMGC2WAC0
ETag
"08a3f35477e17780b731fe8128a211bf"
Content-Type
text/css
Cache-Control
public, max-age=2419200
Accept-Ranges
bytes
Content-Length
7299
x-amz-id-2
WTVsH0VQH42f8dsDyya/ClcCbsp3DtF/Ccr42xs5ZW5T4/IiJbqcInN1azjMcgP+V7w22mtFjX0=

Redirect headers

date
Fri, 16 Apr 2021 06:21:38 GMT
x-content-type-options
nosniff
server
Apache
content-type
text/html; charset=iso-8859-1
location
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_1DFi35umdFv1MNKkHZmJzpYn5tw5tRuSPJwTuWnxeGs.css
cache-control
max-age=1209600
content-length
295
expires
Fri, 30 Apr 2021 06:21:38 GMT
css
fonts.googleapis.com/ 		27 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,300i,700|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
52d92094838844996eb5d1bc5d47010f4a71317372270570cf81a1198a795e06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Apr 2021 05:59:56 GMT
server
ESF
date
Fri, 16 Apr 2021 06:21:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Apr 2021 06:21:38 GMT
ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 		50 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
d11657b8727e92371f5fcd8b9086ae2501739e36
date
Fri, 16 Apr 2021 06:21:38 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
25934
x-cache
HIT
x-cache-hits
1
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
097af0aa6e0000d72d6a3e1000000001
x-served-by
cache-fra19172-FRA
last-modified
Thu, 11 Mar 2021 14:23:17 GMT
server
cloudflare
x-github-request-id
AA86:5D94:781375:7E11CE:6077C014
x-timer
S1618528165.684922,VS0,VE1
etag
W/"604a27d5-c854"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tDw3qPRz4rTuuajH%2FDkzAtZkJS4osUa0DgXGM9wkORtWLyIEcdGVHyXvG2Hqkto8WZd8qV0E6tqYxw4Ft6YJJe2C01drnrAaWewV37YazadYgYmjiT5qJkMq9vyfBu3QcGgbag%3D%3D"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-proxy-cache
MISS
cf-ray
640b508a4d9ed72d-FRA
x-origin-cache
HIT
expires
Thu, 15 Apr 2021 04:34:52 GMT
css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
s3.amazonaws.com/cdn.powerball.com/drupal/files/css/
Redirect Chain
  • https://powerball.com/s3fs-css/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
  • https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
184 KB
184 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ebb38cf55c8bd74f2b83b45a0443696d60506e9c805d6a174e08fae991bf65ec

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:39 GMT
Last-Modified
Fri, 09 Apr 2021 11:51:36 GMT
Server
AmazonS3
x-amz-request-id
ETA0RJBE6GQCYF9W
ETag
"29e4b3e023623a0375473b7ae7634ca4"
Content-Type
text/css
Cache-Control
public, max-age=2419200
Accept-Ranges
bytes
Content-Length
188017
x-amz-id-2
MDjn85OE6VfhVaHmBLT2ZlKHQxQ65QUMW+RMtS196+cb6XwibYsmyGXtY0F0IuGV8dO6H+la1tg=

Redirect headers

date
Fri, 16 Apr 2021 06:21:38 GMT
x-content-type-options
nosniff
server
Apache
content-type
text/html; charset=iso-8859-1
location
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
cache-control
max-age=1209600
content-length
295
expires
Fri, 30 Apr 2021 06:21:38 GMT
publishertag.js
static.criteo.net/js/ld/ 		114 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:29 GMT
server
nginx
etag
W/"605322dd-1c9d1"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sat, 17 Apr 2021 06:21:39 GMT
gweiniClientV1.php
s.gweini.com/ 		91 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.gweini.com/gweiniClientV1.php?ClientID=PUB_ID&group=GPPowerball
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.53.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-53-66.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
084fd154266692bdc0410bb5e3a74dbd35c4c544b7e84ce52dd4643a0c49b97e

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:39 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Content-Length
7941
Content-Type
text/html; charset=UTF-8
powerball-power-play-logo_0.png
s3.amazonaws.com/cdn.powerball.com/drupal/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/powerball-power-play-logo_0.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c0f02a3ba3b3498d9ff3243cd2185bbf9f9c961f1373b2b463dfa025c2d57c5b

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:40 GMT
Last-Modified
Tue, 28 Apr 2020 05:17:42 GMT
Server
AmazonS3
x-amz-request-id
P00YENQHVHS7PXV2
ETag
"954a0848710c5224685722e2621e667e"
Content-Type
image/png
Cache-Control
public, max-age=2419200
Accept-Ranges
bytes
Content-Length
26090
x-amz-id-2
qlFJqfI3sdl+cN8EoEGM/gzx2H5lY9JQRWdKwL1mN9KjHwMYrECsvLf19xeqI+VaKIGrkH4Yx6U=
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
5305
date
Fri, 16 Apr 2021 04:53:14 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Fri, 16 Apr 2021 06:53:14 GMT
powerball-logo-alternate.png
powerball.com/themes/rapid/images/shared/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/shared/powerball-logo-alternate.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.67.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-67-70.compute-1.amazonaws.com
Software
Apache /
Resource Hash
5111b3af3c37b8466db90632f3cdb79670a1af92835aa85a510260b52f045a71
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/shared/powerball-logo-alternate.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 10:54:58 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
46618
expires
Fri, 30 Apr 2021 06:21:39 GMT
down-arrow-mobile.png
powerball.com/themes/rapid/images/shared/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/shared/down-arrow-mobile.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.67.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-67-70.compute-1.amazonaws.com
Software
Apache /
Resource Hash
cbc8abcf771fbe0106242a5f0fb5c6abcee8f5e2eb295bd5099999bafe14f446
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/shared/down-arrow-mobile.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 10:54:58 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
8371
expires
Fri, 30 Apr 2021 06:21:39 GMT
down-arrow.png
powerball.com/themes/rapid/images/shared/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/shared/down-arrow.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.67.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-67-70.compute-1.amazonaws.com
Software
Apache /
Resource Hash
3cde3dc0691b364cf1af3f233269802b8b4d566b962c107fc49966e839222f1e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/shared/down-arrow.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 10:54:58 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
12466
expires
Fri, 30 Apr 2021 06:21:39 GMT
icon%20-%20suitcase.png
s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-11/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-11/icon%20-%20suitcase.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
62a6c980b8be129cceb54b1c6e63cbf6be73035a0580640635096fb0df2d51ec

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:40 GMT
Last-Modified
Mon, 03 Jun 2019 18:45:42 GMT
Server
AmazonS3
x-amz-request-id
P00H41ZPGAYNAHEC
ETag
"10fafcb681743db4bdf20e94bd570fe6"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1339
x-amz-id-2
+HuwcAcknYsI8Wzt4545NKcahxm7kslWTDZX9leNfS8O35ZzS4QoRey1WfagJtPAmw7GV/eXpp0=
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://powerball.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.4
date
Fri, 16 Apr 2021 06:21:38 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
via
1.1 google
alt-svc
clear
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Apr 2021 06:21:38 GMT
via
1.1 google
server
nginx/1.17.4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
clear
content-length
0
plap-icon-how.png
powerball.com/themes/rapid/images/home/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/home/plap-icon-how.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.67.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-67-70.compute-1.amazonaws.com
Software
Apache /
Resource Hash
51f45c89e5baf365e97a33c12bcd2a8bd365f5e156a519eb3c6db4a270ef0d1a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/home/plap-icon-how.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 10:54:58 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
9192
expires
Fri, 30 Apr 2021 06:21:39 GMT
plap-icon-where.png
powerball.com/themes/rapid/images/home/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/home/plap-icon-where.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.67.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-67-70.compute-1.amazonaws.com
Software
Apache /
Resource Hash
946a4a92ed1abe0bc69dabb3125912b3214b7545ef0b69abb8d531047dd326ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/home/plap-icon-where.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 10:54:58 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1976
expires
Fri, 30 Apr 2021 06:21:39 GMT
plap-icon-powerplay.png
powerball.com/themes/rapid/images/home/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/home/plap-icon-powerplay.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.67.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-67-70.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ffd2b669b1e9644f9c9173f577c545125cd4424a599f3c6068f57299cc2f5368
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/home/plap-icon-powerplay.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 10:54:58 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
3385
expires
Fri, 30 Apr 2021 06:21:39 GMT
plap-icon-multidraw.png
powerball.com/themes/rapid/images/home/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/home/plap-icon-multidraw.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.67.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-67-70.compute-1.amazonaws.com
Software
Apache /
Resource Hash
bd4c78cb4cd5c2c87a907794076f7a7f7392f9df50958389afbec8c40eb5da8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/home/plap-icon-multidraw.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 10:54:58 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
4817
expires
Fri, 30 Apr 2021 06:21:39 GMT
monument-smithsonian-1.png
powerball.com/themes/rapid/images/home/how-tall/ 		273 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/home/how-tall/monument-smithsonian-1.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.67.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-67-70.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b9b9103c60ef2c61de42660d6cd67a82d9816426f2b0f0c0a8fa3a1deae3538c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/home/how-tall/monument-smithsonian-1.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 10:54:58 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
273
expires
Fri, 30 Apr 2021 06:21:39 GMT
monument-liberty2.png
powerball.com/themes/rapid/images/home/how-tall/ 		927 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/home/how-tall/monument-liberty2.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.67.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-67-70.compute-1.amazonaws.com
Software
Apache /
Resource Hash
2ae2901f146e2e0eb83648fdfc19c78aca16e1674313e164bc93c3739bba5d36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/home/how-tall/monument-liberty2.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 10:54:58 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
927
expires
Fri, 30 Apr 2021 06:21:39 GMT
monument-pyramid-3.png
powerball.com/themes/rapid/images/home/how-tall/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/home/how-tall/monument-pyramid-3.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.67.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-67-70.compute-1.amazonaws.com
Software
Apache /
Resource Hash
52fe2f0394335dab93ffb9cac2bea65d4460b5d24cbc3861e62392194b11bfff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/home/how-tall/monument-pyramid-3.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 10:54:58 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2432
expires
Fri, 30 Apr 2021 06:21:39 GMT
monument-bloomberg4.png
powerball.com/themes/rapid/images/home/how-tall/ 		326 B
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/home/how-tall/monument-bloomberg4.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.67.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-67-70.compute-1.amazonaws.com
Software
Apache /
Resource Hash
d67eaa6e32c34eea44a3f90b36561f63181ed3d0407665e4e7dc48d54e5b266d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/home/how-tall/monument-bloomberg4.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 10:54:58 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
326
expires
Fri, 30 Apr 2021 06:21:39 GMT
monument-eiffel-5.png
powerball.com/themes/rapid/images/home/how-tall/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/home/how-tall/monument-eiffel-5.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.67.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-67-70.compute-1.amazonaws.com
Software
Apache /
Resource Hash
becfbf498f3cc9647d8fc8a70816cb1f3f73803a9fa293735cb9059c77854409
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/home/how-tall/monument-eiffel-5.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 10:54:58 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2378
expires
Fri, 30 Apr 2021 06:21:39 GMT
monument-tradecenter-6.png
powerball.com/themes/rapid/images/home/how-tall/ 		806 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/home/how-tall/monument-tradecenter-6.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.67.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-67-70.compute-1.amazonaws.com
Software
Apache /
Resource Hash
a2ef194ebea955025ec930aaa5c9adfb4bb5169751962ef42720c95982827d76
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/home/how-tall/monument-tradecenter-6.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 10:54:58 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
806
expires
Fri, 30 Apr 2021 06:21:39 GMT
monument-burj-7.png
powerball.com/themes/rapid/images/home/how-tall/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/home/how-tall/monument-burj-7.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.67.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-67-70.compute-1.amazonaws.com
Software
Apache /
Resource Hash
47a3d1d29044a5086d50d45f66600b612cdd16df4893eaf01571c8d2d714f42c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/home/how-tall/monument-burj-7.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 10:54:58 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1545
expires
Fri, 30 Apr 2021 06:21:39 GMT
monument-sears-8.png
powerball.com/themes/rapid/images/home/how-tall/ 		619 B
825 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/home/how-tall/monument-sears-8.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.67.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-67-70.compute-1.amazonaws.com
Software
Apache /
Resource Hash
06ef905faafedcc71b11e25d395607fb6fef70fdbdaceb87c744255c67624799
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/home/how-tall/monument-sears-8.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 10:54:58 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
619
expires
Fri, 30 Apr 2021 06:21:39 GMT
odds.png
s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/odds.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ff5e5f296b0ef16c2c0d6fbc4f47680335eac8b0a452f413e032531e9788238a

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:40 GMT
Last-Modified
Mon, 03 Jun 2019 18:45:58 GMT
Server
AmazonS3
x-amz-request-id
P00P6J045Q8MRMD8
ETag
"31e28e1ff8717ae89c4787ce8930a8bc"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
20304
x-amz-id-2
hsnk9P6JuUiFDQB0xBA0JiWGXdEmdINqHbnVZ1fnuFu6DAMEHDsjVNSlWOjpA4PjlqR5xqxbvZE=
payments.png
s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/payments.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
1b1d51840695cebf90274b527443cd64945cd9dfc5d2b785b0a772996ec588fc

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:40 GMT
Last-Modified
Mon, 03 Jun 2019 18:45:58 GMT
Server
AmazonS3
x-amz-request-id
P00KJN3HP44YT78H
ETag
"7f93eb9bb1be1c208734e209e3ed1f8d"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
20330
x-amz-id-2
RqKJoP57c7rGiS/1nXNz+mj9O/U7w6yXzr+knKExHwkmgSQ9Xz4XNFGRN4M2+tQ6IEYll0cfxtc=
js_PiiWZWXIP2qwdgCt_1MIoezFQmG2p5c7Xkbu7vAEPOI.js
s3.amazonaws.com/cdn.powerball.com/drupal/files/js/
Redirect Chain
  • https://powerball.com/s3fs-js/js/js_PiiWZWXIP2qwdgCt_1MIoezFQmG2p5c7Xkbu7vAEPOI.js
  • https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_PiiWZWXIP2qwdgCt_1MIoezFQmG2p5c7Xkbu7vAEPOI.js
476 KB
476 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_PiiWZWXIP2qwdgCt_1MIoezFQmG2p5c7Xkbu7vAEPOI.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3e28966565c83f6ab07600adff5308a1ecc54261b6a7973b5e46eeeef0043ce2

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:39 GMT
Last-Modified
Fri, 09 Apr 2021 11:52:29 GMT
Server
AmazonS3
x-amz-request-id
ETAB6AGME3T6VS3Z
ETag
"176b197db75353e1bbb5572967f7110a"
Content-Type
application/javascript
Cache-Control
public, max-age=2419200
Accept-Ranges
bytes
Content-Length
487002
x-amz-id-2
wBW/taH2dcdREinSLCpLpVTu0UZDsK34QR0rFcPeQXoKVn6f0oROBr6rYBu3BdlrdLPMDRShoNQ=

Redirect headers

date
Fri, 16 Apr 2021 06:21:38 GMT
x-content-type-options
nosniff
server
Apache
content-type
text/html; charset=iso-8859-1
location
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_PiiWZWXIP2qwdgCt_1MIoezFQmG2p5c7Xkbu7vAEPOI.js
cache-control
max-age=1209600
content-length
292
expires
Fri, 30 Apr 2021 06:21:38 GMT
header-rep.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/header-rep.jpg
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
cd9c139673051af705b80d8eb599aa53d534b8d51674f0f8d4dea65a449e51e2

Request headers

Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:40 GMT
Last-Modified
Mon, 03 Jun 2019 18:42:36 GMT
Server
AmazonS3
x-amz-request-id
P00M28S875K3DPV5
ETag
"0e973dffc15bf2796e8b24b0a1dead33"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
3922
x-amz-id-2
2ms2t5lya0umCOY9bQi1z2aZUiY5OlLPYG9ZYr1b3rxP3Gdrgw32fVpITGXZDg8dmTms0Q9wi38=
ProximaNova-Regular.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Regular/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Regular/ProximaNova-Regular.woff
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5d1765ca16cb96e4294a5c96b2084b580e200a2743b1ff7805d18bd8348825e9

Request headers

Origin
https://powerball.com
Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:40 GMT
Last-Modified
Tue, 04 Jun 2019 03:53:18 GMT
Server
AmazonS3
x-amz-request-id
P00YJY0RM236HA5W
ETag
"78adc015dc4ffc4db6e237fefddcf605"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
https://powerball.com
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Length
40260
x-amz-id-2
8eEhfhxOZHbkwni+uab4+BVbyYMNHcATAiOygqPL8Bpvwlbz4KhuHtqKRb2eGlxs8njVoBrFQug=
beach-couple.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/beach-couple.jpg
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
821e02b7009ed37828e3acf4c71ae2f7949acd106935854e5e668d75c07e8d37

Request headers

Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:40 GMT
Last-Modified
Tue, 28 Apr 2020 04:52:42 GMT
Server
AmazonS3
x-amz-request-id
P00PHCMX7BGG6AWF
ETag
"16fdf0e0990ae659f8dad6eb3183738d"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
108307
x-amz-id-2
R7IlS3RzMwHD2dVCLOAX1ExTdBiZTWzQPyyh8i/qYh0doabuu+oS1F0M0rnMYTDNgsyKm17neDU=
chapter-sections-digits.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 		134 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/chapter-sections-digits.png
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
03bdd68a1e549bf59bc419d1842bec52628885efc75ed8a58a7d1f7671d6c4d7

Request headers

Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:40 GMT
Last-Modified
Mon, 03 Jun 2019 18:42:35 GMT
Server
AmazonS3
x-amz-request-id
P00W1WH0BE2G0B0V
ETag
"463652a321bd08768e5436662ab77a65"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
137704
x-amz-id-2
IoQ227XGzSbmfMQkcK6mQCOJk0rHEnoWj6cmBT22qyLLmBrU5qHe9AZUW4x6TAUrtM22vWNL3M8=
chapter-icon-digits.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/chapter-icon-digits.png
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
325cee8a45b452b68fe28fb92173f63a7f19967dbe3bf794bf4e3211772150c9

Request headers

Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:40 GMT
Last-Modified
Mon, 03 Jun 2019 18:42:34 GMT
Server
AmazonS3
x-amz-request-id
P00MF458MT56EWWK
ETag
"941ef7347e719b3dd272745a601be5ca"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4711
x-amz-id-2
Q4nk3yifAcPRZ3Mkc+S0sS7Ab8Y7y/Rrm1KjreDvSEZzkJAqBFucidec5+TX9OkNSgbJl3AW/SI=
selected-tab.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 		358 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/selected-tab.png
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
60d9368fc1deb5a275b3786195a53ef1272fc24b05a313aa52b1bfcc0a0356a3

Request headers

Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:40 GMT
Last-Modified
Mon, 03 Jun 2019 18:42:37 GMT
Server
AmazonS3
x-amz-request-id
P00HZDS2DAJ4ZAY8
ETag
"a534365977f2b2e499d219861587f18f"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
358
x-amz-id-2
yoGinvn2T7TI4fVVlpv4x6Kmwfn7UYvLcsRfhRQWomvkglz2ZyEllQiAzW2tuZrXHR8abMEUoes=
ball-powerball-red.svg
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/home/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/home/ball-powerball-red.svg
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
9b0e415f742585b82139fb7076506657dde225088247e2ac0fba6f88a3d19588

Request headers

Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:40 GMT
Last-Modified
Mon, 03 Jun 2019 18:42:32 GMT
Server
AmazonS3
x-amz-request-id
P00Y6CWA0ZQZBQMS
ETag
"b51736b050323703cfdd1b2dea37359b"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1539
x-amz-id-2
bj1bkN3DcusJH2YlVo6wIBQjW3q3KOAk1u3mtFKKsttPull0Rf3zqIGnJ4kgAL9Tw6TlsBOnQ64=
chapter-sections-plap.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/chapter-sections-plap.png
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d134107061dcfaad34af3db635f5ca3b3e368bdeeada543ac4b2b6e183c6ecb8

Request headers

Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:40 GMT
Last-Modified
Mon, 03 Jun 2019 18:42:35 GMT
Server
AmazonS3
x-amz-request-id
P00J9V710MG9G3WQ
ETag
"919037d9f382c51cc1f7a8315a0fba30"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
130339
x-amz-id-2
MVfjF7flNXF3VWhHK1y4JNUlY8yhWfQ9blDm/3hiix9Aj2Jc/KMJ0MdDPD0LFzNtXSkqtyJNkCQ=
chapter-icon-plap.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/chapter-icon-plap.png
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b5abf5b778d2b365d80d73fe19360dc9d79b037de4533335716e3a10cb02a19e

Request headers

Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:40 GMT
Last-Modified
Mon, 03 Jun 2019 18:42:34 GMT
Server
AmazonS3
x-amz-request-id
P00T8TWM0M6ER9BK
ETag
"dbf5cfdb8c71d88c4763528d7d7746d8"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2674
x-amz-id-2
UzNjfbzGz0zTiF1IQ36ybI7bjG6xcG33Sc7jW7WH6R15osbHc7fqDiAdG6N+w2So248hie/8Atg=
how-tall-desktop_0.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/how-tall-desktop_0.jpg
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
77e253f505244807bb3b20519289552308191f98fee3bf62a5ed216ef0027bbf

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:40 GMT
Last-Modified
Mon, 03 Jun 2019 18:45:54 GMT
Server
AmazonS3
x-amz-request-id
P00QF6AERRRDJGG4
ETag
"d94fd880ae887e896b75c3a3992f6572"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
9768
x-amz-id-2
hY0zfsnGQKjVjfpGE/nPIDCdiMV0yMXx3NxPjEIADCw81xGoF+OMImZZ93ts/liatCVZtqG1JGQ=
ionicons.ttf
code.ionicframework.com/ionicons/2.0.1/fonts/ 		184 KB
102 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://code.ionicframework.com/ionicons/2.0.1/fonts/ionicons.ttf?v=2.0.1
Requested by
Host: code.ionicframework.com
URL: https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:7ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2

Request headers

Origin
https://powerball.com
Referer
https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
c32f8340561bd204bd5a3b3d70660ef7941e8ee7
date
Fri, 16 Apr 2021 06:21:39 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
23503
x-cache
HIT
x-cache-hits
8
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
097af0ad9a0000d6b5b1a7d000000001
x-served-by
cache-fra19125-FRA
last-modified
Thu, 11 Mar 2021 14:23:17 GMT
server
cloudflare
x-github-request-id
9EE8:7258:86BB13:8D0A31:6077CF69
x-timer
S1618530596.135525,VS0,VE0
etag
W/"604a27d5-2e05c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7nnRL8qHTql8QaTK8YsYWF8%2BDgMgNYO1AIbrQW%2FhgwAbFSlMXHRSRPSh7%2FaedkCiaejJW%2Bneh%2BBpUZPWBNSWrt5qXKT7qFRV31VUm%2FnBno%2BmIwoM%2BRiE%2F0beggelX6uxCVYIZg%3D%3D"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
max-age=31536000
x-proxy-cache
MISS
cf-ray
640b508f5fd7d6b5-FRA
x-origin-cache
HIT
expires
Thu, 15 Apr 2021 05:40:17 GMT
ProximaNova-Bold.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Bold/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Bold/ProximaNova-Bold.woff
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
37cc0451eec571b22864bfac29a3766ccebe2d1e48ac4a552a8e9b8e6f9be02f

Request headers

Origin
https://powerball.com
Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:40 GMT
Last-Modified
Tue, 04 Jun 2019 03:53:14 GMT
Server
AmazonS3
x-amz-request-id
P00Y4G8XFVB79K6B
ETag
"e05ada7ee5a2d1e5a50c5305ce23de68"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
https://powerball.com
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Length
40836
x-amz-id-2
ukUsEa/0UVeCZ/+2JeYOS1NnfLq847k72ReLWlKEJMpPBzN6f3Uz+rv5hz892O3/Gts2RxfBXyU=
ProximaNova-Semibold.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Semibold/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Semibold/ProximaNova-Semibold.woff
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
16bc74e3ebb6ef6cc2c56565701502e39ea269aa665dd74da5742d371f3b2939

Request headers

Origin
https://powerball.com
Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:40 GMT
Last-Modified
Tue, 04 Jun 2019 03:53:19 GMT
Server
AmazonS3
x-amz-request-id
P00QS0BSWGZPPP5C
ETag
"cc1a6c632152a90dfa994a7280496cb3"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
https://powerball.com
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Length
40304
x-amz-id-2
jb1DS8/ix6VXGxoqAVN+iuTSIY6ahpipQYfQvmloOqi72dpiO+8wPQSGF57aURUbpWYMSeyO7FE=
ProximaNova-Extrabld.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Extrabld/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Extrabld/ProximaNova-Extrabld.woff
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6bac28b40c710514ce42fda86320277f18b0c22a4ddb3091748cfe6493359a78

Request headers

Origin
https://powerball.com
Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:40 GMT
Last-Modified
Tue, 04 Jun 2019 03:53:15 GMT
Server
AmazonS3
x-amz-request-id
P00YXPT7GPCVZM44
ETag
"dbce0260a4c434e83703edda344b0329"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
https://powerball.com
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Length
40852
x-amz-id-2
xl+JYy+SrSZq8z2D+N1AbSRW8dZV0kVl7KDqd4ZZ3MZxFfzaaEeCyhh+2HP6b6qDMPWFmtKKws8=
ProximaNova-Light.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Light/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Light/ProximaNova-Light.woff
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
91822d970ea4cb3dbae6039431aaebfd36c46997c43a53a507518eed6dc230b2

Request headers

Origin
https://powerball.com
Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:40 GMT
Last-Modified
Tue, 04 Jun 2019 03:53:17 GMT
Server
AmazonS3
x-amz-request-id
P00WX5TCBYE6D9RF
ETag
"0b903f87bae9c87f54243c90469294ee"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
https://powerball.com
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Length
40260
x-amz-id-2
8oGlHcjaW4wkcz5jXk8bW3KYWMAqNGbxv6TWax/4oqYRIvJ3K9DFYrQjzXmczwDi/zQ+334wxzw=
ProximaNova-RegularIt.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-RegularIt/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-RegularIt/ProximaNova-RegularIt.woff
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
59ff4e9457a98e72723231e1ad962b8c2a77c67f6c025dc6464843931d061c0f

Request headers

Origin
https://powerball.com
Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:40 GMT
Last-Modified
Tue, 04 Jun 2019 03:53:19 GMT
Server
AmazonS3
x-amz-request-id
P00HNX682KHY00D2
ETag
"24d85649dddd19938b718e8d57ddb2bf"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
https://powerball.com
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Length
40116
x-amz-id-2
imAE3DCjkNlY1TFfZ9Xr434NfQFYQOtI6kolKhhbZQV3jATYc0KVOweM0daEZxRYNGgzpmQfSOI=
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&aip=1&a=398524717&t=pageview&_s=1&dl=https%3A%2F%2Fpowerball.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Powerball&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=154326036&gjid=2105010118&cid=428187182.1618554099&tid=UA-29233419-1&_gid=417618993.1618554099&_r=1&_slc=1&z=1917521699
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://powerball.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cdb
bidder.criteo.com/ 		0
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=106&profileId=206&cb=74996337310
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://powerball.com
date
Fri, 16 Apr 2021 06:21:38 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
collect
stats.g.doubleclick.net/j/ 		1 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-29233419-1&cid=428187182.1618554099&jid=154326036&gjid=2105010118&_gid=417618993.1618554099&_u=YGBACEAABAAAAC~&z=2077345566
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 16 Apr 2021 06:21:39 GMT
content-type
text/plain
access-control-allow-origin
https://powerball.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
bidder.criteo.com/csm/ 		0
143 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://powerball.com
date
Fri, 16 Apr 2021 06:21:39 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
pixel.gif
static.criteo.net/images/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 11 Apr 2022 06:21:39 GMT
pixel.gif
static.criteo.net/images/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 11 Apr 2022 06:21:39 GMT
syncframe
gum.criteo.com/ Frame ACEB 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=powerball.com
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=powerball.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://powerball.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1490
date
Fri, 16 Apr 2021 06:21:39 GMT
content-length
0
recent
powerball.com/api/v1/numbers/powerball/ 		301 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://powerball.com/api/v1/numbers/powerball/recent?_format=json
Requested by
Host: powerball.com
URL: https://powerball.com/s3fs-js/js/js_PiiWZWXIP2qwdgCt_1MIoezFQmG2p5c7Xkbu7vAEPOI.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.67.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-67-70.compute-1.amazonaws.com
Software
Apache /
Resource Hash
27550cb45c550f1abe2bafaa75b598f6fee21c86ad0f037f85d43fabb380cb06
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.428187182.1618554099; _gid=GA1.2.417618993.1618554099; _gat=1
:path
/api/v1/numbers/powerball/recent?_format=json
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://powerball.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
x-content-type-options
nosniff nosniff
x-drupal-dynamic-cache
MISS
content-length
301
x-ua-compatible
IE=edge
last-modified
Fri, 16 Apr 2021 02:37:10 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"1618540630"
vary
Cookie
content-language
en
x-generator
Drupal 8 (https://www.drupal.org)
cache-control
max-age=86400, public
content-type
application/json
x-drupal-cache
HIT
expires
Sun, 19 Nov 1978 05:00:00 GMT
powerball
powerball.com/api/v1/estimates/ 		160 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://powerball.com/api/v1/estimates/powerball?_format=json
Requested by
Host: powerball.com
URL: https://powerball.com/s3fs-js/js/js_PiiWZWXIP2qwdgCt_1MIoezFQmG2p5c7Xkbu7vAEPOI.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.67.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-67-70.compute-1.amazonaws.com
Software
Apache /
Resource Hash
c898153304038a5e6e8c6035ae0a6a8da62856916ea1edf7888afb7a8500aa4e
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.428187182.1618554099; _gid=GA1.2.417618993.1618554099; _gat=1
:path
/api/v1/estimates/powerball?_format=json
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://powerball.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
x-content-type-options
nosniff nosniff
x-drupal-dynamic-cache
MISS
content-length
160
x-ua-compatible
IE=edge
last-modified
Fri, 16 Apr 2021 02:37:08 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"1618540628"
vary
Cookie
content-language
en
x-generator
Drupal 8 (https://www.drupal.org)
cache-control
max-age=86400, public
content-type
application/json
x-drupal-cache
HIT
expires
Sun, 19 Nov 1978 05:00:00 GMT
recent10
powerball.com/api/v1/numbers/powerball/ 		1001 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://powerball.com/api/v1/numbers/powerball/recent10?_format=json
Requested by
Host: powerball.com
URL: https://powerball.com/s3fs-js/js/js_PiiWZWXIP2qwdgCt_1MIoezFQmG2p5c7Xkbu7vAEPOI.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.67.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-67-70.compute-1.amazonaws.com
Software
Apache /
Resource Hash
0c3130b3b8a61b6348e5b5b10f7814296fb7eed8013c81f8cd416aa973569e35
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.428187182.1618554099; _gid=GA1.2.417618993.1618554099; _gat=1
:path
/api/v1/numbers/powerball/recent10?_format=json
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://powerball.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
x-content-type-options
nosniff nosniff
x-drupal-dynamic-cache
MISS
content-length
1001
x-ua-compatible
IE=edge
last-modified
Fri, 16 Apr 2021 02:37:08 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"1618540628"
vary
Cookie
content-language
en
x-generator
Drupal 8 (https://www.drupal.org)
cache-control
max-age=86400, public
content-type
application/json
x-drupal-cache
HIT
expires
Sun, 19 Nov 1978 05:00:00 GMT
powerball-hero-concept3_desktop_full.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2020-04/ 		334 KB
334 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2020-04/powerball-hero-concept3_desktop_full.jpg
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e6e69ae9133bcc7f46c03b0b6608b525ed2cf440c9a218649f9525368093836a

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:40 GMT
Last-Modified
Tue, 28 Apr 2020 03:58:01 GMT
Server
AmazonS3
x-amz-request-id
P00Z4QCRV6TV309R
ETag
"6bc941bff6153e985cccf26af80a4414"
Content-Type
image/jpeg
Cache-Control
public, max-age=2419200
Accept-Ranges
bytes
Content-Length
341523
x-amz-id-2
tmdXoAFH7m1Us947ZiagbDOsOhHGWzxwpSyMKMQl86Nm8jTHW0lIYmzpjHKedVRhskxfNtCzWAQ=
/
powerball.com/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.67.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-67-70.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/
pragma
no-cache
cookie
_ga=GA1.2.428187182.1618554099; _gid=GA1.2.417618993.1618554099; _gat=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
x-content-type-options
nosniff nosniff
x-drupal-dynamic-cache
HIT
vary
Cookie
x-ua-compatible
IE=edge
last-modified
Thu, 15 Apr 2021 14:41:46 GMT
server
Apache
etag
"1618497706"
x-frame-options
SAMEORIGIN
content-language
en
x-generator
Drupal 8 (https://www.drupal.org)
cache-control
max-age=86400, public
content-type
text/html; charset=UTF-8
link
<http://powerball.com/>; rel="shortlink", <http://powerball.com/>; rel="canonical" <http://powerball.com/games/home>; rel="alternate"; hreflang="en" <http://powerball.com/es/games/home>; rel="alternate"; hreflang="es" <http://powerball.com/games/home>; rel="revision"
x-drupal-cache
HIT
expires
Sun, 19 Nov 1978 05:00:00 GMT
hero-home-d_0.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2018-01/ 		264 KB
264 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2018-01/hero-home-d_0.jpg
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6b3422c0bf088fb098d4cf5a1e63791c8eecdcb4d3ab1dc0c36f19a30b171e36

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:40 GMT
Last-Modified
Mon, 03 Jun 2019 18:46:29 GMT
Server
AmazonS3
x-amz-request-id
P00GH5SV6PVY184D
ETag
"7f3021434efe42ed5c9720ca66cbfdc0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
270033
x-amz-id-2
vQ32AxmkiE4KZmfT5R7AX+4v+VlVRvWr7QQ7RSy2jjCJp/4RGsKvEYPu/ykvvVKdL++Rb8gz2js=
divider-img-home-9ways.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2018-01/ 		486 KB
486 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2018-01/divider-img-home-9ways.jpg
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.207.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b758f60ab7ad38a56bdff71e6464b146312ea575f56ab7f6b05ed7f157f5bc48

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:40 GMT
Last-Modified
Mon, 03 Jun 2019 18:46:23 GMT
Server
AmazonS3
x-amz-request-id
P00KWMZEPXTEV9A3
ETag
"02dfd34fecf8640a24d1123ca8a81313"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
497334
x-amz-id-2
uMAgXtzpY2lXrNtbpMz1DOOOkzsdR6NeXF3tXHfG8Ew0DYFUISlrlTLifrTLN5uKQAeUqy0u0vE=
powerball
powerball.com/api/v1/estimates/ 		160 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://powerball.com/api/v1/estimates/powerball?_format=json
Requested by
Host: powerball.com
URL: https://powerball.com/s3fs-js/js/js_PiiWZWXIP2qwdgCt_1MIoezFQmG2p5c7Xkbu7vAEPOI.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.67.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-67-70.compute-1.amazonaws.com
Software
Apache /
Resource Hash
c898153304038a5e6e8c6035ae0a6a8da62856916ea1edf7888afb7a8500aa4e
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.428187182.1618554099; _gid=GA1.2.417618993.1618554099; _gat=1
:path
/api/v1/estimates/powerball?_format=json
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://powerball.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
x-content-type-options
nosniff nosniff
x-drupal-dynamic-cache
MISS
content-length
160
x-ua-compatible
IE=edge
last-modified
Fri, 16 Apr 2021 02:37:08 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"1618540628"
vary
Cookie
content-language
en
x-generator
Drupal 8 (https://www.drupal.org)
cache-control
max-age=86400, public
content-type
application/json
x-drupal-cache
HIT
expires
Sun, 19 Nov 1978 05:00:00 GMT
gweiniV1_6_1.min.js
fs.gweini.com/ 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fs.gweini.com/gweiniV1_6_1.min.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.25.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-25-111.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c60536e1387fd63f18755c87e9028bc138c1cb11fc77a64a159777aae49a12b5

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 21:14:59 GMT
via
1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jan 2020 19:47:21 GMT
server
AmazonS3
age
33363
etag
"e7bb56484553f1223fea5d70ca7104f4"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
15682
x-amz-cf-id
rLrl-Dj4LP_J3Z2oPmhxKaBLuGlo21VY4kryVN0l-iRB1Ad_dlvtKw==
jstag
lanista-bidder-d.openx.net/w/1.0/ Frame 24DD 		168 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
f5f6230813ffa8709c7fad9072d474452b9128ff958aa2162975e684f74ae1e5

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
max-age=3600
content-type
text/javascript
alt-svc
clear
content-length
58338
expires
Fri, 16 Apr 2021 07:21:39 GMT
prebid2.27.0.js
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 24DD 		277 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.155.134 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-155-134.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:39 GMT
Via
1.1 960b0b60c4f1507c51c75d8f9ab0dc91.cloudfront.net (CloudFront)
Last-Modified
Mon, 20 Jan 2020 21:18:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
TXL52-C1
ETag
"e68bd028eaaff6c766a2630c72373b02"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
283302
X-Amz-Cf-Id
qoUFjYUPmjn3AjMVKRpL1rxAVrEVWIFMZFiyd85M5qRtj4R8aHjF_Q==
jstag
lanista-bidder-d.openx.net/w/1.0/ Frame 49D6 		168 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
51de20a5dca5bbb8c711b6e79b41739067f25aab811ac801b04c80eaeb168bd8

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
max-age=3600
content-type
text/javascript
alt-svc
clear
content-length
58341
expires
Fri, 16 Apr 2021 07:21:39 GMT
prebid2.27.0.js
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 49D6 		277 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.155.134 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-155-134.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:39 GMT
Via
1.1 fa133af2508a341e1ff6bfff526ba095.cloudfront.net (CloudFront)
Last-Modified
Mon, 20 Jan 2020 21:18:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
TXL52-C1
ETag
"e68bd028eaaff6c766a2630c72373b02"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
283302
X-Amz-Cf-Id
soiGciLjOyH1z7Xw582ITuLVSfN2DXoCUWIpJwpeGmL6slam3RfI3A==
jstag
lanista-bidder-d.openx.net/w/1.0/ Frame CAF0 		168 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
7f02c297c2ec5c2b64a6fa5462d1dc3681f19e778d819486cfe7cb73001f34d6

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
max-age=3600
content-type
text/javascript
alt-svc
clear
content-length
58338
expires
Fri, 16 Apr 2021 07:21:39 GMT
prebid2.27.0.js
d2tbmvllb55wxq.cloudfront.net/pb/ Frame CAF0 		277 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.155.134 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-155-134.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:39 GMT
Via
1.1 ffa01f5c992a803f4470401daea2d541.cloudfront.net (CloudFront)
Last-Modified
Mon, 20 Jan 2020 21:18:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
TXL52-C1
ETag
"e68bd028eaaff6c766a2630c72373b02"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
283302
X-Amz-Cf-Id
xP7b9EbFUq6lIr5KfC5WqCKThmQvfHoz1BVHo2b9E74KZIsz4QYLKA==
jstag
lanista-bidder-d.openx.net/w/1.0/ Frame BFBE 		168 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
a2046c1be0fb616163bc47b2e86470d4508c6c95a5cd0ba1a8dee67f81d8a15a

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
max-age=3600
content-type
text/javascript
alt-svc
clear
content-length
58344
expires
Fri, 16 Apr 2021 07:21:39 GMT
prebid2.27.0.js
d2tbmvllb55wxq.cloudfront.net/pb/ Frame BFBE 		277 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.155.134 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-155-134.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:39 GMT
Via
1.1 6c0a96db840a3c501e2558c2b46fd7ec.cloudfront.net (CloudFront)
Last-Modified
Mon, 20 Jan 2020 21:18:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
TXL52-C1
ETag
"e68bd028eaaff6c766a2630c72373b02"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
283302
X-Amz-Cf-Id
MzhCF9dYaT9PGpJNvL22oam22V3SkPWlZcxTrUwQh0Ybkkr7SKBOrA==
jstag
lanista-bidder-d.openx.net/w/1.0/ Frame 49DD 		168 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
8b1c5686bb8f96c6c9fe284282bdc857b4ca07e52aedf312641db347ca80657d

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
max-age=3600
content-type
text/javascript
alt-svc
clear
content-length
58340
expires
Fri, 16 Apr 2021 07:21:39 GMT
prebid2.27.0.js
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 49DD 		277 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.155.134 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-155-134.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:39 GMT
Via
1.1 aec69d2871c7aeb74988020f07480fa4.cloudfront.net (CloudFront)
Last-Modified
Mon, 20 Jan 2020 21:18:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
TXL52-C1
ETag
"e68bd028eaaff6c766a2630c72373b02"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
283302
X-Amz-Cf-Id
L9lKGkYXnKyhml93dwWvbfgXRYWpDS0iMfp2Dj2-KI9zWX6cqUICWQ==
jstag
lanista-bidder-d.openx.net/w/1.0/ Frame 8FD8 		168 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
db3a17d9680b13a4a6461177cfdc7832ddf86c8da24a33965c8a522c5610d932

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
max-age=3600
content-type
text/javascript
alt-svc
clear
content-length
58338
expires
Fri, 16 Apr 2021 07:21:39 GMT
prebid2.27.0.js
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 8FD8 		277 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.155.134 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-155-134.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 06:21:39 GMT
Via
1.1 960b0b60c4f1507c51c75d8f9ab0dc91.cloudfront.net (CloudFront)
Last-Modified
Mon, 20 Jan 2020 21:18:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
TXL52-C1
ETag
"e68bd028eaaff6c766a2630c72373b02"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
283302
X-Amz-Cf-Id
FU5c7LmX6bXPhl3lmVfSIhu6EAe8LUDWgoBeg83XXcvmp6J9rCQOWA==
ServeAd
api.lanistaads.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.lanistaads.com/ServeAd?s=t&AdSize=970x250&SiteID=APST09010385POWB9701&Zone=ATF&g=191
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.126.214 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.126.98.34.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 16 Apr 2021 06:21:39 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-headers
Content-Type
alt-svc
clear
content-type
image/png
ServeAd
api.lanistaads.com/ 		70 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.lanistaads.com/ServeAd?s=t&AdSize=970x250&SiteID=APST09010385POWB9702&Zone=ATF&g=333
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.126.214 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.126.98.34.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 16 Apr 2021 06:21:39 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-headers
Content-Type
alt-svc
clear
content-type
image/png
ServeAd
api.lanistaads.com/ 		70 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3001&Zone=ATF&g=987
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.126.214 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.126.98.34.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 16 Apr 2021 06:21:39 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-headers
Content-Type
alt-svc
clear
content-type
image/png
ServeAd
api.lanistaads.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3002&Zone=ATF&g=461
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.126.214 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.126.98.34.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 16 Apr 2021 06:21:39 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-headers
Content-Type
alt-svc
clear
content-type
image/png
ServeAd
api.lanistaads.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3003&Zone=ATF&g=363
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.126.214 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.126.98.34.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 16 Apr 2021 06:21:39 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-headers
Content-Type
alt-svc
clear
content-type
image/png
ServeAd
api.lanistaads.com/ 		70 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3004&Zone=ATF&g=76
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.126.214 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.126.98.34.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 16 Apr 2021 06:21:39 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-headers
Content-Type
alt-svc
clear
content-type
image/png
gpt.js
www.googletagservices.com/tag/js/ Frame 49D6 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44d96438eec3bf39527ff24f340f44bf7bb3607163aae0c2a444a17b0e3a705d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"844 / 681 of 1000 / last-modified: 1618524732"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21129
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:39 GMT
acj
lanista-bidder-d.openx.net/w/1.0/ Frame BFBE
Redirect Chain
  • https://lanista-bidder-d.openx.net/w/1.0/acj?ai=87b90201-c722-478b-83c1-3fe714277706&o=20a0d620c713bc&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lani...
  • https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=87b90201-c722-478b-83c1-3fe714277706&o=20a0d620c713bc&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c...
452 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=87b90201-c722-478b-83c1-3fe714277706&o=20a0d620c713bc&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ifr=1&tws=1600x1200
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
72a30bd842777e2a4ffda18fc4060c3e91deb450266472505930e4a548fca83c

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:39 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://powerball.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
281
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 16 Apr 2021 06:21:39 GMT
via
1.1 google
server
OXGW/16.205.4
location
https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=87b90201-c722-478b-83c1-3fe714277706&o=20a0d620c713bc&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ifr=1&tws=1600x1200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://powerball.com
access-control-allow-credentials
true
alt-svc
clear
content-length
0
acj
lanista-bidder-d.openx.net/w/1.0/ Frame CAF0 		452 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lanista-bidder-d.openx.net/w/1.0/acj?ai=7351a2f2-e696-4d75-b4a9-5dc20f5a3704&o=24ff11fb15a7&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ifr=1&tws=1600x1200
Requested by
Host: lanista-bidder-d.openx.net
URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
113e5189c8bea537e4653eed82e6201861b3cb27f67e1c9810dfd66d809714a8

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:39 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://powerball.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
280
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
acj
lanista-bidder-d.openx.net/w/1.0/ Frame 8FD8 		452 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lanista-bidder-d.openx.net/w/1.0/acj?ai=e42e9778-22e7-407d-ad27-c06a3bc85d3b&o=2b95dc40eb4e97&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ws=300x250&ifr=1&tws=1600x1200
Requested by
Host: lanista-bidder-d.openx.net
URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
8c53fd91e9052012f4f567f78281c4e47b91eff042e20ddbfd1b3106ebb6dc83

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:39 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://powerball.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
280
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 24DD 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3efcbc35e7324edd7d888029dac77b8a909ac07ad60e9a0c032792d51da18a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"844 / 574 of 1000 / last-modified: 1618524732"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21111
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:39 GMT
acj
lanista-bidder-d.openx.net/w/1.0/ Frame 49DD 		452 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lanista-bidder-d.openx.net/w/1.0/acj?ai=12746350-b95f-40f6-8277-3c527e06d6bd&o=2bfd7d144a7953&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ws=300x250&ifr=1&tws=1600x1200
Requested by
Host: lanista-bidder-d.openx.net
URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
1cf0d28815562a498fb567f336647fc1604747fe1f41298ee79a635ca2fefb95

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:39 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://powerball.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
280
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
pd
eu-u.openx.net/w/1.0/ Frame FE5C 		1007 B
865 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
d3d31f25749c44b5fd5c6b6513cf051c0446ebc29e6e71184cfc12453dbc0183

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=ed69824c-5a0d-0983-195f-f26d5ac14e2b|1618554099
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://powerball.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=ed69824c-5a0d-0983-195f-f26d5ac14e2b|1618554099; Version=1; Expires=Sat, 16-Apr-2022 06:21:39 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618554099|mOgegqnskin0vNomiygu; Version=1; Expires=Sat, 01-May-2021 06:21:39 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 16 Apr 2021 06:21:39 GMT
content-type
text/html
content-length
547
content-encoding
gzip
via
1.1 google
alt-svc
clear
gpt.js
www.googletagservices.com/tag/js/ Frame CAF0 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b729934d326b5e8e01d2be540c73b39e46fcfa4ada189de7d11f7389e47f691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"844 / 796 of 1000 / last-modified: 1618524680"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21054
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:39 GMT
pd
eu-u.openx.net/w/1.0/ Frame E44E 		1007 B
853 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
d3d31f25749c44b5fd5c6b6513cf051c0446ebc29e6e71184cfc12453dbc0183

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=ed69824c-5a0d-0983-195f-f26d5ac14e2b|1618554099
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://powerball.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=ed69824c-5a0d-0983-195f-f26d5ac14e2b|1618554099; Version=1; Expires=Sat, 16-Apr-2022 06:21:39 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618554099|mOgegqnskin0vNomiygu; Version=1; Expires=Sat, 01-May-2021 06:21:39 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 16 Apr 2021 06:21:39 GMT
content-type
text/html
content-length
547
content-encoding
gzip
via
1.1 google
alt-svc
clear
gpt.js
www.googletagservices.com/tag/js/ Frame BFBE 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3efcbc35e7324edd7d888029dac77b8a909ac07ad60e9a0c032792d51da18a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"844 / 592 of 1000 / last-modified: 1618524732"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21111
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:39 GMT
pd
eu-u.openx.net/w/1.0/ Frame 4503 		1007 B
853 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
d3d31f25749c44b5fd5c6b6513cf051c0446ebc29e6e71184cfc12453dbc0183

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=ed69824c-5a0d-0983-195f-f26d5ac14e2b|1618554099
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://powerball.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=ed69824c-5a0d-0983-195f-f26d5ac14e2b|1618554099; Version=1; Expires=Sat, 16-Apr-2022 06:21:39 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618554099|mOgegqnskin0vNomiygu; Version=1; Expires=Sat, 01-May-2021 06:21:39 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 16 Apr 2021 06:21:39 GMT
content-type
text/html
content-length
547
content-encoding
gzip
via
1.1 google
alt-svc
clear
gpt.js
www.googletagservices.com/tag/js/ Frame 8FD8 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b729934d326b5e8e01d2be540c73b39e46fcfa4ada189de7d11f7389e47f691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"844 / 885 of 1000 / last-modified: 1618524680"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21054
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:39 GMT
v1
dmx.districtm.io/b/ Frame 24DD 		0
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://powerball.com
access-control-allow-credentials
true
cf-ray
640b5094fd99cd77-CDG
access-control-allow-headers
Content-Type, Origin
cf-request-id
097af0b1180000cd77ff3f7000000001
cygnus
as-sec.casalemedia.com/ Frame BFBE 		24 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=398900&v=7.2&r=%7B%22id%22%3A%221c52c4302f2748%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22241fcff2295d1c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22398900%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpowerball.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
532653704ee297adf854b0635f30a263d115502ee6aeab9038f6a0ab8111a488

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:40 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://powerball.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
44
Expires
Fri, 16 Apr 2021 06:21:40 GMT
v1
dmx.districtm.io/b/ Frame BFBE 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://powerball.com
access-control-allow-credentials
true
cf-ray
640b5094fda9cd77-CDG
access-control-allow-headers
Content-Type, Origin
cf-request-id
097af0b11f0000cd771b9ae000000001
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BFBE 		238 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=https%3A%2F%2Fpowerball.com%2F&tk_flint=pbjs_lite_v2.44.3&x_source.tid=22c306c3-559a-4248-a6eb-6ff572b18465&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6200427565145259
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
08fbcb64541d026cef0a6d43e2c3836fd00961d220cbf7091e170312efca8805

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:40 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://powerball.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
238
Expires
Wed, 17 Sep 1975 21:32:10 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=1173a281e9e289a;misc=1618554099993;bidfloor=0.3;
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame BFBE 		0
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1173a281e9e289a;misc=1618554099993;bidfloor=0.3;
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:40 GMT
server
nginx
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://powerball.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame BFBE 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://powerball.com
date
Fri, 16 Apr 2021 06:21:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
dmx.districtm.io/b/ Frame 49D6 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://powerball.com
access-control-allow-credentials
true
cf-ray
640b50951dc1cd77-CDG
access-control-allow-headers
Content-Type, Origin
cf-request-id
097af0b12c0000cd7751aa9000000001
ADTECH;v=2;cmd=bid;cors=yes;alias=11db5fa84ebfc81;misc=1618554100009;bidfloor=0.3;
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame CAF0 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=11db5fa84ebfc81;misc=1618554100009;bidfloor=0.3;
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:40 GMT
server
nginx
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://powerball.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
v1
dmx.districtm.io/b/ Frame CAF0 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://powerball.com
access-control-allow-credentials
true
cf-ray
640b50952dd9cd77-CDG
access-control-allow-headers
Content-Type, Origin
cf-request-id
097af0b1350000cd773f1c6000000001
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame CAF0 		238 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=https%3A%2F%2Fpowerball.com%2F&tk_flint=pbjs_lite_v2.44.3&x_source.tid=f8553b24-9670-4e42-b11f-8aada9c41b28&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.18273190080693125
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
1dd598b3a6b65e7cae0d9bfc4ba10fd76c4dda498cbe5abe2a2b46686dc929a6

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:40 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://powerball.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
238
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
as-sec.casalemedia.com/ Frame CAF0 		24 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=398900&v=7.2&r=%7B%22id%22%3A%2278ae50af802021%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2283f50cf3f78891%22%2C%22ext%22%3A%7B%22siteID%22%3A%22398900%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpowerball.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6ec347557d5285fb7f9c7355f286a01df3e56ed0cddd25e2063f3ac8eae78adf

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:40 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://powerball.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
44
Expires
Fri, 16 Apr 2021 06:21:40 GMT
translator
hbopenbid.pubmatic.com/ Frame CAF0 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://powerball.com
date
Fri, 16 Apr 2021 06:21:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
dmx.districtm.io/b/ Frame 49DD 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://powerball.com
access-control-allow-credentials
true
cf-ray
640b50953e02cd77-CDG
access-control-allow-headers
Content-Type, Origin
cf-request-id
097af0b1440000cd775331c000000001
translator
hbopenbid.pubmatic.com/ Frame 49DD 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://powerball.com
date
Fri, 16 Apr 2021 06:21:40 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 49DD 		238 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=https%3A%2F%2Fpowerball.com%2F&tk_flint=pbjs_lite_v2.44.3&x_source.tid=4818f51c-d6b9-4fe8-b573-0daa1b2ee8a8&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5301903210015355
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ce2825e437d640b7960641226185c6c3d9926b473dbc30c75d3ba28561c78e04

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:40 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://powerball.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
238
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
as-sec.casalemedia.com/ Frame 49DD 		24 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=398900&v=7.2&r=%7B%22id%22%3A%2276cb42cedacdcc%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22832c71ff7341f7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22398900%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpowerball.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
242c5a21f620bfdce13b9e5d61f802567c8f1759d4e782958659b7a02dc7ade2

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:40 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://powerball.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
44
Expires
Fri, 16 Apr 2021 06:21:40 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=1119b87ce09002a;misc=1618554100030;bidfloor=0.3;
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 49DD 		0
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1119b87ce09002a;misc=1618554100030;bidfloor=0.3;
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:40 GMT
server
nginx
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://powerball.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
pd
eu-u.openx.net/w/1.0/ Frame 4D05 		814 B
805 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
53b3dca8e8d89d6a16370291815bcadb55dd9ea18fdf23264ed0f5880e3b74b3

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=ed69824c-5a0d-0983-195f-f26d5ac14e2b|1618554099; pd=v2|1618554099|mOgegqnskin0vNomiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://powerball.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=ed69824c-5a0d-0983-195f-f26d5ac14e2b|1618554099; Version=1; Expires=Sat, 16-Apr-2022 06:21:40 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618554099.1|kigqiymOgevNomgunsn0.j8gmmWjofcsHqGsLiSgi; Version=1; Expires=Sat, 01-May-2021 06:21:40 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 16 Apr 2021 06:21:40 GMT
content-type
text/html
content-length
477
content-encoding
gzip
via
1.1 google
alt-svc
clear
gpt.js
www.googletagservices.com/tag/js/ Frame 49DD 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b729934d326b5e8e01d2be540c73b39e46fcfa4ada189de7d11f7389e47f691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"844 / 786 of 1000 / last-modified: 1618524680"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21054
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=116cbeaad8a6975;misc=1618554100057;bidfloor=0.3;
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 8FD8 		0
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=116cbeaad8a6975;misc=1618554100057;bidfloor=0.3;
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:40 GMT
server
nginx
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://powerball.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
cygnus
as-sec.casalemedia.com/ Frame 8FD8 		24 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=398900&v=7.2&r=%7B%22id%22%3A%223a5b2d8c5c8cca%22%2C%22imp%22%3A%5B%7B%22id%22%3A%224e8cf14a6a3d39%22%2C%22ext%22%3A%7B%22siteID%22%3A%22398900%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpowerball.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ea53c0f6c41a94ce89c0362422ca79cf432008e7712716ea25cc8665183338d3

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:40 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://powerball.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
44
Expires
Fri, 16 Apr 2021 06:21:40 GMT
v1
dmx.districtm.io/b/ Frame 8FD8 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://powerball.com
access-control-allow-credentials
true
cf-ray
640b50956e47cd77-CDG
access-control-allow-headers
Content-Type, Origin
cf-request-id
097af0b1620000cd7753bbc000000001
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8FD8 		238 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=https%3A%2F%2Fpowerball.com%2F&tk_flint=pbjs_lite_v2.44.3&x_source.tid=28a41332-3873-4b34-bb25-7f8fc0c95020&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9565293457963515
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ede81721adafe0e10eb5a30b6258af3f850f09d8d06a1824aff5a6bf210926b2

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:40 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://powerball.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
238
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 8FD8 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://powerball.com
date
Fri, 16 Apr 2021 06:21:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pubads_impl_2021041401.js
securepubads.g.doubleclick.net/gpt/ Frame 24DD 		298 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060835
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
80d0a278e7a208ae2bd234aafcbdece69e63c9bf11e800d0ab5fa3c82176cf2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 08:43:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107268
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
pubads_impl_2021041201.js
securepubads.g.doubleclick.net/gpt/ Frame CAF0 		294 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
f9b0195ab22815c68db0b05e89abfc88fcb0b46b8b9a28d70ca731f17e07053e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 12 Apr 2021 08:37:08 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106031
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
pubads_impl_2021041501.js
securepubads.g.doubleclick.net/gpt/ Frame 49D6 		299 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
21684099693050fe6fecb937bb35c94dac2dc990158ed38a53d44ae28fd9c6e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 08:41:55 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107555
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
pubads_impl_2021041201.js
securepubads.g.doubleclick.net/gpt/ Frame 8FD8 		294 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
f9b0195ab22815c68db0b05e89abfc88fcb0b46b8b9a28d70ca731f17e07053e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 12 Apr 2021 08:37:08 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106031
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
pubads_impl_2021041401.js
securepubads.g.doubleclick.net/gpt/ Frame BFBE 		298 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060835
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
80d0a278e7a208ae2bd234aafcbdece69e63c9bf11e800d0ab5fa3c82176cf2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 08:43:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107268
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
aa02db51-6326-a43d-725e-2c70c1b1b09f
pr-bh.ybp.yahoo.com/sync/openx/ Frame FE5C 		43 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/aa02db51-6326-a43d-725e-2c70c1b1b09f?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame FE5C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=n3dnCElZ1LxhRi5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=n3dnCElZ1LxhRi5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:40 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:39 GMT
Server
PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-080424a23a22eec76@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=n3dnCElZ1LxhRi5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame FE5C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=openx
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=00918906-0e2d-431f-bca6-493091024b3f&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=fef8a1ca-a1e7-4b63-a151-4325341ace93
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=fef8a1ca-a1e7-4b63-a151-4325341ace93
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:42 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=fef8a1ca-a1e7-4b63-a151-4325341ace93
date
Fri, 16 Apr 2021 06:21:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
adx
match.prod.bidr.io/cookie-sync/ Frame FE5C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEUklVN0E4bG9BQUNzWDE0d21iZw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.154.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-154-44.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:41 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame FE5C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=cb796079-2cf4-4700-869a-1c9371ad40aa
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=cb796079-2cf4-4700-869a-1c9371ad40aa
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:40 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 16 Apr 2021 06:21:40 GMT
Server
MT3 3660 495c301 master zrh-pixel-x15
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=cb796079-2cf4-4700-869a-1c9371ad40aa
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 16 Apr 2021 06:21:39 GMT
sd
us-u.openx.net/w/1.0/ Frame FE5C
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=BEdAngAUEZMfRUSQVhVakQRDE8IfExOfBESbEhV_
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=BEdAngAUEZMfRUSQVhVakQRDE8IfExOfBESbEhV_
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:40 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=BEdAngAUEZMfRUSQVhVakQRDE8IfExOfBESbEhV_
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame FE5C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6792912830781530008
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6792912830781530008
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6792912830781530008
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame FE5C 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=3ec5bd15-f38a-3674-4389-3a853ee67dd6&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.90.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame FE5C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTJhYTZlZGYtM2FmZC02OGQwLTU2NjktNjAzY2Y0MDRiM2I2
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTJhYTZlZGYtM2FmZC02OGQwLTU2NjktNjAzY2Y0MDRiM2I2&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTJhYTZlZGYtM2FmZC02OGQwLTU2NjktNjAzY2Y0MDRiM2I2&google_tc=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTJhYTZlZGYtM2FmZC02OGQwLTU2NjktNjAzY2Y0MDRiM2I2&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame FE5C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKYZkeqYU4ahEFp_S2PC23A&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKYZkeqYU4ahEFp_S2PC23A&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKYZkeqYU4ahEFp_S2PC23A&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aa02db51-6326-a43d-725e-2c70c1b1b09f
pr-bh.ybp.yahoo.com/sync/openx/ Frame E44E 		43 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/aa02db51-6326-a43d-725e-2c70c1b1b09f?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame E44E
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=n3dnCElZ1LxhRi5
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=537072979&val=n3dnCElZ1LxhRi5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537072979&val=n3dnCElZ1LxhRi5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:40 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537072979&val=n3dnCElZ1LxhRi5
date
Fri, 16 Apr 2021 06:21:40 GMT
via
1.1 google
server
OXGW/16.205.4
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sd
us-u.openx.net/w/1.0/ Frame E44E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=9218e55e-a321-4067-8f88-fa447e6ff8a8
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=9218e55e-a321-4067-8f88-fa447e6ff8a8
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=9bb88330-350a-40af-97fe-16998ea6e53e&ssp=openx&expires=30&user_group=5&bsw_param=9218e55e-a321-4067-8f88-fa447e6ff8a8
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=9bb88330-350a-40af-97fe-16998ea6e53e&ssp=openx&expires=30&user_group=5&bsw_param=9218e55e-a321-4067-8f88-fa447e6ff8a8
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=fef8a1ca-a1e7-4b63-a151-4325341ace93
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=fef8a1ca-a1e7-4b63-a151-4325341ace93
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=fef8a1ca-a1e7-4b63-a151-4325341ace93
date
Fri, 16 Apr 2021 06:21:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
adx
match.prod.bidr.io/cookie-sync/ Frame E44E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGaFJrN0E4bG9BQUNwQW5uQjhiQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGaFJrN0E4bG9BQUNwQW5uQjhiQQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.154.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-154-44.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:41 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame E44E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=102a6079-2cf3-4000-8588-928e7119c680
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=102a6079-2cf3-4000-8588-928e7119c680
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:40 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 16 Apr 2021 06:21:40 GMT
Server
MT3 3660 495c301 master zrh-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=102a6079-2cf3-4000-8588-928e7119c680
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 16 Apr 2021 06:21:39 GMT
sd
us-u.openx.net/w/1.0/ Frame E44E
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=YA4xKGRdYCV7DDUkNA8rdTUJNSB7BjFzbgenOHXp
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=YA4xKGRdYCV7DDUkNA8rdTUJNSB7BjFzbgenOHXp
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:40 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=YA4xKGRdYCV7DDUkNA8rdTUJNSB7BjFzbgenOHXp
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame E44E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3985984458423751493
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3985984458423751493
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3985984458423751493
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame E44E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=3ec5bd15-f38a-3674-4389-3a853ee67dd6&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.90.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame E44E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTJhYTZlZGYtM2FmZC02OGQwLTU2NjktNjAzY2Y0MDRiM2I2
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTJhYTZlZGYtM2FmZC02OGQwLTU2NjktNjAzY2Y0MDRiM2I2&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTJhYTZlZGYtM2FmZC02OGQwLTU2NjktNjAzY2Y0MDRiM2I2&google_tc=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTJhYTZlZGYtM2FmZC02OGQwLTU2NjktNjAzY2Y0MDRiM2I2&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E44E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDdl3RYq3Vctf_ibn9K9E8E&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDdl3RYq3Vctf_ibn9K9E8E&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDdl3RYq3Vctf_ibn9K9E8E&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aa02db51-6326-a43d-725e-2c70c1b1b09f
pr-bh.ybp.yahoo.com/sync/openx/ Frame 4503 		43 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/aa02db51-6326-a43d-725e-2c70c1b1b09f?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 4503
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=n3dnCElZ1LxhRi5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=n3dnCElZ1LxhRi5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:40 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:40 GMT
Server
PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-09324c87255a730c5@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=n3dnCElZ1LxhRi5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4503
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://x.bidswitch.net/ul_cb/sync?ssp=openx
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=openx
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=OOtIwUDvSnV5DJmkrOxpw1JmEnI&user_group=1&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=fef8a1ca-a1e7-4b63-a151-4325341ace93
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=fef8a1ca-a1e7-4b63-a151-4325341ace93
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:42 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=fef8a1ca-a1e7-4b63-a151-4325341ace93
date
Fri, 16 Apr 2021 06:21:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookie-sync
match.prod.bidr.io/ Frame 4503
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADRIU7A8loAACsX14wmbg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.154.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-154-44.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:41 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 16 Apr 2021 06:21:39 GMT
X-lat
amspug005:0:713
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Location
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
sd
eu-u.openx.net/w/1.0/ Frame 4503
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=6ad16079-2cf4-4000-9312-ea027ebe8143
  • https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=6ad16079-2cf4-4000-9312-ea027ebe8143
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=6ad16079-2cf4-4000-9312-ea027ebe8143
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:40 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=6ad16079-2cf4-4000-9312-ea027ebe8143
date
Fri, 16 Apr 2021 06:21:40 GMT
via
1.1 google
server
OXGW/16.205.4
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sd
us-u.openx.net/w/1.0/ Frame 4503
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=k6pov5f5ObKIqGy-lv5y5JOsZreIq23jkq7eFT7T
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=k6pov5f5ObKIqGy-lv5y5JOsZreIq23jkq7eFT7T
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:40 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=k6pov5f5ObKIqGy-lv5y5JOsZreIq23jkq7eFT7T
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 4503
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3778841830798321518
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3778841830798321518
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3778841830798321518
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 4503 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=3ec5bd15-f38a-3674-4389-3a853ee67dd6&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.90.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 4503
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTJhYTZlZGYtM2FmZC02OGQwLTU2NjktNjAzY2Y0MDRiM2I2
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTJhYTZlZGYtM2FmZC02OGQwLTU2NjktNjAzY2Y0MDRiM2I2&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTJhYTZlZGYtM2FmZC02OGQwLTU2NjktNjAzY2Y0MDRiM2I2&google_tc=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTJhYTZlZGYtM2FmZC02OGQwLTU2NjktNjAzY2Y0MDRiM2I2&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4503
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEML8bOD3PqsEY6Y5cAU4A4k&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEML8bOD3PqsEY6Y5cAU4A4k&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEML8bOD3PqsEY6Y5cAU4A4k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021041201.js
securepubads.g.doubleclick.net/gpt/ Frame 49DD 		294 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
f9b0195ab22815c68db0b05e89abfc88fcb0b46b8b9a28d70ca731f17e07053e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 12 Apr 2021 08:37:08 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106031
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
sd
us-u.openx.net/w/1.0/ Frame 4D05
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=6351AA925E474BC38EAA80051C55804D
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=6351AA925E474BC38EAA80051C55804D
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 16 Apr 2021 06:21:43 GMT
x-content-type-options
nosniff
server
nginx
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=6351AA925E474BC38EAA80051C55804D
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Thu, 15 Apr 2021 06:21:43 GMT
c.html
j.mrpdata.net/ Frame 4D05 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://j.mrpdata.net/c.html?ex=OpenX
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.174.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-174-207.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
sd
eu-u.openx.net/w/1.0/ Frame 4D05
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4408666218454809289
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4408666218454809289
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:43 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.46:80
AN-X-Request-Uuid
0f4dbd73-c9c6-4d12-9ed6-5df63ee72635
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4408666218454809289
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
current
openx2-match.dotomi.com/match/bounce/ Frame 4D05 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:40 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
sd
us-u.openx.net/w/1.0/ Frame 4D05
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ox
match.justpremium.com/match/ Frame 4D05 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/ox?ex_uid=744473e5-a43b-0c1e-1197-bcb33f933eec
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.103.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:43 GMT
content-length
43
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 4D05
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YHks9wAAJiYd8QA4
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YHks9wAAJiYd8QA4&_test=YHks9wAAJiYd8QA4
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YHks9wAAJiYd8QA4&_test=YHks9wAAJiYd8QA4
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 varnish
server
Varnish
x-timer
S1618554103.359671,VS0,VE0
x-served-by
cache-hhn4026-HHN
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YHks9wAAJiYd8QA4&_test=YHks9wAAJiYd8QA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame 4D05
Redirect Chain
  • https://green.erne.co/openx/cm
  • https://pixel.onaudience.com/?mapped=Vc4Mi7oFbrFj8Vg4vhpgWpld&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%2...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=282f0e97a4baf3cd7c1bde1b4fea9303&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%25...
  • https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3DVc4Mi7oFbrFj8Vg4vhpgWpld
  • https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=Vc4Mi7oFbrFj8Vg4vhpgWpld
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=Vc4Mi7oFbrFj8Vg4vhpgWpld
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=Vc4Mi7oFbrFj8Vg4vhpgWpld
date
Fri, 16 Apr 2021 06:21:43 GMT
server
openresty
strict-transport-security
max-age=0; includeSubDomains;
content-type
text/html; charset=UTF-8
sd
us-u.openx.net/w/1.0/ Frame 4D05
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3636388516962881894&gdpr=1&gdpr_consent=&us_privacy=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3636388516962881894&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:40 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3636388516962881894&gdpr=1&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 16 Apr 2021 06:21:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dds
rtb.openx.net/sync/ Frame 4D05
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=4ZM3KVoMj1ql_XYy7f9HbA==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
clear
content-length
43
x-request-id
9d3a428po630ts7nqiulsnptongqheie

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame 49D6 		107 B
546 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=powerball.com
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 49D6 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=powerball.com
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 49D6 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1066371454560937&correlator=3651075199923074&output=ldjh&impl=fifs&eid=31060702%2C31060836%2C31060830%2C31060831%2C31060832&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210416&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&prev_scp=hb_name%3DAPST09010385POWB9702__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D970x250_t&eri=1&cookie_enabled=1&cdm=powerball.com&bc=31&abxe=1&lmt=1618554100&dt=1618554100276&dlt=1618554099677&idt=584&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=3&adxs=315&adys=3139&adks=3392797045&ucis=o74s88oo8i8k&ifi=1&ifk=2413875652&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fpowerball.com%2F&top=https%3A%2F%2Fpowerball.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x250&ga_vid=428187182.1618554099&ga_sid=1618554100&ga_hid=497869117&ga_fc=true&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
0b0a7e29d64f89ee6f5e44d61fd979c46543482d357fcd2ea75d02128d5a0c62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4333
x-xss-protection
0
google-lineitem-id
5292730782
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138302678468
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://powerball.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
77da5e4d71dda1e908b6f29e27a1e929.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 49D6 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://77da5e4d71dda1e908b6f29e27a1e929.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 49D6 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ Frame 24DD 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=powerball.com
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 24DD 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=powerball.com
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 24DD 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4443508296069636&correlator=1741062332924309&output=ldjh&impl=fifs&eid=31060703%2C31060835%2C31060830%2C31060831%2C31060832%2C31060840&vrg=2021041401&ptt=17&sc=1&sfv=1-0-38&ecs=20210416&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&prev_scp=hb_name%3DAPST09010385POWB9701__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D970x250_t&eri=1&cookie_enabled=1&cdm=powerball.com&bc=31&abxe=1&lmt=1618554100&dt=1618554100312&dlt=1618554099655&idt=636&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=3&adxs=315&adys=960&adks=3386903054&ucis=bdrrzyefkig4&ifi=1&ifk=2413875652&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fpowerball.com%2F&top=https%3A%2F%2Fpowerball.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x250&ga_vid=428187182.1618554099&ga_sid=1618554100&ga_hid=716333642&ga_fc=true&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060835
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
68778ad029c5359bda59f9f410e782e4843d2f6058e1e26956b7ccccff4f68ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4567
x-xss-protection
0
google-lineitem-id
5292730782
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138302678468
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://powerball.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8d91326dfe3875d1c9c3c10e035e58eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 24DD 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://8d91326dfe3875d1c9c3c10e035e58eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 24DD 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ Frame BFBE 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=powerball.com
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BFBE 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=powerball.com
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame BFBE 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=206997755441126&correlator=3105402496116061&output=ldjh&impl=fifs&eid=31060835%2C31060413%2C31060830%2C31060831%2C31060832&vrg=2021041401&ptt=17&sc=1&sfv=1-0-38&ecs=20210416&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DAPST04010385POWB3002__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D300x250_0%252Chb-bid-39fb0dbdd4fb3a&eri=1&cookie_enabled=1&cdm=powerball.com&bc=31&abxe=1&lmt=1618554100&dt=1618554100324&dlt=1618554099713&idt=606&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1986902392&ucis=s5lwr7z0a9qf&ifi=1&ifk=1468573323&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fpowerball.com%2F&top=https%3A%2F%2Fpowerball.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=428187182.1618554099&ga_sid=1618554100&ga_hid=1929873477&ga_fc=true&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060835
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
b778ac81935e88f031e9f2dbbfb14f04cbf8c6c70e47bd978436d9682565b4c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4575
x-xss-protection
0
google-lineitem-id
5293712860
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138303009295
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://powerball.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
91381cfce1252bba543b5b36080293dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BFBE 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://91381cfce1252bba543b5b36080293dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame BFBE 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ Frame CAF0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=powerball.com
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame CAF0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=powerball.com
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame CAF0 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd02fbd0abc1337b2fc991144d688342ad9008abb3708a11e384e9d8f87a8580
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6979
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame CAF0 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3996293813667926&correlator=4031861874162266&output=ldjh&impl=fifs&eid=21068031%2C31060736%2C31060830%2C31060831%2C31060832&vrg=2021041201&ptt=17&sc=1&sfv=1-0-38&ecs=20210416&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DAPST04010385POWB3001__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D300x250_0%252Chb-bid-3c8439188584b1&eri=1&cookie_enabled=1&cdm=powerball.com&bc=31&abxe=1&lmt=1618554100&dt=1618554100340&dlt=1618554099695&idt=633&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1990784575&ucis=lcagf5domvov&ifi=1&ifk=1468573323&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fpowerball.com%2F&top=https%3A%2F%2Fpowerball.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=428187182.1618554099&ga_sid=1618554100&ga_hid=9720874&ga_fc=true&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
a9a83d40c9475418164c05e9c1c653f1659964c15b9ed67dfec72f467945f678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4362
x-xss-protection
0
google-lineitem-id
5293712860
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138303009295
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://powerball.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
77435924f9313dfa7fe52419e1d3ea4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CAF0 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://77435924f9313dfa7fe52419e1d3ea4f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame CAF0 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ Frame 49DD 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=powerball.com
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 49DD 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=powerball.com
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 49DD 		8 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4466286416909981&correlator=453850942335866&output=ldjh&impl=fifs&eid=31060702%2C44733568%2C31060830%2C31060831%2C31060832&vrg=2021041201&ptt=17&sc=1&sfv=1-0-38&ecs=20210416&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DAPST04010385POWB3003__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D300x250_0%252Chb-bid-38fb716236b509&eri=1&cookie_enabled=1&cdm=powerball.com&bc=31&abxe=1&lmt=1618554100&dt=1618554100356&dlt=1618554099731&idt=616&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=440&adys=4111&adks=1992055404&ucis=46hi6dlz6kso&ifi=1&ifk=672433107&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fpowerball.com%2F&top=https%3A%2F%2Fpowerball.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=428187182.1618554099&ga_sid=1618554100&ga_hid=2019439071&ga_fc=true&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
f386aa29a5a10ad0fe124a6f07532dbb9d28e9fd5541d06c09a0d52e65afba3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4596
x-xss-protection
0
google-lineitem-id
5293712860
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138303009295
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://powerball.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d8d00c858a05120dd7e1a9b9faf5eab9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 49DD 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d8d00c858a05120dd7e1a9b9faf5eab9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 49DD 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pd
eu-u.openx.net/w/1.0/ Frame CD12 		1 KB
1000 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
1be49cc86678c36e8d7886487df61502524790caece818114eec60f2ad0c295c

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=ed69824c-5a0d-0983-195f-f26d5ac14e2b|1618554099; pd=v2|1618554099.1|kigqiymOgevNomgunsn0.j8gmmWjofcsHqGsLiSgi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://powerball.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=ed69824c-5a0d-0983-195f-f26d5ac14e2b|1618554099; Version=1; Expires=Sat, 16-Apr-2022 06:21:40 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618554099.1|kigqiymOgevNomgunsn0.fogSj8w0gmmWvStujofcsHqGvtmuvQsLiSsfrFgi; Version=1; Expires=Sat, 01-May-2021 06:21:40 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 16 Apr 2021 06:21:40 GMT
content-type
text/html
content-length
657
content-encoding
gzip
via
1.1 google
alt-svc
clear
pd
eu-u.openx.net/w/1.0/ Frame 8E0E 		1 KB
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
1be49cc86678c36e8d7886487df61502524790caece818114eec60f2ad0c295c

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=ed69824c-5a0d-0983-195f-f26d5ac14e2b|1618554099; pd=v2|1618554099.1|kigqiymOgevNomgunsn0.j8gmmWjofcsHqGsLiSgi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://powerball.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=ed69824c-5a0d-0983-195f-f26d5ac14e2b|1618554099; Version=1; Expires=Sat, 16-Apr-2022 06:21:40 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618554099.1|kigqiymOgevNomgunsn0.fogSj8w0gmmWvStujofcsHqGvtmuvQsLiSsfrFgi; Version=1; Expires=Sat, 01-May-2021 06:21:40 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 16 Apr 2021 06:21:40 GMT
content-type
text/html
content-length
657
content-encoding
gzip
via
1.1 google
alt-svc
clear
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CAF0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 3047 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://powerball.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 15 Apr 2021 20:06:52 GMT
expires
Fri, 15 Apr 2022 20:06:52 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
36888
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame D4EB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVf-arYCHewS1ghZfsRjJX66x5ar2_wP63IkDzTh0x4CUyMXtBRITC6tgt4wK7Qj6DlSEDPPK8U4QyMGmEAgDZQG-WLXoPQozEsYN-JoctR-tAeFmgtldCWSpcHfIO4FpPFAi4erWqLTg0eTJ04eC9qHhjnxjoSCkELJJlH4KVRE5nOdv2_nw07y1lClGTXGmf3tkAoWaLwFdAsp5CgczIPmI_9CQY0gzugVXn3VNefuFwv6ek2MjNnjuRwJqqXCN5aQ9IPkLbxEYt6zqo8EIQlO6yeoTcnlSj_50Dm3P4G022EQpE&sai=AMfl-YRfVNc26JYIa3ZrLgIu14TsSumfi3u8IHvAUvZR2sr8o5ARg4w1Nh4YsXIXGsvZU-5KqCVgQBCC27Qy29XsecdfcbBKUX8RQKWHEzQEi7Cr6qDUwFGeuOghBX0fhyPH&sig=Cg0ArKJSzO9o0cwKuhAcEAE&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 16 Apr 2021 06:21:40 GMT
wowyowdisplay970x250desktop.js
deio3v2go54x9.cloudfront.net/ Frame D4EB 		795 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deio3v2go54x9.cloudfront.net/wowyowdisplay970x250desktop.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:a00:e:ff8:b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df3317fe7031ec742daeed002d97da566a8648fbacb939fce19093f17a79d5c1

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 18:48:07 GMT
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
last-modified
Fri, 15 May 2020 00:11:29 GMT
server
AmazonS3
age
41614
etag
"3003337c564f4ca4358edc2761ee81a6"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
795
x-amz-cf-id
EPzjV8ttjvKXQv_OC1pJrT_P-FnFQaNPQgxIqJ85u1vw6oMyTDGW6g==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D4EB 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 49D6 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423639646658"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 49D6 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ee3f937ba7335fe472f0b5e668a98f56416a7cf8bba5bc0d6e25a77f29715d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7100
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 8FD8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=powerball.com
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8FD8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=powerball.com
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 8FD8 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4043476954523052&correlator=2356145930865257&output=ldjh&impl=fifs&eid=31060311%2C21068030%2C31060708%2C31060506%2C31060830%2C31060831%2C31060832%2C31060839&vrg=2021041201&ptt=17&sc=1&sfv=1-0-38&ecs=20210416&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DAPST04010385POWB3004__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D300x250_0%252Chb-bid-3247f0cff143b4&eri=1&cookie=ID%3Df35b5ec610c14220-22f6b89622bb0000%3AT%3D1618554100%3AS%3DALNI_MaphzFmXsLhpvZerZ5fdX_ZDgHu3g&cdm=powerball.com&bc=31&abxe=1&lmt=1618554100&dt=1618554100449&dlt=1618554099748&idt=500&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=860&adys=4111&adks=1443960515&ucis=416f7ftcnyhq&ifi=1&ifk=672433107&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fpowerball.com%2F&top=https%3A%2F%2Fpowerball.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=428187182.1618554099&ga_sid=1618554100&ga_hid=781827161&ga_fc=true&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
91abe561c496b80a37f0a7551a49a0b1dc42aa680ca292cf55de3e17cfff0801
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4968
x-xss-protection
0
google-lineitem-id
5293712860
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138303009295
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://powerball.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5e35c87121912fa19f86df9e780d26bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8FD8 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://5e35c87121912fa19f86df9e780d26bd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 8FD8 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame F2A4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsugx7OXADuwdaciamlaYaWsZweYJijpyvqS7JAMrHnO_CVAXA_JDpkASMvfhFBsTgSxjc2jm4ejx06HB6J7ljYg8GaPWtcwNwClP0FWmIWxKmuXl6SMQp8x-m-Z4yGAlS7Nnl1AQ8geHOk_39KXPUOg_EIcxTrmfMyfsgK1jqEXt5jqrYY351W73lRNvhfoSnR6-0o_bnI3bbAIgA6AXjl0QIe_-UE-zWeBjiHYfFPuTBSpUDdcrEqaV7ryVxHOhW737R93Disvhe40X1Mswp2Nzi0qQMg7Z-SpqOw6zqKepUB0GCk_Jd0VBwU&sai=AMfl-YTUfJVJTi5_HUS7bHn1zR9C-A3pBK5nnPA8AwmyfCly0nOqfzJx4ACsy0_LV2cgkKFSprIzU7MIYf8y4w2hy7fyJYv9XE51Fhz2AqR_nGU3CGu1bDaUftRgQRSD7UA-&sig=Cg0ArKJSzPHJD-IFg1TxEAE&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
wowyowdisplay970x250desktop.js
deio3v2go54x9.cloudfront.net/ Frame F2A4 		795 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deio3v2go54x9.cloudfront.net/wowyowdisplay970x250desktop.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:a00:e:ff8:b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df3317fe7031ec742daeed002d97da566a8648fbacb939fce19093f17a79d5c1

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 18:48:07 GMT
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
last-modified
Fri, 15 May 2020 00:11:29 GMT
server
AmazonS3
age
41614
etag
"3003337c564f4ca4358edc2761ee81a6"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
795
x-amz-cf-id
7Z4B1VPkIlSxP1DVG5ERZOt4RoedLuIx6OsmsxL8gXqqPF9UGppKCQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F2A4 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 24DD 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423639646658"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 24DD 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060835
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b6c7dad04b16cc0a17b436e5a035c05524ff060a0fd3b1137b6cef9f6ae6010
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6979
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 9DE1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswmDFb_KUi-yKIsmyOcK9A862ZsGz1NOgOdo8IOuzXO8zrm1tVbQXzNBrrAD47s33U0JsLDRXAVc6Fez-zp2qHg_UWabEDGXah7yRlomkp8VrLd3uPSqrcKVn_UxCQ0rA6hw2MWDbj6pLJD3flKLDkBFi39pSCFuQjhh4kxP29Hoee7QudxfJmgHIYZZ1GYN9YyzgAUSKgZo5j4kF2R-SD0W3rSV2VjsVM2HoVK-gXBXd_oPRM93jxAN-AUDWGc7heT8kohZV141r0SfmAtcdTMXoyCdwJlQQVqy9IxifJ1JRUj6d6&sai=AMfl-YSB6nxHb0FCs43PNEc9un_DcAvCd8iDKAUmXR7h94fjCEbTmNLZDTtPTCX3iJ0RDjb46FOi0Z4uWAJRKISi0dVPilXF6QYgQqAOkzptoWD9wg2bonk5pZVieQGDY6nV&sig=Cg0ArKJSzC7fiHnpz2tWEAE&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
wowyowdisplay300x250desktop.js
deio3v2go54x9.cloudfront.net/ Frame 9DE1 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deio3v2go54x9.cloudfront.net/wowyowdisplay300x250desktop.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:a00:e:ff8:b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
676788eac82d90570b7eb37cbe79b56ddb61b3884014e19515ed5d0b175518d6

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
last-modified
Tue, 02 Jun 2020 23:48:25 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
etag
"09141670283bfe88eea14b5bd03b90c3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1038
x-amz-cf-id
E3UFoDU9hj71ViaDBlfNwY1oaG7FrkMzLvCyatovPltoGqLuBZ7ecw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9DE1 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame BFBE 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423639646658"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame BFBE 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041401.js?31060835
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
901c79c22ef845bf00ed4b4410c8054d64085c945433e9dad383610f3b0c0312
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6978
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame F206 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAO84bvnPYlmBseoRl6OD-y2fl2P-Zxc8CNIX94zQwuK-UzwwiJIXnwo-2EsCzY-tOWz9qb_sCgYA7oftpk9RKfjV0OJFLXRL7Fv8liM2DxFYF5JxZYSZwzRINcqkThrivpGY0g8IlNjjyEH_LxS_YXweN7IjLBL0JWAmYduQf1YUtTMzOxbGijIC_WuIRrckHCpyP1sYTTRnB2ASTE_-7uLCo5JpcAs2YxjZLySAQdAUNq4ex-fZz1VRHhwI7DVX4ntR6tpqyJnUJcdJfv4EMDUzBzdOt8rR7DWzsg9BDbGfXHmJq&sai=AMfl-YTKRUrwfjFXpPX85QfRj4H_paF_CUx7uQ6BO8tjkO-Dn-HtaN-Z-JjPBjmZlqbIVCsDJdaxujK0vFVBnsy1pBwKT1wCW9BYC-G8avuzy3kuPpAJiinXqsgq9nIDegQ&sig=Cg0ArKJSzI2m9fBfYOGuEAE&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
wowyowdisplay300x250desktop.js
deio3v2go54x9.cloudfront.net/ Frame F206 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deio3v2go54x9.cloudfront.net/wowyowdisplay300x250desktop.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:a00:e:ff8:b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
676788eac82d90570b7eb37cbe79b56ddb61b3884014e19515ed5d0b175518d6

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
last-modified
Tue, 02 Jun 2020 23:48:25 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
etag
"09141670283bfe88eea14b5bd03b90c3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1038
x-amz-cf-id
BDjjhDHO2VDEVQKJTltGWtCx7ZX4lJx2aEgWfsAamxeWfuKyjTleHA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F206 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame CAF0 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423639646658"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 60CE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst79rcxNpqYeTkYCxIOnITP_dAbnU54XSXbkyAz56thn1VQErZJ7k4XIkArtgfx3mgBw-_jEhTy8_iMGU2fWhA37VrYeB1WWvxG5y6OV_ZmLw8CWFCkpKn3WdlSS5A08un4ExOmmITmPnbdr7lc1NZHTh4YvEJFKmaZXMz9wLxHL-M_axUzxJFI49cR0rDlZYdhVEtVVp_6vg13T-umOZ0AwmMnBPNEJSP80RYqhSPRzil6rlkjJmcDd2LoRnoa7DPxU12q9BglbjWmkZOVSj244JBZzwZjp6p6bxOQsUGNGPDIbfo9&sai=AMfl-YQo12DSuodD1y-BKXNkVsewyI32CbyK6O9sPfNnrwhzVO-HUptgZwkqt7TvjZ_cuV4i-fI6EJtx7e2qw1WyLCHJcFhqMydGDwIyivRiMXQLaLvi17_yUXbHiCu2wm4&sig=Cg0ArKJSzH28fpST99rjEAE&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
wowyowdisplay300x250desktop.js
deio3v2go54x9.cloudfront.net/ Frame 60CE 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deio3v2go54x9.cloudfront.net/wowyowdisplay300x250desktop.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:a00:e:ff8:b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
676788eac82d90570b7eb37cbe79b56ddb61b3884014e19515ed5d0b175518d6

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
last-modified
Tue, 02 Jun 2020 23:48:25 GMT
server
AmazonS3
age
0
etag
"09141670283bfe88eea14b5bd03b90c3"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
1038
x-amz-cf-id
pt0vi-cY-F2P3djYnT9jMwkWcn_sB9zT5f2KtbGiQRQV52wVZBYjQQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 60CE 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 49DD 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423639646658"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 49DD 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
416d1c5765ff3fbde867f106228f17a32182d6fbbf2fccb0a5e4f3b536ddefc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7057
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 49D6 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 24DD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
adf3ad77-883f-041f-1364-636d985e31aa
sync.1rx.io/usersync/openx/ Frame CD12 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/openx/adf3ad77-883f-041f-1364-636d985e31aa
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.150 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:40 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Tengine
Connection
keep-alive
Expires
0
sd
us-u.openx.net/w/1.0/ Frame CD12
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=875739025969568148
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=875739025969568148
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=875739025969568148
Date
Fri, 16 Apr 2021 06:21:41 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
m
ad.yieldlab.net/ Frame CD12
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=7a314129-4014-4857-bd4a-aafa9d87c263&r=https://ad.yieldlab.net/m?dt_id=2448064&ext_id=
  • https://ad.yieldlab.net/m?dt_id=2448064&ext_id=f43a4a5f-a317-0f71-331e-1b83c1887ce2
0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=2448064&ext_id=f43a4a5f-a317-0f71-331e-1b83c1887ce2
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:41 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Thu, 15 Apr 2021 06:21:41 GMT

Redirect headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ad.yieldlab.net/m?dt_id=2448064&ext_id=f43a4a5f-a317-0f71-331e-1b83c1887ce2
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
pixel.advertising.com/ups/55981/ Frame CD12 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55981/sync?_origin=1&gdpr=1&uid=10013e9c-2be0-0c3d-10ae-fb8fa94589bf
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.63.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:42 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
merge
ce.lijit.com/ Frame CD12
Redirect Chain
  • https://ce.lijit.com/merge?pid=76&3pid=522b63d5-193e-0c79-0435-8c2346574284
  • https://ce.lijit.com/merge?pid=76&3pid=522b63d5-193e-0c79-0435-8c2346574284&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=522b63d5-193e-0c79-0435-8c2346574284&dnr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:42 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:42 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=76&3pid=522b63d5-193e-0c79-0435-8c2346574284&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
um
sync.teads.tv/ Frame CD12
Redirect Chain
  • https://eu-u.openx.net/w/1.0/cm?id=05b4ec5e-f604-4a08-bcaf-b4806bac0361&r=https://sync.teads.tv/um?eid=64&uid=
  • https://sync.teads.tv/um?eid=64&uid=8bbfe728-1507-0d2e-32fb-05f937a3bde0
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=64&uid=8bbfe728-1507-0d2e-32fb-05f937a3bde0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:42 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 16 Apr 2021 06:21:42 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif

Redirect headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.teads.tv/um?eid=64&uid=8bbfe728-1507-0d2e-32fb-05f937a3bde0
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
openx
tr.blismedia.com/v1/api/sync/ Frame CD12 		0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:42 GMT
via
1.1 google
alt-svc
clear
dcm
aax-eu.amazon-adsystem.com/s/ Frame CD12
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=6613c168-ef20-8d8e-8387-b81256d5b636
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=6613c168-ef20-8d8e-8387-b81256d5b636&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=6613c168-ef20-8d8e-8387-b81256d5b636&dcc=t
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:42 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:42 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=6613c168-ef20-8d8e-8387-b81256d5b636&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame CD12
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=03a41487-9e7c-11eb-a768-37a8b585c26b
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=03a41487-9e7c-11eb-a768-37a8b585c26b
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=03a41487-9e7c-11eb-a768-37a8b585c26b
Date
Fri, 16 Apr 2021 06:21:43 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
03a41488-9e7c-11eb-a768-37a8b585c26b
us.php
gu.dyntrk.com/adx/ox/ Frame CD12 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.8.70 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
adf3ad77-883f-041f-1364-636d985e31aa
sync.1rx.io/usersync/openx/ Frame 8E0E 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/openx/adf3ad77-883f-041f-1364-636d985e31aa
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.150 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:40 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Tengine
Connection
keep-alive
Expires
0
sd
us-u.openx.net/w/1.0/ Frame 8E0E
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=1871316019233727457
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=1871316019233727457
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=1871316019233727457
Date
Fri, 16 Apr 2021 06:21:41 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
m
ad.yieldlab.net/ Frame 8E0E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=7a314129-4014-4857-bd4a-aafa9d87c263&r=https://ad.yieldlab.net/m?dt_id=2448064&ext_id=
  • https://ad.yieldlab.net/m?dt_id=2448064&ext_id=f43a4a5f-a317-0f71-331e-1b83c1887ce2
0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=2448064&ext_id=f43a4a5f-a317-0f71-331e-1b83c1887ce2
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:41 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Thu, 15 Apr 2021 06:21:41 GMT

Redirect headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ad.yieldlab.net/m?dt_id=2448064&ext_id=f43a4a5f-a317-0f71-331e-1b83c1887ce2
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
pixel.advertising.com/ups/55981/ Frame 8E0E 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55981/sync?_origin=1&gdpr=1&uid=10013e9c-2be0-0c3d-10ae-fb8fa94589bf
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.63.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:42 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
merge
ce.lijit.com/ Frame 8E0E
Redirect Chain
  • https://ce.lijit.com/merge?pid=76&3pid=522b63d5-193e-0c79-0435-8c2346574284
  • https://ce.lijit.com/merge?pid=76&3pid=522b63d5-193e-0c79-0435-8c2346574284&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=522b63d5-193e-0c79-0435-8c2346574284&dnr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:42 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:42 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=76&3pid=522b63d5-193e-0c79-0435-8c2346574284&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
um
sync.teads.tv/ Frame 8E0E
Redirect Chain
  • https://eu-u.openx.net/w/1.0/cm?id=05b4ec5e-f604-4a08-bcaf-b4806bac0361&r=https://sync.teads.tv/um?eid=64&uid=
  • https://sync.teads.tv/um?eid=64&uid=8bbfe728-1507-0d2e-32fb-05f937a3bde0
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=64&uid=8bbfe728-1507-0d2e-32fb-05f937a3bde0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:42 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 16 Apr 2021 06:21:42 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif

Redirect headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.teads.tv/um?eid=64&uid=8bbfe728-1507-0d2e-32fb-05f937a3bde0
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
openx
tr.blismedia.com/v1/api/sync/ Frame 8E0E 		0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:42 GMT
via
1.1 google
alt-svc
clear
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8E0E
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=6613c168-ef20-8d8e-8387-b81256d5b636
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=6613c168-ef20-8d8e-8387-b81256d5b636&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=6613c168-ef20-8d8e-8387-b81256d5b636&dcc=t
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:42 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:42 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=6613c168-ef20-8d8e-8387-b81256d5b636&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 8E0E
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=03b21da2-9e7c-11eb-9264-1bb6de4ce876
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=03b21da2-9e7c-11eb-9264-1bb6de4ce876
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:44 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=03b21da2-9e7c-11eb-9264-1bb6de4ce876
Date
Fri, 16 Apr 2021 06:21:43 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
03b21da3-9e7c-11eb-9264-1bb6de4ce876
us.php
gu.dyntrk.com/adx/ox/ Frame 8E0E 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.8.70 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BFBE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3B18 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGrQl1NNGebe8JbcKPVNG0ckx1UFpx8zuCByMfb0u_ypnTkS4LCJolQCTzVJ3yaRp-4drcXyehUMDEvG6BcaMHALagO8Loz-dBAPxuDe7p5-UBeF9D9ukTOFt6hzYQ4EbVUaq-0JoLuPzoLh6OGawBBqY4SXc1HU7QHDD0PhxqInMz7GIOlOj9hoeCEdFlD2SUBi5InQQjVpTN3lHDwil-QjfauLSjm7aVX8HHGkQ5NXJKqAVoIqiO6wVZHeMfAVzUQQMkPYEGxcZt-Yvi-x-NrXQWDHTjJKRfptLVcj7wodxTNizs&sig=Cg0ArKJSzFC1FFkR4zm7EAE&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
wowyowdisplay300x250desktop.js
deio3v2go54x9.cloudfront.net/ Frame 3B18 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deio3v2go54x9.cloudfront.net/wowyowdisplay300x250desktop.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:a00:e:ff8:b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
676788eac82d90570b7eb37cbe79b56ddb61b3884014e19515ed5d0b175518d6

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
via
1.1 b75b06741e5146585057681bd60737b3.cloudfront.net (CloudFront)
last-modified
Tue, 02 Jun 2020 23:48:25 GMT
server
AmazonS3
age
0
etag
"09141670283bfe88eea14b5bd03b90c3"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
1038
x-amz-cf-id
0rf2eY90wPs2qrTy74dBTerHPBKUtKWWutY5WMfBRbdm6ojFUfAaKg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3B18 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 8FD8 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423639646658"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8FD8 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
07d358fefed3b606a91c5681e9fb795f7177b7741ca5bb3906794e05ede6d35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6979
x-xss-protection
0
truncated
/ Frame D4EB 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d334ad3e7ee3100cd5f61e446cca2844783692c6f24107d615c89848da0641b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F2A4 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44b6ec24326c6ac2be91d08eda6d4bef0e7c651a0d6e75afc1a552e1193a6388

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 49DD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
wowyowdisplay970x250desktop.php
wowyowapi.com/ Frame 176B 		907 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=powerball.com
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.124.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
8459ce8cedefe43c38e7a0a53975193615fbb687d5a928257ea4a24c90aaf9ae

Request headers

Host
wowyowapi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://powerball.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://powerball.com/

Response headers

access-control-allow-origin
*
Cache-Control
no-cache, must-revalidate
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Apr 2021 06:21:43 GMT
Server
Apache
Content-Length
907
Connection
keep-alive
wowyowdisplay970x250desktop.php
wowyowapi.com/ Frame 1203 		907 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=powerball.com
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.124.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
8459ce8cedefe43c38e7a0a53975193615fbb687d5a928257ea4a24c90aaf9ae

Request headers

Host
wowyowapi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://powerball.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://powerball.com/

Response headers

access-control-allow-origin
*
Cache-Control
no-cache, must-revalidate
Content-Type
text/html; charset=UTF-8
Date
Fri, 16 Apr 2021 06:21:43 GMT
Server
Apache
Content-Length
907
Connection
keep-alive
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8FD8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 16 Apr 2021 06:21:40 GMT
truncated
/ Frame 60CE 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60c57279a0d0fe283ea911e8c54f96a5c4b2c7181b75ccc00a38c612dba2c703

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3B18 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f097b7264f694cf459dc51bc1ac050f4aaaf62c234cfd9e3495c9ccc3ee1302

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 4032 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://powerball.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 15 Apr 2021 20:06:52 GMT
expires
Fri, 15 Apr 2022 20:06:52 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
36888
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame B978 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://powerball.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 15 Apr 2021 20:06:52 GMT
expires
Fri, 15 Apr 2022 20:06:52 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
36888
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 6808 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://powerball.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 15 Apr 2021 20:06:52 GMT
expires
Fri, 15 Apr 2022 20:06:52 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
36888
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 9DE1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuo-i9KeDSbVCmlg6ZZVd2vku7LozSVU0w_yCRqIeGE0s9HspBzPBnaL5uY1a76cmSLoZIBMFzHNlXLYihuyAKWDEEAwkxEzgnqc0MI2monQHaY1WidMOzhDqcLJpDm1tXYGQnI55nyUJSSoTIdEeDXA74Sy5UvwZPmXFeeo4TvpnTxZMv3MxhogpZtu40vMj5XMDzqHlVUNC_C2W96e1MnZv097_V9IyUdGj8n1xNRQvsibTPxfiwxvNW1ozMIoMLGX9LO0P558gCCIgJQqX9XRUsKIwfvJ0Cx9ehBD05CbIALG44AhSE&sai=AMfl-YSNOvCQ_mkSq-EfxAAxYWcj5ysTSpwRektcPnlNtIMBAAnz6cloXQ8NnYo1XwqLyXPGA5EWI7WR4rPaonGQJEcxj9cD-q0nGydcgknCkJMwz8l1KQL4rIicn2pqNGIN&sig=Cg0ArKJSzMDSkKm8p7urEAE&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 16 Apr 2021 06:21:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F206 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvIKEIq0UIFotk_lESahoRfhg4r0kWUgRrfT6n06nqYFQXcubd59XcW4hgI844K451l2MUbUVjpNSH83j9SUi43GkbCf9FJ6Wkj7EZrUKvZqkLIFTpCXmWVuzRTVG1OWexQoXh4evNRsFv7p-uqZZpZwkvd-gzBXiqaYrqj4ghchrvEUYIKk27vMTbEJroWlkKMoZTIL3TZiw9V3zqHyoMIoah24b6Ksde3gkaTJOQdKwTpk6rAtrnWOM4OkgraNL16FypQuyO-IceXRrLdVvuZoPVRlEcyu4tOrqVhNPVi4jXPMcME_4&sai=AMfl-YQwW3QBd7e42U2y5aSE1b3ZuVcpiIJ-4go5_VVR4UJJJkOp-VNxch3Xoees7FLlNJaROIVsS5fL9THnGhYnN7uvfbr6vSEkPxDXckBfZad8AMU_LUx-S3MCTeXyeI0&sig=Cg0ArKJSzIrLcUCYBT29EAE&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 16 Apr 2021 06:21:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 60CE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssw7bacw-9MZ8iPEUwHRzRs4akcb8ZzWeYgaz93Myoc7kdHudFy_0c6lAjdi_5PzrvdpxPr-F4b1v1zlO9_sfDkUQ4Nl2DQDMJM-z5bxydzjc1L-w9uxvnBPRBU6GGMcXD5xawz0qODIZ5IFfGP6WG7BouSOvrsnJsiS_xLG7TpGReVDfiOigR2UX-RFXYpyuyAs4HGFIfB6r54wKiqkgYXcp1j36ytA63me95IDJeYE6qHyd8i-iAQu3jOOmXSVmURPy5JaExHDQ1ch5UpUMM4cUAzg4-lhMPNShf0OP-XMrxVoZmOT-8&sai=AMfl-YSoyDlbwK2mg6qNcUByrKb_GyBIUt3DvCPIb5c2cI-RWrdpWUNp4wEhVA1aI3faJ-rReWP9rFxMrLbZJR80kXxHKwxCqMhixc_r7iopyrhXbcx6MWMaw9M0TZ-QQb8&sig=Cg0ArKJSzPzF1ChIbeaREAE&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 16 Apr 2021 06:21:40 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 4292 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://powerball.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 15 Apr 2021 20:06:52 GMT
expires
Fri, 15 Apr 2022 20:06:52 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
36888
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 3B18 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRwXprbl4rAOtsTE9bPArU9QiVoth7sKHTa6b_nkZpC3C_nVgVbsFadusSGwmenXZRknQFoDWuJsBVjVtJuLNGwQQT6jg56Qbm10ufK_fEtcmwe-Rj8pxYw7W_oXqX5Ah1RQiC3rXFOUe4KAutBDLkSWjmHAk9lggN7FN8cnkHBvY4ziX9VdV9T0PU93lpIBQtdhYJGg_wwlJYdzlUc3Na8F2XcLo7J0u2WpXb-WwnYGWJr8Wucfgp51SQwuKwbyWeYKaMUXUI9uqyTAoGm2NEFOPQqRzrVQrpygkysxTZLTh1vrZa-xg&sig=Cg0ArKJSzDBQqZN8ilxKEAE&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 16 Apr 2021 06:21:40 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame F875 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://powerball.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 15 Apr 2021 20:06:52 GMT
expires
Fri, 15 Apr 2022 20:06:52 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
36888
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 3B18 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
d216b8da34933ed1ba140eccb7345ec388e9200b635dec8dd917e21834f35c4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 05:58:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1403
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20914
x-xss-protection
0
server
cafe
etag
9171160076714409937
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 16 Apr 2021 06:58:17 GMT
Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
pagead2.googlesyndication.com/bg/ Frame 3047 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 14:09:25 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
144735
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Thu, 14 Apr 2022 14:09:25 GMT
Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
pagead2.googlesyndication.com/bg/ Frame 4032 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 14:09:25 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
144735
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Thu, 14 Apr 2022 14:09:25 GMT
Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
pagead2.googlesyndication.com/bg/ Frame B978 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 14:09:25 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
144735
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Thu, 14 Apr 2022 14:09:25 GMT
Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
pagead2.googlesyndication.com/bg/ Frame 6808 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 14:09:25 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
144735
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Thu, 14 Apr 2022 14:09:25 GMT
Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
pagead2.googlesyndication.com/bg/ Frame 4292 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 14:09:25 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
144735
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Thu, 14 Apr 2022 14:09:25 GMT
Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
pagead2.googlesyndication.com/bg/ Frame F875 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ru4asw80RDg-wKj4k1IJyVIDrNjFP7NKP7NQDOdNnzM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 14:09:25 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
144735
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5687
x-xss-protection
0
expires
Thu, 14 Apr 2022 14:09:25 GMT
csi
csi.gstatic.com/ Frame 3B18 		0
331 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~knjxbl4w&chm=1&ctx=2&qqid=CKPa1fGPgvACFVfGuwgdNZAJHg&met.4=fb.f~lb.60~ol.7x~idt.a1~dt.-3v&met.3=739.60~749.7v_2~738.7x~740.81~736.86~740.88~735.8c_1~113.9h_2~112.9g_2&met.1=1.knjxbkvg~14.0~15.0~16.0~17.0~18.0~19.0~20.7v~21.7x~22.6o~23.6o&met.7=CCIQBBgBIA8oDzAyOCNoEXAyeBewAQG4AQM~CBsQCiAQOBI~CCoQChgBIBAoEDAjOBM~CCgQChgBIKkCKKkCMMICOBloqgJwwQJ46qUBgAGyowGIAcevA7ABAbgBAw~CCIQBBgBIJ0CKJ0CMM8CODJorQJwzgJ4owGwAQG4AQM
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:40 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CAF0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041201&jk=3996293813667926&bg=!5-Sl5KDNAAZUuIlwVLg7ACkAdvg8WpIGXzJlDpgTDJwBsoIQ-8oTGzr8-pLbfyrd5Miw7NEghUUpLAIAAADPUgAAAEFoAQcKAGJMalswSFbkLORfCjo0QodUtxgYI7n3ZNWrY6w58tA5dD-uLIRlJuyY97I3eacc1oXh54LHzyYAFlWgf4OBj58C7dm1TfLTvISIyHNoQclUI4AMUd8A3YLSDtwC4QQGIj6mLZkCQO8iIUz_ZN-HvcCGrSNvkxXDtfLeM8hrlcEHN-HvsPjnqeomz6o2UwoiofOcCrlfy9F--wBgdpo8TpJGyC2m_xV_7BDlYJ5W2rqbxiUJta7_KY6MND9pbx5kdmATV6Y_LCgSV6BVvSQFkPhVVLQDwmRExxPWbMOh0mp77NJ8TkCm3BzaAU6C1X2UFjmCZGyPbyieigP8Fa8g5BTdR2La6RIT3YxxPGV1Qu7rhuomlsNBY_XQiebN17BCy_f0jcz08xNZSNFOOvmpEaEqZ5xO2TW1T-Ge7VYUwK-hmLubtwtVAIwFLhFpCRW8GikuJ-nGhZRooKB9Og0JzYK3Znd5pVkgYpom7i68QjJ-Rae3muYRkmkAwFUNyVgNuiXSGApu-95Tn0lWU6gn-Tw4EpFeLHOL9BfB3dmZYHTIX3w3NKLJU6TjWKCGTfsTpUIIh7DfmErdsbtfUA5zS3dnlzie9MOqOsaP0GMb7JUBcuzXMhKBoNfh2LSehBzuTkp4Muoml9O2UhwLeGOrhZTuqhieVQYiXZv0bNrObxXWQTrFeC0lk3_i5Py6fpUhe6M3Y3QfuPTj7TPx3HCNqpZT7r692Vd3zOjvzWhIdJLG-Fv7nHqCO04VIjdnhfOxXwkD-TkW7tBU7UM6BvCLh7a5abPiYDT3hMMdzLof__laQHd-AHNaoPYFyr756x8WTU0dh-Z-FqDZ9ZEY6rx9AfzUT3IrwvBz-kMcE1b3H4aiBeA75bonlYQ0xNh0U_p7JoB5cB35mw
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 49D6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041501&jk=1066371454560937&bg=!tbaltvLNAAZUuIlwVLg7ACkAdvg8WvfP8S5vnOA543TBtEaCf8Q06PMZUCKRdrIeI_iokeEBOcdvKAIAAAEBUgAAAA9oAQcKAS5LMuYollVNkbsW4DZwszc8ZO1hQo81qjn9Hnn9DXcK_ECoNyDTgST67npwsaXBBtu85BZ0GJ_mKVrR9Y0-f7u-ZlAXHsiII1zEvzoyqIBbXexoXrxu-UMdnBR9BONAgxDOxtVZ1VnqfCO99LseMZo6NHvqzgxoNeLK3CfU3wi2vXNdIxqUQ3AEeQ5z402r5wRWYomSqRZTTZAUA4_tC0jRVv78ey0y3F85PjrOPnRP_GNec85sAm3wbnSA36LoQmWI6V398Lq2UBUQehsP8IWkyLAZyyMWSHuXOXPm2gAmBLJ9m8kAsB3YbNUU5Echm8rkTN29Fz9QDd6LlE6SGBek5JhGKIGGmKvcwTZ6D8EFtmriBUoo_kkwSy0IH9Ql3AHfNHlDv-9rzOEtQsXXTJkCLbgMI1v1DCU08lcvZyKlhkkuV2-qZVxPD6bxxipHYL1s-zBK6g_lr5jJROlxfT4dyYajjuP0XzFogiIk2u4rMi2D_kXGBKfdUXgzYX0zhKU063Y2feKVFPkVnYcnkG2J9y0qBZaGVBiT42rbt32007hh1mMBSFG5pNswPwvXeRMkrTBGRDyc7rQs-lBI2rAP8wrzo9qc11BwvBvwc7Tw51AevQyaDnohh3NnbC7Q0BwDjnkFS9ifywyFGwGqbZo2bZiotW0m0sEr0Q3-OiKDKUmBLVame8JTjOxblPXC-XzPvf5SsuRykJFNgCtRBdkewZ0H6rjwr30qf_JAEwXXGgsiBKzxQz_29pOltY4qKLxKQHrFbJgA6YcSIcoZidPIqAGGrXRZd9A3785h_ISN6axIS7U50vg1VQoZcQvo41eXgf-p4PQqsbVx7AGl1lLE4gUJD-6CGdUg498VDewrqr49sM7BC0ieEzxj5mxhrk3CI4Hx-yQSDKHN1c0tlUCtQ1TUkxRq0QMsgis4B4CYkSL3fxLeQPGPsueu8aaM9nfLOk7pCaUxP9WElyDVbPikt2l3058uzHtLPw-stFbpC8V8zmmRgX2OanYJ11tW-iA7uoQh5dDTl8wnbn1IsLuN0MystLpUrUQIC9MQcoRPp4vWDWDikBERo7meBJ0HMfTUI4GqjNCYixGgPXy16GRqkEc41yVcDJLTdL4dm4YYd9EAO_xVmhQyUpn5a6kD
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 24DD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041401&jk=4443508296069636&bg=!kZKlktbNAAZUuIlwVLg7ACkAdvg8WvIH3rmyNRXoseOI4cIG93awjYdc8R1q2BSjqgt2iw04OFt-VQIAAADzUgAAAA5oAQcKAECFgxk2Wp6wJjYMsdUC_GZIAgaMcuORWo3o4vDMwdSUUaTNbHNTiOQIR9dE16zL6aF8mSfi4wyvUyGkdme7_Ej8mQIvF8tEcbIoBFBPxOgdyUlr2jmMpeIFFoeaJ_LvFwQm-hGo5UC7IkTBQOYNjLDLs6iGRqA6JpcPs7vR8MD9NTwBTDUxz-0z_qF8An3FEYddBFeUseYrfPAOg20KYzyU5YyJK7jN0PiaqWphrPC3TEUYitbkyE3_G0sUDj-rwL9XhsSiCjGAHxBH6ScjG4Z9OoHZHI3ptVcAavg0DmBsJxem8UbgtZAe0cHY70csmjE84XpSwAb9dTygayF-73y6GH0gnOBtR5vRtKVqHpItTtU4DX6Zz7_Z63thyYWQZPHFAuZRfsKzblY6nz9tyebsNjNr5MDJmWw7tBxd8GavOaiyO1uSANUqT-14Z8YGaAUhvvKzijC8ZNcSggMyVXT7r9KRnbafWBdkrJLYGM8tUtRS9AvnPUE3TvG2tG8VH_5iV80SSyiXy1g0hxo1rL7uNKtYGR5on4DW_ie1-vTuagIMX0vwe7Mn7yDvq1-FbmLCFZ289-8R1ZZft_xc18tG2OpCaTs3g74YcFquy683HHe3atuF2jn-mbc83YsUPWczNTSLUoOprVKq22bE3G07sOknNkuOkqhQ3O4mtRoKSHQEF5Rtng8AaM0Pj5pF74H19csRm347NymFcwWCx6K45isXkoi0TlZVVrojrMjRllrN8SSkHY1L-xNoqveka8bdocnPZFGDCqscXUAtQEIwETJaFI1opp9K8jIN1cgeQM8FUCXe4c-O9pNM5IY9avTtOg
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BFBE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041401&jk=206997755441126&bg=!RUalRgLNAAZUuIlwVLg7ACkAdvg8WqrHd1tX2qVZzI_sxmDfGtLI6U-w5hgB6uxs64SSRZt2jt-MoAIAAADoUgAAAA9oAQcKAMrOTe4JoFBCZXwGEvw_iVUT8FKwghvnb8oB7eGLxZTjyVT8tpzhg-LqDxhvusuNXKdT0n-tDnD96mu_DL-YGWbT4cJUOqF1B40YSq1NdVPJQsYY0Ug4D7L1vmAnQSbdBPZrlzhNvCD2HZYWSoGtwWAPKRJ1UtdKq1VhcinbFX2k8-5lMlbrAbiYmIozzcXEB1TGpwVSHCPPgGdCPh9IIhQCRzIgWWp4gqQD5SJ0NQTTLwdcnCKcnp34j7nENX0C6tapKKI7MmdVnUz4mQI0BQ6WrkfoRShSwG4ZNp6mS8E4xEMT5l_XpIf54fuNDQkJc0SXOGyv-hXjCcuVPuwhRXYxthTlVQDsE8MautKeljP2y8C_4yHMehCswxeVXtL4AB5IEA2H_3MtQRlmUe1wwh0FlmEhDDoTKCfMj4JiEZ4DJAoFFjgn5l6imhKIlTU5ey22RmmedkPrWmPNiYE-nrO9eB-RtpwvwBlOy60ykKjfA63QdGexf3RJs4FLxNNhox5ao1QzIPgvr42zW6Vr9gOrLXM76w3uelS0WGueTJf11W8oWmCz1WAR5KyvcH4IZe-UngnMhRILErLChOkzdUov_4-xzDBLk_SKksWeRfqDmVdUyrYrgMTTPSs2qpGUO18NC5_lAhKSg7Ww0ocMvbVwQ3wt0rP3I5uMIQk7A-OZYur7eO9hof7JaonV6_de6WazHw2a5JpOjZmTM4N0jPN1l5WaRqZaAY4unvBUXFIlFRJvtvrM7Z4Upku4b3LF85cuXRMaTHiCdDZORHNnV31AG-VsqtfVmh1xkSU3bVoMJXmj_ymiUnAcwP7D8nradsNDAXEZ3K8PP9cJb-0wA8iJ5foVjpAw8Ksz8OawaFeC_oxW9gJKxrDbl6D5VQN1P6mBOg1BaHdzDzMWUe7CbR-o4eymOjW67BUEAT6nAuMlLUIO_XaAKscHxjOIOYtZ2gdsieEEgmdngjYc_x7zLCM4zny18TRwA7dfckt-Mngm5-Gew9JF44jqJD7tlHkw4Oz4
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 49DD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041201&jk=4466286416909981&bg=!xcalxoLNAAZUuIlwVLg7ACkAdvg8WqKb_GoH85ZjJA5psXin6ws35LA5_Uk5CtP3LHvr0eygo0E64AIAAADeUgAAABFoAQcKAPxDzAamAQ91LljciEHhVoasgtl9azb8VYLDN1wnAo3a-SHmKtUYMGVE_R5q86KadSgR7BvZR9xQUZwlNQX7ONU2iMLFNoVdpaT8n8UEwTrWospr8g2k_UpiO1zMBYupDls3c-S0-rpPCza4Zt9ya5pMDepftHcfYnr53qMaXD5BLydnI4ugXRW-OgV9B2_gX8NgkvQtzP5tb2008ZP9XPmiyNOOc6eVIPmdsOG8ph7Mj1lSGNP4reoBukzwKNXo3BdHP-GO8rDRkCA9VU5vBT6QgN-kqQwOh6jGBGmKWoZe90H1DNHmnkMngb_qN41Chq17plbM4QRetWTcxDCZAjUuFXqV2HchdWYussALDL_S4byJUMnQ-fzeyCsOdBxWnSSSpHLi1dcUo7ktm2Wyyb7uk83mbCntF_BTTQ9A3rkps22olZtlWlXL7ijWH_PDdgdd_8Z01eDkmKYgS9eFDBFsi9OLUwxVVb3YFffJHZADA8sAGk00NOeKtj2ZUe-myEuZcfdd6aZIDMU90LNv7Kcc3peKXWllfmr05BhF3Hl_u2sTCRMi9RNGnKYkHJ_jGlD-0JHsfEUmxzjlxsMmr8ww-1fiKiF70AWV9f7LEEhAUhAI8yRS2RHB0H209IZ6N9lFamz06MVrMH3foy1Bs1HO78V2nAFCtsXja3gWS1KwuRLxmdsgpox9HeDN3EknRfqYzjkww3dRXduFMNsf4brgdQiF4u2pLbHree7pVF4IxHl6G8JCu_UKum47N-agZKGZmXlRYUaKxANw5SIAC3d7hpaq2jzSfTm5b27oM1h-cVI0q31-aKN7gTX2DkzdJTC9sArIzxkq3BCs4hp4bZ7zSCV4I7XYKo8R_D7hJ_uKuHdfA5M6t8dHP-Ay8bsf8ifZ1FNHY5_AP8flnF-Vq4jtTyu26W25Jaw2GTV9z24KsEXW9VLV9qAKrCX1CNkLZ0R0B8dORX8JGVe33o8vYHOAoADNRiUhnboo_3KyxYOgz75rKd-i9WsjZeE3y0awmkvUJ6MYy1qOz1wfNPyRUvMDW-eJQmuAsYxC4ZWCSiDgdNlTI3P0nR3kc828GlufPnkIFAxn
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FD8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041201&jk=4043476954523052&bg=!9Pel97PNAAZUuIlwVLg7ACkAdvg8Wt9dBAzpQpTDBIN_p_TWe3G-t2hznspimZprhpEruwvjMutZEQIAAADhUgAAABBoAQcKAIy8iXkLogXKZtuQwHaZHEbhVo6_fegjGe5xZcI818zIgkm2kyaUmsQTm3w-6XzQotGF6bywckjTBvwzmpYMGDpUPpZ2ntWpll6reJlnHaZMCHYd4pmsxv4-c-PNkTOpvsyoZju-mEty4p9EIExDVIM2I8NZmLryNhBXTgfWj_SZ7fHy5So8Hjndspd4b5kCNcFBptoOl8MIL4Nbd5cQ9piRM2aE2Cwef4jVwkqyOUx415Go_xomTHJPCl13CgQ8D2DIHn8B4lTdEGOkQ0b28Kf5J9Zr4WTgJCXHzqLs-Xaw0q0nkxC-gsjQu0gFcPH5XkBxLBJ-n11eWmFeSaNJaIlcyWVF4vqdPFsEXT5o21nbgo4zS6l-4pZVF-vgxP3zmfvTvuzBITLqhj6LZ6GKZg0_cPpGfMmL3nXO-F4dUhWAZLBxwdortdNl5Y8MKTvAX13X50Ujf6J2EED4G8Y_rj7k7CQvR4GBvWmyxlLP1HJNIhjCLYendGNbQ3Z_oyXqe-_H2mdpFivJI9ZKGw4pSLcVcQmOfshGE1HHoqlRn6bGAIQ_L9ElL3BUJ9GsuFJXqX9EUmcO1lD_NdfBqOlua2o3LV7NWXtg7sfsHDvbtfQR1TXBVDO-fggo1I0_ZWIp9b-vqhj7nPZNjdtwHbJsu6_4q-gxWDlUO8kfGQuPVPuiu0R_75zXcMLJv3cx7-ua6p6rfWkeEXX1Xu6Bqqn8HArpuBB-IjKZA4hlLafyiISqUl4U-jeUNT193vkjc4Cg4blFn5Wxeunzn5DrJYpMSCwCjWm8QVEhrmxJkLQbgA1bK-jNaENnMhBKT-Re0mC-x6ehwWRsAbFogqAwqn8-EV_tIZphQ7x-kluiPeGhbIS1Oq9BZDdk5IDEHkxPcPEtbH6215fh-1PvoA-wCQZzIevUKe-ZwfXuysZShABaKHYzr37RP0s
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dmedianet.js
contextual.media.net/ Frame 176B 		139 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/dmedianet.js?cid=8CU2R40WC
Requested by
Host: wowyowapi.com
URL: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=powerball.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
249fb7b9310ec717e807304a4d2ebbfd9070e569f6e4a30804033e8df20e9a7e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://wowyowapi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h
10-13
content-encoding
gzip
server
Apache
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag
"950936dea3877f17ce43ac75e0cd57c1"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Fri, 16 Apr 2021 06:21:43 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-12
content-length
47583
expires
Fri, 16 Apr 2021 06:26:43 GMT
dmedianet.js
contextual.media.net/ Frame 1203 		139 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/dmedianet.js?cid=8CU2R40WC
Requested by
Host: wowyowapi.com
URL: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=powerball.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
500cbc1f3b196f8a3ff2a8601aa095921b20388fe094d1e7e77c3ac4d7773918
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://wowyowapi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h
10-13
content-encoding
gzip
server
Apache
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag
"950936dea3877f17ce43ac75e0cd57c1"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Fri, 16 Apr 2021 06:21:43 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-12
content-length
47585
expires
Fri, 16 Apr 2021 06:26:43 GMT
fcmain.js
contextual.media.net/1017354394/ Frame 1203 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/1017354394/fcmain.js?cb=window._mNDetails.initAd&&gdpr=1&cid=8CU2R40WC&cpcd=S0QoxJjx8zdgMjrOCDQAOA%3D%3D&crid=964576456&size=970x250&cc=FR&https=1&vif=2&requrl=https%3A%2F%2Fpowerball.com%2F&nse=5&vi=1618554103226409473&ugd=4&nb=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU2R40WC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a394eb636d13caf95e027132d1e5b9ec10861c4ae5c0a7173ca38592761ba769
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://wowyowapi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
x-mnt-hl2
8-10
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300
date
Fri, 16 Apr 2021 06:21:43 GMT
content-length
1517
expires
Fri, 16 Apr 2021 06:26:43 GMT
checksync.php
contextual.media.net/ Frame 712B 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU2R40WC&https=1&itype=CM
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
13aa3fbf1e98186fc1842940262f2107036e5b125e2c3250fa2564c5bfa395cb
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU2R40WC&https=1&itype=CM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wowyowapi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
gdpr_status=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://wowyowapi.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Mon, 18 Oct 2021 06:21:43 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=131781
expires
Sat, 17 Apr 2021 18:58:04 GMT
date
Fri, 16 Apr 2021 06:21:43 GMT
content-length
5586
bping.php
lg3.media.net/ Frame 1203 		35 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CU2R40WC&crid=964576456&vi=1618554103226409473&ugd=4&lf=6&cc=FR&sc=IDF&lper=100&wsip=2886781043&r=1618554103537&requrl=https%3A%2F%2Fpowerball.com%2F&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_pgid=p0332417870t202104160602&vgd_pgids=1&vgd_uspa=0&hvsid=00001618554103534013824209924983&gdpr=1&vgd_end=1
Requested by
Host: wowyowapi.com
URL: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=powerball.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Referer
https://wowyowapi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Fri, 16 Apr 2021 06:21:43 GMT
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 16 Apr 2021 06:21:43 GMT
fcmain.js
contextual.media.net/1017354394/ Frame 176B 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/1017354394/fcmain.js?cb=window._mNDetails.initAd&&gdpr=1&cid=8CU2R40WC&cpcd=S0QoxJjx8zdgMjrOCDQAOA%3D%3D&crid=964576456&size=970x250&cc=FR&https=1&vif=2&requrl=https%3A%2F%2Fpowerball.com%2F&nse=5&vi=1618554103201414573&ugd=4&nb=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU2R40WC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ce3c47fe7b0ca8961ebbb090b6fbbfe97fde0786e013cb5b8136295831158f1a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://wowyowapi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
x-mnt-hl2
8-10
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300
date
Fri, 16 Apr 2021 06:21:43 GMT
content-length
1520
expires
Fri, 16 Apr 2021 06:26:43 GMT
checksync.php
contextual.media.net/ Frame 816A 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU2R40WC&https=1&itype=CM
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
13aa3fbf1e98186fc1842940262f2107036e5b125e2c3250fa2564c5bfa395cb
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/checksync.php?&gdpr=1&usp_status=0&cs=2&cv=31&cid=8CU2R40WC&https=1&itype=CM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://wowyowapi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
gdpr_status=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://wowyowapi.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Mon, 18 Oct 2021 06:21:43 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=131781
expires
Sat, 17 Apr 2021 18:58:04 GMT
date
Fri, 16 Apr 2021 06:21:43 GMT
content-length
5586
bping.php
lg3.media.net/ Frame 176B 		35 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CU2R40WC&crid=964576456&vi=1618554103201414573&ugd=4&lf=6&cc=FR&sc=IDF&lper=100&wsip=2886781043&r=1618554103566&requrl=https%3A%2F%2Fpowerball.com%2F&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_pgid=p0332417870t202104160602&vgd_pgids=1&vgd_uspa=0&hvsid=00001618554103563013824209926930&gdpr=1&vgd_end=1
Requested by
Host: wowyowapi.com
URL: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=powerball.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Referer
https://wowyowapi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Fri, 16 Apr 2021 06:21:43 GMT
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 16 Apr 2021 06:21:43 GMT
pd
eu-u.openx.net/w/1.0/ Frame FA8C 		1007 B
853 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
66aadd2c721e80559b35950806862b9c71b9d460a1d2c7bb2901a67872048b66

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=7e974c64-14a4-43b1-8742-9e6788640482|1618554100
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://powerball.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=7e974c64-14a4-43b1-8742-9e6788640482|1618554100; Version=1; Expires=Sat, 16-Apr-2022 06:21:43 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618554103|mOgegqnskin0vNomiygu; Version=1; Expires=Sat, 01-May-2021 06:21:43 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 16 Apr 2021 06:21:43 GMT
content-type
text/html
content-length
544
content-encoding
gzip
via
1.1 google
alt-svc
clear
pd
eu-u.openx.net/w/1.0/ Frame C537 		1007 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
66aadd2c721e80559b35950806862b9c71b9d460a1d2c7bb2901a67872048b66

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=7e974c64-14a4-43b1-8742-9e6788640482|1618554100
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://powerball.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=7e974c64-14a4-43b1-8742-9e6788640482|1618554100; Version=1; Expires=Sat, 16-Apr-2022 06:21:43 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618554103|mOgegqnskin0vNomiygu; Version=1; Expires=Sat, 01-May-2021 06:21:43 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 16 Apr 2021 06:21:43 GMT
content-type
text/html
content-length
544
content-encoding
gzip
via
1.1 google
alt-svc
clear
pd
eu-u.openx.net/w/1.0/ Frame 5873 		1007 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
66aadd2c721e80559b35950806862b9c71b9d460a1d2c7bb2901a67872048b66

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=7e974c64-14a4-43b1-8742-9e6788640482|1618554100
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://powerball.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=7e974c64-14a4-43b1-8742-9e6788640482|1618554100; Version=1; Expires=Sat, 16-Apr-2022 06:21:43 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618554103|mOgegqnskin0vNomiygu; Version=1; Expires=Sat, 01-May-2021 06:21:43 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 16 Apr 2021 06:21:43 GMT
content-type
text/html
content-length
544
content-encoding
gzip
via
1.1 google
alt-svc
clear
39fc1579-2d8f-ee0f-ec43-407a1314fa36
pr-bh.ybp.yahoo.com/sync/openx/ Frame FA8C 		43 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/39fc1579-2d8f-ee0f-ec43-407a1314fa36?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:43 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame FA8C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=zW1ZyJLF1LxhRl5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=zW1ZyJLF1LxhRl5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:43 GMT
Server
PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-09324c87255a730c5@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=zW1ZyJLF1LxhRl5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame FA8C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=fef8a1ca-a1e7-4b63-a151-4325341ace93
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=fef8a1ca-a1e7-4b63-a151-4325341ace93
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=28efa464-e9da-4db2-9c43-bc4e6080eb59&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=fef8a1ca-a1e7-4b63-a151-4325341ace93
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=fef8a1ca-a1e7-4b63-a151-4325341ace93
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:44 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=fef8a1ca-a1e7-4b63-a151-4325341ace93
date
Fri, 16 Apr 2021 06:21:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
adx
match.prod.bidr.io/cookie-sync/ Frame FA8C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCbWFVN0E4bG9BQUNuVndIYjZpUQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.154.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-154-44.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:43 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame FA8C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ce1f6079-2cf7-4900-82a0-4a145538619b
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ce1f6079-2cf7-4900-82a0-4a145538619b
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 16 Apr 2021 06:21:43 GMT
Server
MT3 3660 495c301 master zrh-pixel-x26
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ce1f6079-2cf7-4900-82a0-4a145538619b
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 16 Apr 2021 06:21:42 GMT
sd
us-u.openx.net/w/1.0/ Frame FA8C
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=R3A7W0MjalVcIT0BRnEhUBd0NFRccG1QQXcRiQgE
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=R3A7W0MjalVcIT0BRnEhUBd0NFRccG1QQXcRiQgE
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=R3A7W0MjalVcIT0BRnEhUBd0NFRccG1QQXcRiQgE
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame FA8C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6792912830781530008
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6792912830781530008
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6792912830781530008
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame FA8C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=ad3b733d-bd23-7c46-dd94-568fec43377f&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.90.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame FA8C 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODE1NGEwZjctNzQ1NC0yMmUyLWM4NzQtMGMzNjI2YTFmOTFm
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame FA8C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKYZkeqYU4ahEFp_S2PC23A&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKYZkeqYU4ahEFp_S2PC23A&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKYZkeqYU4ahEFp_S2PC23A&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
39fc1579-2d8f-ee0f-ec43-407a1314fa36
pr-bh.ybp.yahoo.com/sync/openx/ Frame C537 		43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/39fc1579-2d8f-ee0f-ec43-407a1314fa36?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:43 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame C537
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=7cpcidSs1LxhRl5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=7cpcidSs1LxhRl5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:43 GMT
Server
PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-013d87c18de960209@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=7cpcidSs1LxhRl5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C537
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=openx
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=7bd0c4c7-2a95-4789-9056-3b9bf06970b5&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=fef8a1ca-a1e7-4b63-a151-4325341ace93
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=fef8a1ca-a1e7-4b63-a151-4325341ace93
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:44 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=fef8a1ca-a1e7-4b63-a151-4325341ace93
date
Fri, 16 Apr 2021 06:21:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
adx
match.prod.bidr.io/cookie-sync/ Frame C537
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDc1VFN0E4bG9BQUNuWDE0d21iZw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.154.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-154-44.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:43 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame C537
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=101a6079-2cf7-4600-abf3-6b5751c03469
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=101a6079-2cf7-4600-abf3-6b5751c03469
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 16 Apr 2021 06:21:43 GMT
Server
MT3 3660 495c301 master zrh-pixel-x4
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=101a6079-2cf7-4600-abf3-6b5751c03469
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 16 Apr 2021 06:21:42 GMT
sd
us-u.openx.net/w/1.0/ Frame C537
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=zyJpbstxOGDUc2w2nXZzbpohbGXUcG9unHdYFR55
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=zyJpbstxOGDUc2w2nXZzbpohbGXUcG9unHdYFR55
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=zyJpbstxOGDUc2w2nXZzbpohbGXUcG9unHdYFR55
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame C537
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6792912830781530008
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6792912830781530008
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6792912830781530008
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame C537 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=ad3b733d-bd23-7c46-dd94-568fec43377f&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.90.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame C537 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODE1NGEwZjctNzQ1NC0yMmUyLWM4NzQtMGMzNjI2YTFmOTFm
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C537
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKYZkeqYU4ahEFp_S2PC23A&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKYZkeqYU4ahEFp_S2PC23A&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKYZkeqYU4ahEFp_S2PC23A&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
39fc1579-2d8f-ee0f-ec43-407a1314fa36
pr-bh.ybp.yahoo.com/sync/openx/ Frame 5873 		43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/39fc1579-2d8f-ee0f-ec43-407a1314fa36?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:43 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 5873
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=7cpcidSs1LxhRl5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=7cpcidSs1LxhRl5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:43 GMT
Server
PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-09324c87255a730c5@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=7cpcidSs1LxhRl5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5873
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=fef8a1ca-a1e7-4b63-a151-4325341ace93
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=fef8a1ca-a1e7-4b63-a151-4325341ace93
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=937b2c99-2994-4206-aa93-2383fd9d9b62&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=fef8a1ca-a1e7-4b63-a151-4325341ace93
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=fef8a1ca-a1e7-4b63-a151-4325341ace93
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:44 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=fef8a1ca-a1e7-4b63-a151-4325341ace93
date
Fri, 16 Apr 2021 06:21:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
adx
match.prod.bidr.io/cookie-sync/ Frame 5873
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGS2ZrN0E4bG9BQUNxWG5uQjhiQQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.154.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-154-44.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:43 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 5873
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e0996079-2cf7-4100-ba35-be5fa0290bdd
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e0996079-2cf7-4100-ba35-be5fa0290bdd
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 16 Apr 2021 06:21:43 GMT
Server
MT3 3660 495c301 master zrh-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e0996079-2cf7-4100-ba35-be5fa0290bdd
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 16 Apr 2021 06:21:42 GMT
sd
us-u.openx.net/w/1.0/ Frame 5873
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=0k3_l9YerpnJHPuc3EXlnoBP_s3JHKqe1x7he641
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=0k3_l9YerpnJHPuc3EXlnoBP_s3JHKqe1x7he641
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=0k3_l9YerpnJHPuc3EXlnoBP_s3JHKqe1x7he641
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 5873
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6792912830781530008
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6792912830781530008
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6792912830781530008
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 5873 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=ad3b733d-bd23-7c46-dd94-568fec43377f&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.90.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 5873 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODE1NGEwZjctNzQ1NC0yMmUyLWM4NzQtMGMzNjI2YTFmOTFm
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5873
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKYZkeqYU4ahEFp_S2PC23A&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKYZkeqYU4ahEFp_S2PC23A&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKYZkeqYU4ahEFp_S2PC23A&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
flping.php
lg3.media.net/ Frame 176B 		35 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/flping.php?reason=6&action=4&cme=zT-S6NDeNRez4bqj6gn6xKTNPYaRXMUqVcBdfj8Sv7H6KVDEYH0vpJfiK6fwBjjx21cqstWpqsjpsPq2QXzroEdU8s05pGi9i93x7IRX750XnL-FOXKXRoNxPDOGKYOQG39VLQVGcCZaBH1Pm41596MGXF62JAvxxr_JXioTzS4Vkn6GUzSVh_c06-if2ICg39bmAFVnt_KQlAPTwv3Lc28pMdW_yeKWFNJiVGmCWcmLHF-j09mRZUfoGAD6dAdj0x1xLmmBCON8M8mYCQb7jXkE5DndI8mbPcIxGhuzuI3cUrbR7QiLq5YkCFwGGXbP-bfGwGkJXCyNNoMAxsYz_nMfNFzc4dJMQyEnxSRbAp75clZf3ZPtJRN3w61eFQeSglxnxDYaqy2Kqit9htb1OI_OOBjNBcwpDhg9aWg28NMSXrjW_e1umyrr7KtUW7uWX1OsZE4i7NLYMBzRKTYw889IVMxLW0FqBL4y_NaUc6BK0TbvDLgUd-2of4DtApDAcd1A78DC2yxAiQbXnxxcLyh0O7l8rtl3bBKlFYBoGNUuwCky7kM4xmsB21gVL57zOChXjVRv2qM%3D%7C%7C&gdpr=1&vgd_xrw=
Requested by
Host: wowyowapi.com
URL: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=powerball.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Referer
https://wowyowapi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Fri, 16 Apr 2021 06:21:43 GMT
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 16 Apr 2021 06:21:43 GMT
flping.php
lg3.media.net/ Frame 1203 		35 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/flping.php?reason=6&action=4&cme=MVUHaTw5_XTbMUNfIU1j3pdWp-ZFr97GKDGeDNZalSO0MDXTdhOK9nQ-OfZIwS2qo9L34HE-_xFFSURLT5bdCJ47Agup7KGASjPSAWsBLzPOdWBaTcvR8nh0R2fhN1WM1b5ZU10zpsc3V7P4xL23Fc6xFQVLcYTjoUWbPb2I6pOTtOgEU_-jNaRpcR_-hn9tc2xJfg42AUBIkQWgqPh9ICSKtLKWcKeKRv1YGPd3rpoU3GuwpAopeSMwt0NvjT8_DtSXb4xiYz_cczgMM1fj8iwTpfeYlMx2IhVpycNpKX4dRv2hQgD8SQjRHP9WCWm-A4tef4FX45gzmgFNiQ8pOkM4gMBuI95HM1Hs23Z_-ASW2xjFiU6tgI-envgz11aGCZtCn_5tVF92Yi-MIjdeIQPxN8LblijeKPevAzN4uM9VFPI_rZMCBdtqVenNtpszUv-SDmSTHFDl5Xek3bH6VtKrtKSq3iAnL7NCOfCYJI4kD8DlNv_gnqeCXpBCx7ALtFLJiT8-r0GHE0jCBepDhBUTUYkNSjTO0sKpC8edHSmYvCXBoTWclD9jzXkpPDeZbC7weqm_ODA%3D%7C%7C&gdpr=1&vgd_xrw=
Requested by
Host: wowyowapi.com
URL: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=powerball.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Referer
https://wowyowapi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Fri, 16 Apr 2021 06:21:43 GMT
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 16 Apr 2021 06:21:43 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D4EB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumiZ2MNk73Um434Vh9Cbqt4fPj3uO8GXBxGa8robFDKqPmzxeAg-2QEIg2I9Y3JjvJcEEzedJHfP-1wXSPC1grCLPhRnsXZTsjv3PdHjJJuQokUOY8-NV0KnZu3CYMrv5MOE2CokUcZCkMdOZeX2t22sRVMdwGi53F-CW9vE3cW9jmicKNFWyb1t8ypgjx3QPPjSoU7lWZrybksSiSYXQddouvUCun6mqN8fgk-__uNXn74Z6_YXE8IgxgyEuzXae-cSJyxmQrL9jbtnm5QHApqtb2I2xl9XS9WJR5EJhVpbA6gKq6niE&sai=AMfl-YSwP9BTZf6lSw_4NmyEdTKbE8dWoOJNg1YUfocRcjLWUPpO7hwHy49c5sdF5lJmFbO6FoQnZppokhztdzkEXladBla3hUP-LDJsOBm-rn0SnPsN6FsFheahB_iqpZdf&sig=Cg0ArKJSzHGdeJggRQ79EAE&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 16 Apr 2021 06:21:43 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F2A4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWoiGJQoo3baW3pXnlLQlfPXrnmZziDfdVSvUoBvX23gO9OnPCjfBaIkgUuP5ypdmwowlpZ2t4in12IQ9NnIJ-2LO-k4rb195UGglR6WCl0qKMIdSVFCv5W8TTdqd2qDWX7zQPrgxzxHLI7BEZncNS2uV3uETLTbgHvL6i9Zk_x53YjNcOslijfSqNtp-k9F2oFQa85U2tdBBtWoCFqMzmSVaZNTO7x61COsFXpWlQfR1LVgFO46g1dWqcNJWQofVPK3dXElUpEU1X7Vvlek1jcHvSJrSB4iUGn1zyqaDy0qamXK14SeVxY6LS7A&sai=AMfl-YTYvj780P8L-r5lN8MKzbWZs8tEfX1k_3pF_TP67gNolkYfE8novQGjabNQaReYnUoYbZQVikKlx3NhXorqDFM-3AjszY9EQfShq69uF0uxNc4nj1x4V_eUZign1J23&sig=Cg0ArKJSzFtlqxDIKa1nEAE&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 06:21:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 16 Apr 2021 06:21:43 GMT
pd
eu-u.openx.net/w/1.0/ Frame 003D 		814 B
804 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
e06c67ec4c566e757b4ff035a93ad4bc1d676bebb1ccb253260594d969396167

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=7e974c64-14a4-43b1-8742-9e6788640482|1618554100; pd=v2|1618554103|mOgegqnskin0vNomiygu
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://powerball.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=7e974c64-14a4-43b1-8742-9e6788640482|1618554100; Version=1; Expires=Sat, 16-Apr-2022 06:21:43 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618554103|j8gmmWkijofcsHqGgqiysLiSmOgevNomgunsn0gi; Version=1; Expires=Sat, 01-May-2021 06:21:43 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 16 Apr 2021 06:21:43 GMT
content-type
text/html
content-length
478
content-encoding
gzip
via
1.1 google
alt-svc
clear
sd
us-u.openx.net/w/1.0/ Frame 003D
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=6351AA925E474BC38EAA80051C55804D
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=6351AA925E474BC38EAA80051C55804D
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:44 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 16 Apr 2021 06:21:43 GMT
x-content-type-options
nosniff
server
nginx
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=6351AA925E474BC38EAA80051C55804D
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Thu, 15 Apr 2021 06:21:43 GMT
c.html
j.mrpdata.net/ Frame 003D 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://j.mrpdata.net/c.html?ex=OpenX
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.174.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-174-207.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
sd
eu-u.openx.net/w/1.0/ Frame 003D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4408666218454809289
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4408666218454809289
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:44 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 06:21:43 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.120:80
AN-X-Request-Uuid
ab832a08-e864-4691-8517-a74dbda016fe
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=4408666218454809289
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
current
openx2-match.dotomi.com/match/bounce/ Frame 003D 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
sd
us-u.openx.net/w/1.0/ Frame 003D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:44 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ox
match.justpremium.com/match/ Frame 003D 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/ox?ex_uid=e7babdcd-ea92-462c-8f8a-d0b9ed367445
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.103.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:21:43 GMT
content-length
43
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 003D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YHks9wAAJiYd8QA4
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YHks9wAAJiYd8QA4
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:44 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 varnish
server
Varnish
x-timer
S1618554104.993691,VS0,VE0
x-served-by
cache-hhn4026-HHN
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YHks9wAAJiYd8QA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame 003D
Redirect Chain
  • https://green.erne.co/openx/cm
  • https://pixel.onaudience.com/?mapped=Vc4Mi7oFbrFj8Vg4vhpgWpld&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb...
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fc...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=282f0e97a4baf3cd7c1bde1b4fea9303&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%25...
  • https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3DVc4Mi7oFbrFj8Vg4vhpgWpld
  • https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=Vc4Mi7oFbrFj8Vg4vhpgWpld
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=Vc4Mi7oFbrFj8Vg4vhpgWpld
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:44 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=Vc4Mi7oFbrFj8Vg4vhpgWpld
date
Fri, 16 Apr 2021 06:21:44 GMT
server
openresty
strict-transport-security
max-age=0; includeSubDomains;
content-type
text/html; charset=UTF-8
sd
us-u.openx.net/w/1.0/ Frame 003D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3566299048738672998&gdpr=1&gdpr_consent=&us_privacy=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3566299048738672998&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:44 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3566299048738672998&gdpr=1&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dds
rtb.openx.net/sync/ Frame 003D
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=cm35ARSlxWg74Bo4P1oNxQ==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:43 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
clear
content-length
43
x-request-id
d6i2bmnvqsvgjoch4eup5bglv7o0d4ce

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F2A4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsteOWS6UaINmFOawjXY8H3v8DfYE-vdHjiEYgAzHZu28Kc3k8SbEE80Uu9-QxOZLcQeSq415ozrnP3DggZNB5dYopkuQzGKKMkHN7ihuxLdNKacTQhU&sig=Cg0ArKJSzFXS6rJb7e09EAE&id=lidar2&mcvt=1000&p=0,0,250,970&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210414&bin=7&avms=nio&bs=1600,1200&mc=0.96&app=0&itpl=19&adk=3386903054&rs=4&met=ie&la=1&cr=0&osd=1&vs=4&rst=1618554100484&dlt=0&rpt=381&isd=0&msd=0&r=v&uup=0
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 06:21:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| GoogleAnalyticsObject function| ga object| bigAdIds object| bigAdPassbacks object| smallAdIds object| smallAdPassbacks object| marqueeAdIds object| marqueeAdPassbacks object| mobHeaderIds object| mobHeaderPassbacks object| gweini object| Criteo object| adUnits object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| criteo_pubtag object| criteo_pubtag_106 object| Criteo_106 function| includes function| updateTotalWinnerChart function| setupTotalWinners function| setupMegahits function| setMegaHitsJackpot function| slidePrizeAmount function| setupRecentNumbers function| dateSearch function| setupMenuRecentNumbers function| setupWinningNumbers function| setupaboutMusl function| setupPrizeEstimates function| setupPressContacts function| setupMuslMenu function| setupMuslMenuMobile function| setupHeroCarousel function| lsitDropdown function| setupHeartbeat function| setuptapmenu function| setupHowTall function| winnnerCarousel function| setupNewsCarousel function| faqAccordion function| dailogVideo function| imageResponsive function| setupWhereToPlay function| filterWinnerStory function| modal function| showTooltip function| playProContentToggle function| gameSubscription function| openPDFnewWindow function| priceTableNavSlider function| winnerStoryFromHome function| mediaCenterDownloads function| customSelectBox function| getDrawSummary number| powerballConfig_desktop number| powerballConfig_tablet number| powerballConfig_mobile undefined| $ function| jQuery object| drupalSettings object| Drupal function| moment function| setIdAndLoadAds object| $block2b2 object| $blockla object| gweiniOptions undefined| currOptions undefined| tag object| script object| gweiniTrack object| gweiniTop object| gweiniZones

3 Cookies

Domain/Path Name / Value
.media.net/ Name: gdpr_status
Value: 1
.openx.net/ Name: pd
Value: v2|1618554103|j8gmmWkijofcsHqGgqiysLiSmOgevNomgunsn0gi
.openx.net/ Name: i
Value: 7e974c64-14a4-43b1-8742-9e6788640482|1618554100

1 Console Messages

Source Level URL
Text
console-api warning URL: https://powerball.com/s3fs-js/js/js_PiiWZWXIP2qwdgCt_1MIoezFQmG2p5c7Xkbu7vAEPOI.js(Line 2)
Message:
jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at setupWhereToPlay (https://powerball.com/s3fs-js/js/js_PiiWZWXIP2qwdgCt_1MIoezFQmG2p5c7Xkbu7vAEPOI.js:466:21780) at HTMLDocument.<anonymous> (https://powerball.com/s3fs-js/js/js_PiiWZWXIP2qwdgCt_1MIoezFQmG2p5c7Xkbu7vAEPOI.js:466:30501) at e (https://powerball.com/s3fs-js/js/js_PiiWZWXIP2qwdgCt_1MIoezFQmG2p5c7Xkbu7vAEPOI.js:2:30005) at t (https://powerball.com/s3fs-js/js/js_PiiWZWXIP2qwdgCt_1MIoezFQmG2p5c7Xkbu7vAEPOI.js:2:30307) at https://d2si3hiz85fm4q.cloudfront.net/script.js:1:74005 undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5e35c87121912fa19f86df9e780d26bd.safeframe.googlesyndication.com
77435924f9313dfa7fe52419e1d3ea4f.safeframe.googlesyndication.com
77da5e4d71dda1e908b6f29e27a1e929.safeframe.googlesyndication.com
8d91326dfe3875d1c9c3c10e035e58eb.safeframe.googlesyndication.com
91381cfce1252bba543b5b36080293dc.safeframe.googlesyndication.com
a.volvelle.tech
aax-eu.amazon-adsystem.com
ad.turn.com
ad.yieldlab.net
ads.creative-serving.com
adserver.adtechus.com
adservice.google.com
adservice.google.de
api.lanistaads.com
as-sec.casalemedia.com
bidder.criteo.com
c1.adform.net
ce.lijit.com
cm.g.doubleclick.net
code.ionicframework.com
contextual.media.net
csi.gstatic.com
d2si3hiz85fm4q.cloudfront.net
d2tbmvllb55wxq.cloudfront.net
d8d00c858a05120dd7e1a9b9faf5eab9.safeframe.googlesyndication.com
deio3v2go54x9.cloudfront.net
dmx.districtm.io
eu-u.openx.net
fastlane.rubiconproject.com
fonts.googleapis.com
fs.gweini.com
green.erne.co
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
i.clean.gg
ib.adnxs.com
image2.pubmatic.com
j.mrpdata.net
lanista-bidder-d.openx.net
lg3.media.net
match.adsrvr.org
match.justpremium.com
match.prod.bidr.io
openx2-match.dotomi.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pm.w55c.net
powerball.com
pr-bh.ybp.yahoo.com
r.scoota.co
rtb.mfadsrvr.com
rtb.openx.net
s.gweini.com
s3.amazonaws.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
us-u.openx.net
wowyowapi.com
www.google-analytics.com
www.googletagservices.com
x.bidswitch.net
104.111.218.85
104.111.242.245
104.16.190.66
13.32.25.111
135.125.8.70
151.101.114.49
152.199.21.35
159.253.128.188
178.250.0.165
18.158.167.137
18.158.93.70
18.213.53.66
185.29.132.144
185.33.220.145
185.64.189.110
185.64.189.112
188.165.4.142
193.0.160.128
2.18.234.21
2.18.235.93
2001:678:cb4:bbbb::11
213.19.147.150
213.19.162.61
216.58.212.130
216.58.212.162
2600:9000:2104:7200:15:3f44:b280:21
2600:9000:2104:a00:e:ff8:b40:93a1
2606:4700:20::681a:7ad
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:800::200a
2a00:1450:4001:803::2001
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c0c::9c
2a02:2638:1::13
2a02:2638:1::3
2a02:fa8:8806:20::2010
3.125.174.207
3.125.99.7
3.126.63.176
3.66.103.53
34.192.210.97
34.205.250.95
34.241.18.230
34.95.69.49
34.96.105.8
34.98.126.214
34.98.64.218
35.158.9.168
35.186.253.211
35.210.178.101
37.157.2.238
51.222.80.231
52.18.90.176
52.205.67.70
52.216.207.237
52.35.124.117
52.48.248.240
52.51.154.44
52.95.116.38
66.155.71.25
72.251.249.9
99.84.155.134
03593a6d6bddbf335c57d74a88f2680e2907ba9b032e3c3885072cb7edb2e5b3
03bdd68a1e549bf59bc419d1842bec52628885efc75ed8a58a7d1f7671d6c4d7
06ef905faafedcc71b11e25d395607fb6fef70fdbdaceb87c744255c67624799
07d358fefed3b606a91c5681e9fb795f7177b7741ca5bb3906794e05ede6d35f
084fd154266692bdc0410bb5e3a74dbd35c4c544b7e84ce52dd4643a0c49b97e
08fbcb64541d026cef0a6d43e2c3836fd00961d220cbf7091e170312efca8805
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0b0a7e29d64f89ee6f5e44d61fd979c46543482d357fcd2ea75d02128d5a0c62
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c3130b3b8a61b6348e5b5b10f7814296fb7eed8013c81f8cd416aa973569e35
0ee3f937ba7335fe472f0b5e668a98f56416a7cf8bba5bc0d6e25a77f29715d8
0f097b7264f694cf459dc51bc1ac050f4aaaf62c234cfd9e3495c9ccc3ee1302
113e5189c8bea537e4653eed82e6201861b3cb27f67e1c9810dfd66d809714a8
13aa3fbf1e98186fc1842940262f2107036e5b125e2c3250fa2564c5bfa395cb
16bc74e3ebb6ef6cc2c56565701502e39ea269aa665dd74da5742d371f3b2939
1b1d51840695cebf90274b527443cd64945cd9dfc5d2b785b0a772996ec588fc
1be49cc86678c36e8d7886487df61502524790caece818114eec60f2ad0c295c
1cf0d28815562a498fb567f336647fc1604747fe1f41298ee79a635ca2fefb95
1d334ad3e7ee3100cd5f61e446cca2844783692c6f24107d615c89848da0641b
1dd598b3a6b65e7cae0d9bfc4ba10fd76c4dda498cbe5abe2a2b46686dc929a6
21684099693050fe6fecb937bb35c94dac2dc990158ed38a53d44ae28fd9c6e8
242c5a21f620bfdce13b9e5d61f802567c8f1759d4e782958659b7a02dc7ade2
249fb7b9310ec717e807304a4d2ebbfd9070e569f6e4a30804033e8df20e9a7e
27550cb45c550f1abe2bafaa75b598f6fee21c86ad0f037f85d43fabb380cb06
2ae2901f146e2e0eb83648fdfc19c78aca16e1674313e164bc93c3739bba5d36
325cee8a45b452b68fe28fb92173f63a7f19967dbe3bf794bf4e3211772150c9
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
37cc0451eec571b22864bfac29a3766ccebe2d1e48ac4a552a8e9b8e6f9be02f
3b6c7dad04b16cc0a17b436e5a035c05524ff060a0fd3b1137b6cef9f6ae6010
3cde3dc0691b364cf1af3f233269802b8b4d566b962c107fc49966e839222f1e
3e28966565c83f6ab07600adff5308a1ecc54261b6a7973b5e46eeeef0043ce2
416d1c5765ff3fbde867f106228f17a32182d6fbbf2fccb0a5e4f3b536ddefc1
44b6ec24326c6ac2be91d08eda6d4bef0e7c651a0d6e75afc1a552e1193a6388
44d96438eec3bf39527ff24f340f44bf7bb3607163aae0c2a444a17b0e3a705d
46ee1ab30f3444383ec0a8f8935209c95203acd8c53fb34a3fb3500ce74d9f33
47a3d1d29044a5086d50d45f66600b612cdd16df4893eaf01571c8d2d714f42c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
500cbc1f3b196f8a3ff2a8601aa095921b20388fe094d1e7e77c3ac4d7773918
5111b3af3c37b8466db90632f3cdb79670a1af92835aa85a510260b52f045a71
51de20a5dca5bbb8c711b6e79b41739067f25aab811ac801b04c80eaeb168bd8
51f45c89e5baf365e97a33c12bcd2a8bd365f5e156a519eb3c6db4a270ef0d1a
52d92094838844996eb5d1bc5d47010f4a71317372270570cf81a1198a795e06
52fe2f0394335dab93ffb9cac2bea65d4460b5d24cbc3861e62392194b11bfff
532653704ee297adf854b0635f30a263d115502ee6aeab9038f6a0ab8111a488
53b3dca8e8d89d6a16370291815bcadb55dd9ea18fdf23264ed0f5880e3b74b3
59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070
59ff4e9457a98e72723231e1ad962b8c2a77c67f6c025dc6464843931d061c0f
5b729934d326b5e8e01d2be540c73b39e46fcfa4ada189de7d11f7389e47f691
5d1765ca16cb96e4294a5c96b2084b580e200a2743b1ff7805d18bd8348825e9
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2
60c57279a0d0fe283ea911e8c54f96a5c4b2c7181b75ccc00a38c612dba2c703
60d9368fc1deb5a275b3786195a53ef1272fc24b05a313aa52b1bfcc0a0356a3
62a6c980b8be129cceb54b1c6e63cbf6be73035a0580640635096fb0df2d51ec
66aadd2c721e80559b35950806862b9c71b9d460a1d2c7bb2901a67872048b66
676788eac82d90570b7eb37cbe79b56ddb61b3884014e19515ed5d0b175518d6
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68778ad029c5359bda59f9f410e782e4843d2f6058e1e26956b7ccccff4f68ad
6b3422c0bf088fb098d4cf5a1e63791c8eecdcb4d3ab1dc0c36f19a30b171e36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bac28b40c710514ce42fda86320277f18b0c22a4ddb3091748cfe6493359a78
6ec347557d5285fb7f9c7355f286a01df3e56ed0cddd25e2063f3ac8eae78adf
72a30bd842777e2a4ffda18fc4060c3e91deb450266472505930e4a548fca83c
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
77e253f505244807bb3b20519289552308191f98fee3bf62a5ed216ef0027bbf
7f02c297c2ec5c2b64a6fa5462d1dc3681f19e778d819486cfe7cb73001f34d6
80d0a278e7a208ae2bd234aafcbdece69e63c9bf11e800d0ab5fa3c82176cf2c
821e02b7009ed37828e3acf4c71ae2f7949acd106935854e5e668d75c07e8d37
8459ce8cedefe43c38e7a0a53975193615fbb687d5a928257ea4a24c90aaf9ae
8b1c5686bb8f96c6c9fe284282bdc857b4ca07e52aedf312641db347ca80657d
8c53fd91e9052012f4f567f78281c4e47b91eff042e20ddbfd1b3106ebb6dc83
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
901c79c22ef845bf00ed4b4410c8054d64085c945433e9dad383610f3b0c0312
91822d970ea4cb3dbae6039431aaebfd36c46997c43a53a507518eed6dc230b2
91abe561c496b80a37f0a7551a49a0b1dc42aa680ca292cf55de3e17cfff0801
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
946a4a92ed1abe0bc69dabb3125912b3214b7545ef0b69abb8d531047dd326ac
9b0e415f742585b82139fb7076506657dde225088247e2ac0fba6f88a3d19588
a2046c1be0fb616163bc47b2e86470d4508c6c95a5cd0ba1a8dee67f81d8a15a
a2ef194ebea955025ec930aaa5c9adfb4bb5169751962ef42720c95982827d76
a394eb636d13caf95e027132d1e5b9ec10861c4ae5c0a7173ca38592761ba769
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9a83d40c9475418164c05e9c1c653f1659964c15b9ed67dfec72f467945f678
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5abf5b778d2b365d80d73fe19360dc9d79b037de4533335716e3a10cb02a19e
b758f60ab7ad38a56bdff71e6464b146312ea575f56ab7f6b05ed7f157f5bc48
b778ac81935e88f031e9f2dbbfb14f04cbf8c6c70e47bd978436d9682565b4c1
b9b9103c60ef2c61de42660d6cd67a82d9816426f2b0f0c0a8fa3a1deae3538c
bd4c78cb4cd5c2c87a907794076f7a7f7392f9df50958389afbec8c40eb5da8a
be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4
becfbf498f3cc9647d8fc8a70816cb1f3f73803a9fa293735cb9059c77854409
c0f02a3ba3b3498d9ff3243cd2185bbf9f9c961f1373b2b463dfa025c2d57c5b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c60536e1387fd63f18755c87e9028bc138c1cb11fc77a64a159777aae49a12b5
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c898153304038a5e6e8c6035ae0a6a8da62856916ea1edf7888afb7a8500aa4e
cbc8abcf771fbe0106242a5f0fb5c6abcee8f5e2eb295bd5099999bafe14f446
cd02fbd0abc1337b2fc991144d688342ad9008abb3708a11e384e9d8f87a8580
cd9c139673051af705b80d8eb599aa53d534b8d51674f0f8d4dea65a449e51e2
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
ce2825e437d640b7960641226185c6c3d9926b473dbc30c75d3ba28561c78e04
ce3c47fe7b0ca8961ebbb090b6fbbfe97fde0786e013cb5b8136295831158f1a
d134107061dcfaad34af3db635f5ca3b3e368bdeeada543ac4b2b6e183c6ecb8
d216b8da34933ed1ba140eccb7345ec388e9200b635dec8dd917e21834f35c4b
d3d31f25749c44b5fd5c6b6513cf051c0446ebc29e6e71184cfc12453dbc0183
d43162df9ba6745bf530d2a41d9989ce9627e6dc39b51b923c9c13b969f1786b
d67eaa6e32c34eea44a3f90b36561f63181ed3d0407665e4e7dc48d54e5b266d
db3a17d9680b13a4a6461177cfdc7832ddf86c8da24a33965c8a522c5610d932
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df3317fe7031ec742daeed002d97da566a8648fbacb939fce19093f17a79d5c1
e06c67ec4c566e757b4ff035a93ad4bc1d676bebb1ccb253260594d969396167
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e69ae9133bcc7f46c03b0b6608b525ed2cf440c9a218649f9525368093836a
ea53c0f6c41a94ce89c0362422ca79cf432008e7712716ea25cc8665183338d3
ebb38cf55c8bd74f2b83b45a0443696d60506e9c805d6a174e08fae991bf65ec
ede81721adafe0e10eb5a30b6258af3f850f09d8d06a1824aff5a6bf210926b2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f090e0970ee670ffb00bd0783fa690f1c56c03847ea4392ac7366d9aafcdebd5
f386aa29a5a10ad0fe124a6f07532dbb9d28e9fd5541d06c09a0d52e65afba3e
f3efcbc35e7324edd7d888029dac77b8a909ac07ad60e9a0c032792d51da18a5
f5f6230813ffa8709c7fad9072d474452b9128ff958aa2162975e684f74ae1e5
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f9b0195ab22815c68db0b05e89abfc88fcb0b46b8b9a28d70ca731f17e07053e
ff5e5f296b0ef16c2c0d6fbc4f47680335eac8b0a452f413e032531e9788238a
ffd2b669b1e9644f9c9173f577c545125cd4424a599f3c6068f57299cc2f5368