www.powerball.com Open in urlscan Pro
54.82.250.222 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.powerball.com/#winning-numbers
Effective URL:
https://www.powerball.com/
Submission: On February 20 via manual (February 20th 2020, 5:53:09 pm UTC) from US

Summary HTTP 263 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 37 IPs in 7 countries across 32 domains to perform 263 HTTP transactions. The main IP is 54.82.250.222, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.powerball.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 9th 2018. Valid for: 3 years.

This is the only time www.powerball.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 21	54.82.250.222 54.82.250.222	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:214... 2600:9000:214f:9200:15:3f44:b280:21	16509 (AMAZON-02) (AMAZON-02)
25	52.216.135.5 52.216.135.5	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:6ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.173.23.162 35.173.23.162	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1 3	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
3	2600:9000:214... 2600:9000:214f:9600:6:266a:9940:21	16509 (AMAZON-02) (AMAZON-02)
1	178.250.2.152 178.250.2.152	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	13.35.253.114 13.35.253.114	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
2 24	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE)
6	13.35.254.64 13.35.254.64	16509 (AMAZON-02) (AMAZON-02)
6	54.145.105.206 54.145.105.206	14618 (AMAZON-AES) (AMAZON-AES)
30	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
6	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	3.123.135.36 3.123.135.36	16509 (AMAZON-02) (AMAZON-02)
8 20	152.199.21.35 152.199.21.35	15133 (EDGECAST) (EDGECAST)
4	72.247.225.98 72.247.225.98	16625 (AKAMAI-AS) (AKAMAI-AS)
4	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	69.173.144.142 69.173.144.142	26667 (RUBICONPR...) (RUBICONPROJECT)
24	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
8 16	152.199.22.24 152.199.22.24	15133 (EDGECAST) (EDGECAST)
3	143.204.202.23 143.204.202.23	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
4	2600:9000:205... 2600:9000:2057:9000:e:ff8:b40:21	16509 (AMAZON-02) (AMAZON-02)
4	35.162.11.246 35.162.11.246	16509 (AMAZON-02) (AMAZON-02)
12 27	52.57.79.171 52.57.79.171	16509 (AMAZON-02) (AMAZON-02)
4 4	18.194.31.52 18.194.31.52	16509 (AMAZON-02) (AMAZON-02)
4	143.204.202.48 143.204.202.48	16509 (AMAZON-02) (AMAZON-02)
4 4	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE)
5 5	35.157.125.245 35.157.125.245	16509 (AMAZON-02) (AMAZON-02)
1 1	94.130.165.160 94.130.165.160	24940 (HETZNER-AS) (HETZNER-AS)
2 6	52.51.24.119 52.51.24.119	16509 (AMAZON-02) (AMAZON-02)
8	35.157.249.39 35.157.249.39	16509 (AMAZON-02) (AMAZON-02)
4 4	91.228.74.189 91.228.74.189	27281 (QUANTCAST) (QUANTCAST)
4	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-) (VCLK-EU-)
2 2	52.17.97.192 52.17.97.192	16509 (AMAZON-02) (AMAZON-02)
263	37

21 54.82.250.222 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-250-222.compute-1.amazonaws.com

www.powerball.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:9200:15:3f44:b280:21 (United States)

ASN16509 (AMAZON-02, US)

d2si3hiz85fm4q.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 52.216.135.5 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:6ad (United States)

ASN13335 (CLOUDFLARENET, US)

code.ionicframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.173.23.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-23-162.compute-1.amazonaws.com

s.gweini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.95.69.49 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:214f:9600:6:266a:9940:21 (United States)

ASN16509 (AMAZON-02, US)

dw7nrwnn2bkh1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.152 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.114 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-114.fra6.r.cloudfront.net

fs.gweini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 34.95.120.147 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com

lanista-bidder-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.35.254.64 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-254-64.fra6.r.cloudfront.net

d2tbmvllb55wxq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.145.105.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-105-206.compute-1.amazonaws.com

api.lanistaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.123.135.36 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-135-36.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 152.199.21.35 (United States) 8 redirects

ASN15133 (EDGECAST, US)

adserver.adtechus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.247.225.98 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-98.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.142 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 152.199.22.24 (United States) 8 redirects

ASN15133 (EDGECAST, US)

adserver.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.202.23 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-23.fra53.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2057:9000:e:ff8:b40:21 (United States)

ASN16509 (AMAZON-02, US)

deio3v2go54x9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.162.11.246 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-11-246.us-west-2.compute.amazonaws.com

wowyowapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 52.57.79.171 (Frankfurt am Main, Germany) 12 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-79-171.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.194.31.52 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-31-52.eu-central-1.compute.amazonaws.com

rtb-eu.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.202.48 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-48.fra53.r.cloudfront.net

img.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.22.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.157.125.245 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-125-245.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.165.160 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.160.165.130.94.clients.your-server.de

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.51.24.119 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-24-119.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.157.249.39 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-249-39.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.228.74.189 (United Kingdom) 4 redirects

ASN27281 (QUANTCAST, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:fa8:8806:13::1400 (Sweden)

ASN41041 (VCLK-EU-, SE)

aol-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.97.192 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-97-192.eu-west-1.compute.amazonaws.com

ads.avocet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	3lift.com 12 redirects tlx.3lift.com ib.3lift.com eb2.3lift.com img.3lift.com	180 KB
29	doubleclick.net 4 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	526 KB
25	amazonaws.com s3.amazonaws.com	2 MB
24	advertising.com 8 redirects adserver.adtech.advertising.com pixel.advertising.com	3 KB
24	openx.net 2 redirects lanista-bidder-d.openx.net eu-u.openx.net	343 KB
23	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	54 KB
21	powerball.com 3 redirects www.powerball.com	113 KB
20	adtechus.com 8 redirects adserver.adtechus.com	7 KB
18	googletagservices.com www.googletagservices.com	410 KB
14	cloudfront.net d2si3hiz85fm4q.cloudfront.net dw7nrwnn2bkh1.cloudfront.net d2tbmvllb55wxq.cloudfront.net deio3v2go54x9.cloudfront.net	2 MB
6	adsrvr.org 2 redirects match.adsrvr.org	2 KB
6	google.com adservice.google.com	2 KB
6	google.de adservice.google.de	2 KB
6	districtm.io dmx.districtm.io	637 B
6	lanistaads.com api.lanistaads.com	2 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
4	dotomi.com aol-match.dotomi.com	413 B
4	quantserve.com 4 redirects pixel.quantserve.com	2 KB
4	mfadsrvr.com 4 redirects rtb-eu.mfadsrvr.com	3 KB
4	wowyowapi.com wowyowapi.com
4	rubiconproject.com fastlane.rubiconproject.com	7 KB
4	pubmatic.com hbopenbid.pubmatic.com	304 B
4	casalemedia.com as-sec.casalemedia.com	4 KB
3	clean.gg 1 redirects i.clean.gg	430 B
3	criteo.net static.criteo.net	30 KB
2	avocet.io 2 redirects ads.avocet.io	1 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	gweini.com s.gweini.com fs.gweini.com	22 KB
2	ionicframework.com code.ionicframework.com	110 KB
1	splicky.com 1 redirects bidswitch-eu.splicky.com	235 B
1	criteo.com bidder.criteo.com	147 B
1	googleapis.com fonts.googleapis.com	2 KB
263	32

	Domain	Requested by
27	eb2.3lift.com	12 redirects www.powerball.com d2si3hiz85fm4q.cloudfront.net
25	s3.amazonaws.com	www.powerball.com s3.amazonaws.com
24	securepubads.g.doubleclick.net	www.powerball.com securepubads.g.doubleclick.net
21	www.powerball.com	3 redirects www.powerball.com s3.amazonaws.com
20	adserver.adtechus.com	8 redirects www.powerball.com
18	www.googletagservices.com	www.powerball.com
16	adserver.adtech.advertising.com	8 redirects www.powerball.com
14	tpc.googlesyndication.com	www.powerball.com
14	lanista-bidder-d.openx.net	2 redirects www.powerball.com lanista-bidder-d.openx.net
10	eu-u.openx.net	www.powerball.com
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.powerball.com
8	pixel.advertising.com	www.powerball.com d2tbmvllb55wxq.cloudfront.net
8	tlx.3lift.com	d2tbmvllb55wxq.cloudfront.net www.powerball.com
6	match.adsrvr.org	2 redirects www.powerball.com d2tbmvllb55wxq.cloudfront.net
6	adservice.google.com	www.powerball.com
6	adservice.google.de	www.powerball.com
6	dmx.districtm.io	d2tbmvllb55wxq.cloudfront.net
6	api.lanistaads.com	www.powerball.com
6	d2tbmvllb55wxq.cloudfront.net	d2si3hiz85fm4q.cloudfront.net
5	x.bidswitch.net	5 redirects
4	aol-match.dotomi.com	www.powerball.com
4	pixel.quantserve.com	4 redirects
4	cm.g.doubleclick.net	4 redirects
4	img.3lift.com	www.powerball.com
4	rtb-eu.mfadsrvr.com	4 redirects
4	wowyowapi.com	www.powerball.com
4	deio3v2go54x9.cloudfront.net	www.powerball.com
4	fastlane.rubiconproject.com	d2tbmvllb55wxq.cloudfront.net
4	hbopenbid.pubmatic.com	d2tbmvllb55wxq.cloudfront.net
4	as-sec.casalemedia.com	d2tbmvllb55wxq.cloudfront.net
3	ib.3lift.com	www.powerball.com d2si3hiz85fm4q.cloudfront.net
3	dw7nrwnn2bkh1.cloudfront.net	d2si3hiz85fm4q.cloudfront.net www.powerball.com
3	i.clean.gg	1 redirects d2si3hiz85fm4q.cloudfront.net www.powerball.com
3	static.criteo.net	www.powerball.com
2	ads.avocet.io	2 redirects
2	www.google-analytics.com	1 redirects www.powerball.com
2	code.ionicframework.com	www.powerball.com
1	bidswitch-eu.splicky.com	1 redirects
1	stats.g.doubleclick.net	www.powerball.com
1	fs.gweini.com	d2si3hiz85fm4q.cloudfront.net
1	bidder.criteo.com	static.criteo.net
1	s.gweini.com	www.powerball.com
1	fonts.googleapis.com	www.powerball.com
1	d2si3hiz85fm4q.cloudfront.net	www.powerball.com
263	44

This site contains links to these domains. Also see Links.

Domain
eb2.3lift.com

Subject Issuer	Validity	Valid
*.powerball.com Go Daddy Secure Certificate Authority - G2	`2018-02-09` - `2021-02-09`	3 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-02`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
ionicframework.com CloudFlare Inc ECC CA-2	`2019-12-04` - `2020-10-09`	10 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-12-03` - `2021-04-06`	a year	crt.sh
gweini.com Amazon	`2019-12-05` - `2021-01-05`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
i.clean.gg Let's Encrypt Authority X3	`2020-01-06` - `2020-04-05`	3 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-12-05` - `2021-04-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.adiply.com Amazon	`2019-12-05` - `2021-01-05`	a year	crt.sh
districtm.io CloudFlare Inc ECC CA-2	`2019-03-26` - `2020-03-26`	a year	crt.sh
*.3lift.com Amazon	`2019-07-17` - `2020-08-17`	a year	crt.sh
*.adtechus.com GeoTrust RSA CA 2018	`2019-08-07` - `2021-08-07`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.adtech.advertising.com DigiCert SHA2 High Assurance Server CA	`2018-05-22` - `2020-05-26`	2 years	crt.sh
wowyowapi.com Amazon	`2019-10-06` - `2020-11-06`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2017-06-14` - `2020-06-18`	3 years	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh

This page contains 34 frames:

Primary Page: https://www.powerball.com/
Frame ID: 247F486E4D98C91279FA9D416F7714DB
Requests: 78 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: 8E211D0A8CC6EA49B7C6604BE0E8776D
Requests: 17 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: 4AE22B97257CD17B4230FC3F42234430
Requests: 16 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: 84FBD8764A8DBBE003D6C7BECC390691
Requests: 30 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: 4F275A7C2C49DE238FE508161F513224
Requests: 27 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: 03611B1E05DD351FF96F8D26F7F4F4B7
Requests: 29 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: 8A3DFFC3069C5BBE67EDABC58028157D
Requests: 26 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Frame ID: C7CBF09756F620CE08598FC8C8EFBA98
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Frame ID: 7A0937772B4E93B5DE50EE46F427FA9D
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Frame ID: D1547C757193B46CECC6AE19F200C3A2
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Frame ID: ECA231587D963FF35CDF6CC75EAEDF9E
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: 7B775757E275336FFAE44279D1B15BE4
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: B1247BA1FFB07C70879B195855AB49B0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqgbtz6QqNCrvXveaAuWl7D6IQOXH77uVVErT4LTJc6O2RLBgVLKNxb3kbfkhgHPr5ooC5P3NYYkZnKDnx1C0sZflnIRLwjYkbCy0m3HfbgiO2l7llKCQ72GPxxRUmq1_Q-0MOtEt_gVV7dRPfO29ICWDelv64ZYwPxZ0wr5DX00Lwnp-SdMsXV7Ndr5x0vxRIU8f0Tdwf_NgrStnhA3Wa3xKUjmCQ_SvLyz0yq4xl9mZeRkgx6kTzKIAHEo6XsagEcJWtUPfGTxvP1j6COGs&sai=AMfl-YS-jkErXS92iD3d6l-LAPxbroRz6Kv5xlUroG-tFkDZ3LFB729sGBoBpmA8tqYy-U5zqeaR9QsPSDil084Uv5_N5Ut7Mto6HqQXNrLz_XdvOkHmj6Nz2P3WEDop1VQ&sig=Cg0ArKJSzBTp2gNfj3ArEAE&urlfix=1&adurl=
Frame ID: 69720EB1E702B751F1043AA5C1138B4B
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZNFnjTrImMABCQ-g4umE8IsFqjDdyQrF8yZBr_cs-RRd0EDW37wccCOU27BBEJ8UP22TGTQWlqjvzxAAbTGn3KJk_HWjwkazKOAG1FJ1nTJ7q6Uh_qpwRNLr-RcxA5Z3r58rcag-sM4QUMO0opzIk5Xb8KWurinlaJpDsQWqCI80ubn9IpfuQWLOpWKAj4kD1f7sa29qq-s6MhL4mOhSTzjv3uCnqi8hrxJU7_yR2mJhPv7zkUZoOm9nE2ViGh1-EyPV2hkXMhxniDkOptDo&sai=AMfl-YRIDBncqxbZmNgDLl2ruc_mSCgsRNz38yxnYMRDGkAy-SkC-hGyOjLDaNWZj70Ln4woUBZJt5NSrDS5chu_kqVG_YYG7YzI985Qt70o&sig=Cg0ArKJSzMjZABsnlnIBEAE&urlfix=1&adurl=
Frame ID: A5F5B5984DB5C4D228479D19B94DE7AA
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html
Frame ID: E5AFA38BB63F18E55511405AD4BAA9EE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html
Frame ID: F6F8C83C9B5BFC13F081A8F65491811C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnHbnadvtj63Q8YsPJ0tTMlLHocMqKfOJZqgr3oNtOrjPtTPXFxOxmIkkP7XWv3fTpTGmX3yhzgp5S_S-BCOivUoHElf5BwUyZqjEgKT87TsEZK7CCZWJZfE5DM4LM-ratOzVzj5QMXw5qeYypigod1f0NVk6iiVaF014BMNvcQ8sqBSlTD5jcg82b1Zqn8U8bsxe1VXhvUKly_UDwTWuBpdj3OzWmdvGi98K-JKjMcjzZOXd3Gem2XOPurESql3-yAiUGIq6zDcPlZkDZRw&sig=Cg0ArKJSzCu-7wkRcXvREAE&urlfix=1&adurl=
Frame ID: E308AF4967FF1D3C324542F333F4EAFE
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrp1IsnaFZe4BISIWx_IoqtYhlcYpyTFfkrQ4xpai04owPIDH4UErCvwlZr9Qa6tZEs68QawH-BOIVovcfeaOrj_Lg_XiICFDkpYCiIBJw_Iv-BVtXpcUc04u3mk35uvpUWTSnEeDoQn28Sjeu5e6WphyMHqROiXsjcGcSfsEbrIk32RSycq88O3Gnoaa6bpgNg7g3dTjfpxT4UoiWgL_Ye7Ck6NOCt8ej1Hj3loo4lz0YJuB89968zPKM_U5c0vB4QkpA39tMbhXsOZ0cRQ&sig=Cg0ArKJSzBeyyaEqQ-4gEAE&urlfix=1&adurl=
Frame ID: 1EDCD9A5E2FBC640BB2243CC46406597
Requests: 4 HTTP requests in this frame

Frame: https://wowyowapi.com/wowyowdisplay300x250desktop.php?u=fb243434-6d38-f6b6-4543-c462ef8458dc
Frame ID: A4A288428CE776E3859A01CB17BBADA0
Requests: 1 HTTP requests in this frame

Frame: https://wowyowapi.com/wowyowdisplay300x250desktop.php?u=fb243434-6d38-f6b6-4543-c462ef8458dc
Frame ID: D614787708B2E363B69E765E172CD291
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html
Frame ID: 9EAA7EB1C054E6DBE2876AA807FC7E9C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaQTN5sY5KuKgo4rPM00gvkys_yb_nXD8_ReBaCWQWpwAyLOrCAGL1C9TGpqWssev26Sh7OvVeGutsqA6dfKFZq-QRrx_Yz2dn-JN_QZkmJyDu2Oi9MN7A0yi7jtp9asMRCxQd8brWlDnN1rFoSu-5ACyCRtaVqpVXJwAcybKIWea75sszw_0-EFovuifUy4ChmYxZ0jtNehmqeuDHV1AZun8ff4Lz--CywBTkx3gYbI4qG3p71TMLstLL8hNaA3GHwtLapwo4q7q2PytlnQ&sig=Cg0ArKJSzP7wLJX0RL22EAE&urlfix=1&adurl=
Frame ID: 79AA9999FD8D36A582A86E9660DCC7A6
Requests: 3 HTTP requests in this frame

Frame: https://wowyowapi.com/wowyowdisplay300x250desktop.php?u=fb243434-6d38-f6b6-4543-c462ef8458dc
Frame ID: 9DEB38A8E6DB4EA4EF30CDBB7797B83E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsty1iRxNvQ4Aukx0QeuSytxyab1vCB6iu_1XkooOOqR6ENDMX9JSCMzfLqQcnbMuRbBSiwXZAazXKGRbZZQhQXrERRgS6t2K-nTrgnCJca7IPEBSLmT916F1Dkh-S5AexUORksVniUGgFX8VktqvthajQfQyVrrwOJjzC7MpZlfzqG1oaV41mxcxPto55Bf01YX1d234Hio_-sOft5JleKKnKHOpSyfgk1sneNg_iXPjxILARjv76ItK67OgBsX4iKkmqslS4HHQNWCZ8iS3w&sig=Cg0ArKJSzCNmk3i8KrfJEAE&urlfix=1&adurl=
Frame ID: 53DD9A6E43CBA648DA5CAEFE3F6750DD
Requests: 4 HTTP requests in this frame

Frame: https://wowyowapi.com/wowyowdisplay300x250desktop.php?u=fb243434-6d38-f6b6-4543-c462ef8458dc
Frame ID: 89169B24847074A33623430E49996AEE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html
Frame ID: 198492DCF6A17BDA9600C1462D64EC29
Requests: 1 HTTP requests in this frame

Frame: https://img.3lift.com/lp?width=600&height=338&url=%2F%2Fimages.3lift.com%2F5613819.png&logo_exclude=SE,SW&v=17
Frame ID: C6DB8AC74142F3AFE595FB2C5303FFD8
Requests: 1 HTTP requests in this frame

Frame: https://img.3lift.com/lp?width=600&height=338&url=%2F%2Fimages.3lift.com%2F10720421.jpg&logo_exclude=SE,SW&v=17
Frame ID: 974A3D3FBE33FE265D811445C0F960BE
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: 0D99D51E8869C2DCF16C168F31F66E39
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: A6C14D2FD4E32FE831FCC03EF7B74050
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: 40143655D2724251931BED13CD35913A
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: 5D655A0ECFD24ACADE5A16619D0513E3
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=20234&ld=1
Frame ID: 817E3AE6D1385C0BDF26653B18718473
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

263
Requests

100 %
HTTPS

31 %
IPv6

32
Domains

44
Subdomains

37
IPs

7
Countries

5884 kB
Transfer

8839 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://eb2.3lift.com/pass?tl_clickthrough=true&redir=https%3A%2F%2Frtb-eu.mfadsrvr.com%2Fclick%2F0w8jwcMZeP5zrgwBkTdANc5p8bTeII5SPav6Xw0m7XGOGVq5_2-AV6PoUAO8QNGrQyP9crU_x-kU0-uBPQx1e9Ojj87lUh7172YPv2R5-k0hoCNHvJ0-IOnv0adTwH0IrPGUButVIvG09MscaBQTSFAujBtoHtCe3kjuFHER_QWPB9IMxjJgJyDI_UbFvMfrV6XzDbcL83xIlHnlUw-eDkrpe2xGOKuYXEA2J2YdZp_vXDxl5AdX4Orx9jHOltRPtymwPX6nwg6Awy2CHPu59aqrwEfF3e1QoScp24LFjHRnbz6N5FNpGcW8n4mO3wMSG4uUqs6J_kAv9LrWPbsfaUVCkXPJ7DhVFvu_5w%2F%2F%2F&tluid=184985255511959075&bc=0.432&uid=184985255511959075&pr=0.345&brid=421062&bmid=4945&aid=158715717432129345990&ts=1582221154&sid=66498&cb=87701
Title:

Search URL Search Domain Scan URL

URL: https://eb2.3lift.com/pass?tl_clickthrough=true&redir=https%3A%2F%2Frtb-eu.mfadsrvr.com%2Fclick%2FO5JvGvgYrTvCjKJipjYtkVfnebXjpgU-0OdT62x163SmugZBDPIx8cQ6jkb7hKdXYn0cA4LXGwxSjEN6sPA1szt08tJJDeiXRJSV9u52V6D0KD_1gpmgvXCbPSeq9k_SZc0A30q_aFS-GL6Pm11UtMkQLyaDgOO7bGI3GcazJFOhcpJfOr36ZJSgq7JU-C-Ez6S9_YpRKojGZngTm_JxQfdQUQLzQrUyYp9QvutYAieu-UI2gMPdagdq6ZWGQibMWyP5geTeXBNQlDS8GzsOp68AmO1yHCkBH8Fbl7CLJmx5_OcbqJA1iEpcUFYh7Sf2hJFpM96G7g3-hhxaTZkjjDWRXxURGBB7nVssBw%2F%2F%2F&tluid=10103597430521641840&bc=0.663&uid=10103597430521641840&pr=0.531&brid=421062&bmid=4945&aid=161213508188684666070&ts=1582221154&sid=66498&cb=34123
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://www.powerball.com/s3fs-css/css/css_MTAJGw5A7OsSyWKMq6PkpQT-PDsw7G_iXW0ZXeV61KE.css?q4xjsj HTTP 302
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_MTAJGw5A7OsSyWKMq6PkpQT-PDsw7G_iXW0ZXeV61KE.css?q4xjsj

Request Chain 4

https://www.powerball.com/s3fs-css/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q4xjsj HTTP 302
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q4xjsj

Request Chain 24

https://www.powerball.com/s3fs-js/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js HTTP 302
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js

Request Chain 27

https://i.clean.gg/1a HTTP 302
https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json

Request Chain 48

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=1382914180&t=pageview&_s=1&dl=https%3A%2F%2Fwww.powerball.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Powerball&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGBACEABB~&jid=325709922&gjid=2096108155&cid=1845920512.1582221154&tid=UA-29233419-1&_gid=2118266949.1582221154&_r=1&z=1507799740 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29233419-1&cid=1845920512.1582221154&jid=325709922&_gid=2118266949.1582221154&gjid=2096108155&_v=j81&z=1507799740

Request Chain 79

https://lanista-bidder-d.openx.net/w/1.0/acj?ai=29815815-740f-47ec-9594-010c223dd953&o=2528625f14b219&ju=https%3A//www.powerball.com/%23winning-numbers&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ifr=1&tws=1600x1200 HTTP 302
https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=29815815-740f-47ec-9594-010c223dd953&o=2528625f14b219&ju=https%3A//www.powerball.com/%23winning-numbers&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ifr=1&tws=1600x1200

Request Chain 80

https://lanista-bidder-d.openx.net/w/1.0/acj?ai=50de23e5-014e-4ee5-9ae6-8b0a15ad1edf&o=206deb3e7607da&ju=https%3A//www.powerball.com/%23winning-numbers&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ifr=1&tws=1600x1200 HTTP 302
https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=50de23e5-014e-4ee5-9ae6-8b0a15ad1edf&o=206deb3e7607da&ju=https%3A//www.powerball.com/%23winning-numbers&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ifr=1&tws=1600x1200

Request Chain 89

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3; HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3

Request Chain 97

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3; HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3

Request Chain 108

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3; HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3

Request Chain 118

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3; HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3

Request Chain 139

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3

Request Chain 140

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3

Request Chain 141

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3

Request Chain 142

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3

Request Chain 149

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3

Request Chain 151

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3

Request Chain 152

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3

Request Chain 160

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3

Request Chain 169

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3 HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1Ac6c37764-5409-11ea-bbe7-12eca44d2d72;cfp=1;rndc=1582221155;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3

Request Chain 170

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3 HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1Ac6c87c32-5409-11ea-b811-12359aeea65a;cfp=1;rndc=1582221155;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3

Request Chain 172

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3 HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1Ac6c846ae-5409-11ea-825a-120ea4e1ae80;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3

Request Chain 175

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3 HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1Ac6cd62e2-5409-11ea-8169-12e650fea264;cfp=1;rndc=1582221155;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3

Request Chain 228

https://rtb-eu.mfadsrvr.com/sync?ssp=triplelift&seller_network=triplelift_&bid_id=aa95396c-0c43-4e68-868b-8b3bf8fb964e&initiator=me HTTP 302
https://rtb-eu.mfadsrvr.com/ul_cb/sync?ssp=triplelift&seller_network=triplelift_&bid_id=aa95396c-0c43-4e68-868b-8b3bf8fb964e&initiator=me HTTP 302
https://eb2.3lift.com/xuid?mid=4945&xuid=6929d78b-82f6-463d-9995-f86a167fe078&dongle=31ac HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4945&xuid=6929d78b-82f6-463d-9995-f86a167fe078&dongle=31ac&gdpr=1&cmp_cs=&us_privacy=

Request Chain 230

https://rtb-eu.mfadsrvr.com/sync?ssp=triplelift&seller_network=triplelift_&bid_id=fc82fbb4-6cc3-435b-aa3e-a165a6284f38&initiator=me HTTP 302
https://rtb-eu.mfadsrvr.com/ul_cb/sync?ssp=triplelift&seller_network=triplelift_&bid_id=fc82fbb4-6cc3-435b-aa3e-a165a6284f38&initiator=me HTTP 302
https://eb2.3lift.com/xuid?mid=4945&xuid=64234bff-ddaa-4a0d-a358-4147d026c5b7&dongle=31ac HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4945&xuid=64234bff-ddaa-4a0d-a358-4147d026c5b7&dongle=31ac&gdpr=1&cmp_cs=&us_privacy=

Request Chain 236

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&google_tc= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHFoIz4E8CZGSTcSEzXpP98&dongle=c627&google_cver=1 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=5989&xuid=CAESEHFoIz4E8CZGSTcSEzXpP98&dongle=c627&gdpr=1&cmp_cs=&us_privacy=

Request Chain 237

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://eb2.3lift.com/getuid?redir=%2F%2Fx.bidswitch.net%2Fsync%3Fssp%3Dtriplelift%26user_id%3D%24UID HTTP 302
https://x.bidswitch.net/sync?ssp=triplelift&user_id=17928146881780786190 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=17928146881780786190 HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=triplelift&bsw_custom_parameter=5a5c2a85-3c00-46fd-9148-880e76036465 HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=triplelift&expires=10&bsw_param=5a5c2a85-3c00-46fd-9148-880e76036465 HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=5a5c2a85-3c00-46fd-9148-880e76036465&dongle=d3d3

Request Chain 239

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHFoIz4E8CZGSTcSEzXpP98&dongle=c627&google_cver=1

Request Chain 242

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=veOW7euxlL6l55S-v-OP67-3xLulsJDrueL7Tf_r

Request Chain 244

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=YSNmMzdxZGB5J2o0MCJ_NTdzMTB5J2dgZyThPizd

Request Chain 245

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHFoIz4E8CZGSTcSEzXpP98&dongle=c627&google_cver=1

Request Chain 249

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://eb2.3lift.com/getuid?redir=%2F%2Fx.bidswitch.net%2Fsync%3Fssp%3Dtriplelift%26user_id%3D%24UID HTTP 302
https://x.bidswitch.net/sync?ssp=triplelift&user_id=4277454585892056513 HTTP 302
https://ads.avocet.io/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dtriplelift%26bsw_param%3D5a5c2a85-3c00-46fd-9148-880e76036465 HTTP 302
https://ads.avocet.io/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dtriplelift%26bsw_param%3D5a5c2a85-3c00-46fd-9148-880e76036465 HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=209f49fa-c449-4cca-8be1-019c175a507f&ssp=triplelift&bsw_param=5a5c2a85-3c00-46fd-9148-880e76036465 HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=5a5c2a85-3c00-46fd-9148-880e76036465&dongle=d3d3

Request Chain 250

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=YSNmMzdxZGB5J2o0MCJ_NTdzMTB5J2dgZyThPizd

Request Chain 254

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=YSNmMzdxZGB5J2o0MCJ_NTdzMTB5J2dgZyThPizd

Request Chain 255

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1 HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=41abf22d-8d13-4f76-a6c9-4c898fb2887d&dongle=0cfd

Request Chain 266

https://eb2.3lift.com/sync?max=10&cb=20234 HTTP 302
https://eb2.3lift.com/sync?max=10&cb=20234&ld=1

263 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.powerball.com/ 105 KB
15 KB 411ms
186ms Document
text/html 54.82.250.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.250.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-250-222.compute-1.amazonaws.com

Software

Apache /

Resource Hash

21813a4e6e30ea7cc6ee37b69343f829c11dcc45e2929d7ca3e101d679d20f1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.powerball.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Thu, 20 Feb 2020 17:52:33 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-content-type-options: nosniff nosniff
cache-control: max-age=86400, public
x-drupal-dynamic-cache: MISS
link: <http://www.powerball.com/>; rel="shortlink", <http://www.powerball.com/>; rel="canonical" <http://www.powerball.com/games/home>; rel="alternate"; hreflang="en" <http://www.powerball.com/es/games/home>; rel="alternate"; hreflang="es" </games/home>; rel="revision" </node?node=1>; rel="create"
x-ua-compatible: IE=edge
content-language: en
x-frame-options: SAMEORIGIN
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Thu, 20 Feb 2020 13:54:38 GMT
etag: "1582206878"
vary: Cookie,Accept-Encoding
x-generator: Drupal 8 (https://www.drupal.org)
x-drupal-cache: HIT
content-encoding: gzip

GET
H2 200 script.js Show response
d2si3hiz85fm4q.cloudfront.net/ 188 KB
67 KB 55ms
15ms Script
application/javascript 2600:9000:214f:9200:15:3f44:b280:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:9200:15:3f44:b280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e01707a99a6124581a9335a6455359704fbb50fb1f43db8402ef63c258796760

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 18:13:26 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 15:22:46 GMT
server: AmazonS3
age: 85148
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: M6A9yxXIoHzRxyl9nkKL7yu5999x_uost1FfQKF61AX0AY0kPZHSsQ==
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)

GET
H/1.1

200
OK

css_MTAJGw5A7OsSyWKMq6PkpQT-PDsw7G_iXW0ZXeV61KE.css
s3.amazonaws.com/cdn.powerball.com/drupal/files/css/
Redirect Chain

https://www.powerball.com/s3fs-css/css/css_MTAJGw5A7OsSyWKMq6PkpQT-PDsw7G_iXW0ZXeV61KE.css?q4xjsj
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_MTAJGw5A7OsSyWKMq6PkpQT-PDsw7G_iXW0ZXeV61KE.css?q4xjsj

7 KB
7 KB

426ms
130ms

Stylesheet
text/css

52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_MTAJGw5A7OsSyWKMq6PkpQT-PDsw7G_iXW0ZXeV61KE.css?q4xjsj
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3130091b0e40eceb12c9628caba3e4a504fe3c3b30ec6fe25d6d195de57ad4a1

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 20 Feb 2020 17:52:34 GMT
Last-Modified: Tue, 14 Jan 2020 20:57:58 GMT
Server: AmazonS3
x-amz-request-id: A7A83E705C589FC0
ETag: "4f22daf66a4de54f2814cbb474bc61b9"
Content-Type: text/css
Cache-Control: public, max-age=2419200
Accept-Ranges: bytes
Content-Length: 7243
x-amz-id-2: 3E66wsE0po5smrU7Cuuwo5842pLkD5T2Pt/YIB/Yy7+KTRNCj+Y4Z4UtGZpdmmjgWbWTJOpbe4c=

Redirect headers

date: Thu, 20 Feb 2020 17:52:33 GMT
x-content-type-options: nosniff
server: Apache
status: 302
content-type: text/html; charset=iso-8859-1
location: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_MTAJGw5A7OsSyWKMq6PkpQT-PDsw7G_iXW0ZXeV61KE.css?q4xjsj
cache-control: max-age=1209600
content-length: 302
expires: Thu, 05 Mar 2020 17:52:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 33 KB
2 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,300i,700|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c01fa660f5e3a79aee33f24fac394cc5f333632e26cdb380744ebac41d871b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 17:52:33 GMT
server: ESF
date: Thu, 20 Feb 2020 17:52:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Feb 2020 17:52:33 GMT

GET
H2 200 ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 50 KB
8 KB 31ms
15ms Stylesheet
text/css 2606:4700:20::681a:6ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

x-fastly-request-id: b3e5b3da5851cd14cc9f56a877d6c7d0ec710277
date: Thu, 20 Feb 2020 17:52:33 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 389
x-cache: HIT
status: 200
content-encoding: br
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-served-by: cache-fra19133-FRA
last-modified: Mon, 04 Feb 2019 22:08:34 GMT
server: cloudflare
x-github-request-id: 1A66:75C7:33DBEC:406DDD:5E4D0DB5
x-timer: S1582220764.165072,VS0,VE0
etag: W/"5c58b7e2-c854"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Wed, 19 Feb 2020 10:35:49 GMT
cache-control: max-age=31536000
cf-ray: 568255bf5a98dff3-FRA
x-proxy-cache: HIT
x-cache-hits: 3

GET
H/1.1

200
OK

css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css
s3.amazonaws.com/cdn.powerball.com/drupal/files/css/
Redirect Chain

https://www.powerball.com/s3fs-css/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q4xjsj
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q4xjsj

181 KB
182 KB

400ms
111ms

Stylesheet
text/css

52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q4xjsj
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6572a5c9d30eb6f8d2424be69ae3f8f4b8816cb46fbdbfe3fb0f94863c8ad922

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 20 Feb 2020 17:52:34 GMT
Last-Modified: Tue, 14 Jan 2020 20:57:29 GMT
Server: AmazonS3
x-amz-request-id: C6C7E025944306CD
ETag: "bf64468298603d6826b5cb6c0de6b0f0"
Content-Type: text/css
Cache-Control: public, max-age=2419200
Accept-Ranges: bytes
Content-Length: 185781
x-amz-id-2: vXLLODFEQXdleU2Tj2VECx5uSQho06ntrelxtdcxIZM5SLygkhENpXe9/GNaT5Em+JYor1M+AzU=

Redirect headers

date: Thu, 20 Feb 2020 17:52:33 GMT
x-content-type-options: nosniff
server: Apache
status: 302
content-type: text/html; charset=iso-8859-1
location: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q4xjsj
cache-control: max-age=1209600
content-length: 302
expires: Thu, 05 Mar 2020 17:52:33 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 96 KB
29 KB 22ms
21ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a7019b73cbcf928d42e36f0588c8748254ef15b914690083d80a629943267dcd

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:33 GMT
content-encoding: gzip
last-modified: Mon, 10 Feb 2020 14:17:04 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5e4165e0-181f1"
content-type: text/javascript
status: 200
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 21 Feb 2020 17:52:33 GMT

GET
H/1.1 200
OK gweiniClientV1.php Show response
s.gweini.com/ 60 KB
6 KB 455ms
136ms Script
text/html 35.173.23.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.gweini.com/gweiniClientV1.php?ClientID=PUB_ID&group=GPPowerball
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.23.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-23-162.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: d5ff44821e16661e64cb8f336248f282c85d7cf990b67074fbe8baf742f44da0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 20 Feb 2020 17:52:33 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Content-Length: 6278
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK powerball-power-play-68px.png
s3.amazonaws.com/cdn.powerball.com/drupal/files/ 29 KB
29 KB 194ms
104ms Image
image/png 52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/powerball-power-play-68px.png
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e03925061ffc4e98cda3a842d70a4e1955c9c129e45ddd942038a48370e0804c

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 20 Feb 2020 17:52:34 GMT
Last-Modified: Mon, 03 Jun 2019 18:45:39 GMT
Server: AmazonS3
x-amz-request-id: 6339CC1B31904852
ETag: "80e6eb478dda7fea2d1753e08ab7268a"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 29834
x-amz-id-2: 3IV0NK5bSTRMLfrLgU41uydCO6wrExzTq9tLMpRJ1MvtBDBZqdHE97zz34G4RfXi5U2/i7pb1Es=

GET
H/1.1 200
OK icon%20-%20suitcase.png
s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-11/ 1 KB
2 KB 105ms
105ms Image
image/png 52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-11/icon%20-%20suitcase.png
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 62a6c980b8be129cceb54b1c6e63cbf6be73035a0580640635096fb0df2d51ec

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 20 Feb 2020 17:52:34 GMT
Last-Modified: Mon, 03 Jun 2019 18:45:42 GMT
Server: AmazonS3
x-amz-request-id: DB8218D8408A2DD6
ETag: "10fafcb681743db4bdf20e94bd570fe6"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1339
x-amz-id-2: NO4IWxRR/hf4jVpX6FGXm7oVqvewuKXLRGuvON7D/+erdUkTTZpiA69Rez3cMYo7PqZIMz5Xu58=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 243
date: Thu, 20 Feb 2020 17:48:30 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Thu, 20 Feb 2020 19:48:30 GMT

GET
H2 200 plap-icon-how.png
www.powerball.com/themes/rapid/images/home/ 9 KB
9 KB 106ms
105ms Image
image/png 54.82.250.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/themes/rapid/images/home/plap-icon-how.png

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.250.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-250-222.compute-1.amazonaws.com

Software

Apache /

Resource Hash

51f45c89e5baf365e97a33c12bcd2a8bd365f5e156a519eb3c6db4a270ef0d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 17:52:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 31 Jan 2020 20:34:42 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 9192
expires: Thu, 05 Mar 2020 17:52:33 GMT

GET
H2 200 plap-icon-where.png
www.powerball.com/themes/rapid/images/home/ 2 KB
2 KB 107ms
105ms Image
image/png 54.82.250.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/themes/rapid/images/home/plap-icon-where.png

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.250.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-250-222.compute-1.amazonaws.com

Software

Apache /

Resource Hash

946a4a92ed1abe0bc69dabb3125912b3214b7545ef0b69abb8d531047dd326ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 17:52:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 31 Jan 2020 20:34:42 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1976
expires: Thu, 05 Mar 2020 17:52:33 GMT

GET
H2 200 plap-icon-powerplay.png
www.powerball.com/themes/rapid/images/home/ 3 KB
4 KB 108ms
107ms Image
image/png 54.82.250.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/themes/rapid/images/home/plap-icon-powerplay.png

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.250.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-250-222.compute-1.amazonaws.com

Software

Apache /

Resource Hash

ffd2b669b1e9644f9c9173f577c545125cd4424a599f3c6068f57299cc2f5368

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 17:52:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 31 Jan 2020 20:34:42 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 3385
expires: Thu, 05 Mar 2020 17:52:33 GMT

GET
H2 200 plap-icon-multidraw.png
www.powerball.com/themes/rapid/images/home/ 5 KB
5 KB 109ms
108ms Image
image/png 54.82.250.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/themes/rapid/images/home/plap-icon-multidraw.png

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.250.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-250-222.compute-1.amazonaws.com

Software

Apache /

Resource Hash

bd4c78cb4cd5c2c87a907794076f7a7f7392f9df50958389afbec8c40eb5da8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 17:52:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 31 Jan 2020 20:34:42 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 4817
expires: Thu, 05 Mar 2020 17:52:33 GMT

GET
H2 200 monument-smithsonian-1.png
www.powerball.com/themes/rapid/images/home/how-tall/ 273 B
479 B 110ms
109ms Image
image/png 54.82.250.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/themes/rapid/images/home/how-tall/monument-smithsonian-1.png

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.250.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-250-222.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b9b9103c60ef2c61de42660d6cd67a82d9816426f2b0f0c0a8fa3a1deae3538c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 17:52:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 31 Jan 2020 20:34:42 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 273
expires: Thu, 05 Mar 2020 17:52:33 GMT

GET
H2 200 monument-liberty2.png
www.powerball.com/themes/rapid/images/home/how-tall/ 927 B
1 KB 103ms
103ms Image
image/png 54.82.250.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/themes/rapid/images/home/how-tall/monument-liberty2.png

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.250.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-250-222.compute-1.amazonaws.com

Software

Apache /

Resource Hash

2ae2901f146e2e0eb83648fdfc19c78aca16e1674313e164bc93c3739bba5d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 31 Jan 2020 20:34:42 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 927
expires: Thu, 05 Mar 2020 17:52:34 GMT

GET
H2 200 monument-pyramid-3.png
www.powerball.com/themes/rapid/images/home/how-tall/ 2 KB
3 KB 104ms
104ms Image
image/png 54.82.250.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/themes/rapid/images/home/how-tall/monument-pyramid-3.png

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.250.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-250-222.compute-1.amazonaws.com

Software

Apache /

Resource Hash

52fe2f0394335dab93ffb9cac2bea65d4460b5d24cbc3861e62392194b11bfff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 31 Jan 2020 20:34:42 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 2432
expires: Thu, 05 Mar 2020 17:52:34 GMT

GET
H2 200 monument-bloomberg4.png
www.powerball.com/themes/rapid/images/home/how-tall/ 326 B
532 B 103ms
103ms Image
image/png 54.82.250.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/themes/rapid/images/home/how-tall/monument-bloomberg4.png

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.250.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-250-222.compute-1.amazonaws.com

Software

Apache /

Resource Hash

d67eaa6e32c34eea44a3f90b36561f63181ed3d0407665e4e7dc48d54e5b266d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 31 Jan 2020 20:34:42 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 326
expires: Thu, 05 Mar 2020 17:52:34 GMT

GET
H2 200 monument-eiffel-5.png
www.powerball.com/themes/rapid/images/home/how-tall/ 2 KB
3 KB 103ms
103ms Image
image/png 54.82.250.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/themes/rapid/images/home/how-tall/monument-eiffel-5.png

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.250.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-250-222.compute-1.amazonaws.com

Software

Apache /

Resource Hash

becfbf498f3cc9647d8fc8a70816cb1f3f73803a9fa293735cb9059c77854409

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 31 Jan 2020 20:34:42 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 2378
expires: Thu, 05 Mar 2020 17:52:34 GMT

GET
H2 200 monument-tradecenter-6.png
www.powerball.com/themes/rapid/images/home/how-tall/ 806 B
1012 B 103ms
103ms Image
image/png 54.82.250.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/themes/rapid/images/home/how-tall/monument-tradecenter-6.png

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.250.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-250-222.compute-1.amazonaws.com

Software

Apache /

Resource Hash

a2ef194ebea955025ec930aaa5c9adfb4bb5169751962ef42720c95982827d76

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 31 Jan 2020 20:34:42 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 806
expires: Thu, 05 Mar 2020 17:52:34 GMT

GET
H2 200 monument-burj-7.png
www.powerball.com/themes/rapid/images/home/how-tall/ 2 KB
2 KB 103ms
103ms Image
image/png 54.82.250.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/themes/rapid/images/home/how-tall/monument-burj-7.png

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.250.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-250-222.compute-1.amazonaws.com

Software

Apache /

Resource Hash

47a3d1d29044a5086d50d45f66600b612cdd16df4893eaf01571c8d2d714f42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 31 Jan 2020 20:34:42 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1545
expires: Thu, 05 Mar 2020 17:52:34 GMT

GET
H2 200 monument-sears-8.png
www.powerball.com/themes/rapid/images/home/how-tall/ 619 B
825 B 103ms
103ms Image
image/png 54.82.250.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/themes/rapid/images/home/how-tall/monument-sears-8.png

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.250.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-250-222.compute-1.amazonaws.com

Software

Apache /

Resource Hash

06ef905faafedcc71b11e25d395607fb6fef70fdbdaceb87c744255c67624799

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
x-content-type-options: nosniff
last-modified: Fri, 31 Jan 2020 20:34:42 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 619
expires: Thu, 05 Mar 2020 17:52:34 GMT

GET
H/1.1 200
OK odds.png
s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/ 20 KB
20 KB 110ms
109ms Image
image/png 52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/odds.png
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ff5e5f296b0ef16c2c0d6fbc4f47680335eac8b0a452f413e032531e9788238a

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 20 Feb 2020 17:52:34 GMT
Last-Modified: Mon, 03 Jun 2019 18:45:58 GMT
Server: AmazonS3
x-amz-request-id: 66EE6EBB98A02EDF
ETag: "31e28e1ff8717ae89c4787ce8930a8bc"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 20304
x-amz-id-2: phuGhLhg2TUtRmW3UXVesGkk1IQ6zVT+ifuqJ06G9p6ixOVrOL/wtP6ac92T7RamknXyHp2GHKc=

GET
H/1.1 200
OK payments.png
s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/ 20 KB
20 KB 122ms
122ms Image
image/png 52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/payments.png
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1b1d51840695cebf90274b527443cd64945cd9dfc5d2b785b0a772996ec588fc

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 20 Feb 2020 17:52:34 GMT
Last-Modified: Mon, 03 Jun 2019 18:45:58 GMT
Server: AmazonS3
x-amz-request-id: 7BAAAD5E828F944F
ETag: "7f93eb9bb1be1c208734e209e3ed1f8d"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 20330
x-amz-id-2: t+aSizcKsLWdgOovbqnmJCvc7SRCM3o5TPzHOlwguR0bleTRIeR9goz968/3LK4F5yQE4cmV8co=

GET
H/1.1

200
OK

js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js Show response
s3.amazonaws.com/cdn.powerball.com/drupal/files/js/
Redirect Chain

https://www.powerball.com/s3fs-js/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js

472 KB
472 KB

411ms
118ms

Script
application/javascript

52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3f1ff7d31ce12c7c2750f80726b70e80052dfa843702a5ec1071343bf02adea0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 20 Feb 2020 17:52:34 GMT
Last-Modified: Tue, 14 Jan 2020 20:57:59 GMT
Server: AmazonS3
x-amz-request-id: 681F9755D73AB6CF
ETag: "3a26b126127df1c6adc4c291d6931b15"
Content-Type: application/javascript
Cache-Control: public, max-age=2419200
Accept-Ranges: bytes
Content-Length: 483158
x-amz-id-2: Vi5U5wPT4k/TylsISc7GzXaF4oLDZTWEUQm6GzXkkOhA5r6oGF/JBtHPu1iGqwcHJSct8dxvQM0=

Redirect headers

date: Thu, 20 Feb 2020 17:52:33 GMT
x-content-type-options: nosniff
server: Apache
status: 302
content-type: text/html; charset=iso-8859-1
location: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js
cache-control: max-age=1209600
content-length: 292
expires: Thu, 05 Mar 2020 17:52:33 GMT

OPTIONS
H2 204 1a Show response
i.clean.gg/ 0
264 B 171ms
97ms XHR
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.69.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.powerball.com
Referer: https://www.powerball.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type,x-api-key

Response headers

date: Thu, 20 Feb 2020 17:52:33 GMT
via: 1.1 google
alt-svc: clear
server: nginx/1.17.4
access-control-allow-origin: *
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
status: 204
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,x-api-key
content-length: 0

GET
H2 200 958153f1b8b96ec4c4eb2147429105d9.json Show response
dw7nrwnn2bkh1.cloudfront.net/ 4 KB
5 KB 28ms
7ms XHR
application/json 2600:9000:214f:9600:6:266a:9940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:9600:6:266a:9940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27c74008dd3a59ca7fe3202a74e8d6ee8e5c63247df474656396e156fa6c1983

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 16:48:36 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 3838
x-cache: Hit from cloudfront
status: 200
content-length: 4411
last-modified: Wed, 19 Feb 2020 14:17:57 GMT
server: AmazonS3
etag: "db697f7ff75a7e3a8ee10625b7958f79"
access-control-max-age: 600
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: Nx3ZoVM-WZdWgCW_4l6EwbFY1sz5Su4tErvvBm8eg5qjONxczXuDVg==

GET
H2

302

958153f1b8b96ec4c4eb2147429105d9.json Show response
dw7nrwnn2bkh1.cloudfront.net/
Redirect Chain

https://i.clean.gg/1a
https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json

0
-1 B

104ms
103ms

XHR
text/html

34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.69.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 17:52:33 GMT
via: 1.1 google
alt-svc: clear
server: nginx/1.17.4
access-control-allow-origin: *
location: https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
status: 302
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,x-api-key
content-length: 145

Redirect headers

date: Thu, 20 Feb 2020 17:52:33 GMT
via: 1.1 google
server: nginx/1.17.4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,x-api-key
status: 302
location: https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: clear
content-length: 145

OPTIONS
H2 200 958153f1b8b96ec4c4eb2147429105d9.json Show response
dw7nrwnn2bkh1.cloudfront.net/ 0
387 B 358ms
357ms XHR
text/plain 2600:9000:214f:9600:6:266a:9940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:9600:6:266a:9940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: null
Referer: https://www.powerball.com/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type,x-api-key

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA53-C1
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, POST
status: 200
access-control-max-age: 600
x-cache: Miss from cloudfront
access-control-allow-origin: *
content-length: 0
x-amz-cf-id: hGxJURgXIVgTXs6Fke5Lg_4rs6NbImrI8mjb-99ft3ioJCpCTcoy8Q==
access-control-allow-headers: content-type, x-api-key

GET
H2 200 958153f1b8b96ec4c4eb2147429105d9.json Show response
dw7nrwnn2bkh1.cloudfront.net/ 4 KB
5 KB 7ms
6ms XHR
application/json 2600:9000:214f:9600:6:266a:9940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:9600:6:266a:9940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27c74008dd3a59ca7fe3202a74e8d6ee8e5c63247df474656396e156fa6c1983

Request headers

Referer: https://www.powerball.com/
Origin: null
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
x-api-key: cvYGNal5xGaRZYDiS2z80aL3JULuLgSOakuDmdmt
Content-Type: application/json

Response headers

date: Thu, 20 Feb 2020 14:18:17 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 12860
x-cache: Hit from cloudfront
status: 200
content-length: 4411
last-modified: Wed, 19 Feb 2020 14:17:57 GMT
server: AmazonS3
etag: "db697f7ff75a7e3a8ee10625b7958f79"
access-control-max-age: 600
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: xN5z9Jbin73vn04w6fQmWZPvBBGa8kVHmYv58Lxll5IH6ik0KFGkvA==

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
147 B 86ms
28ms XHR
text/plain 178.250.2.152
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=84&profileId=206&cb=35768689125
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Thu, 20 Feb 2020 17:52:33 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.powerball.com
timing-allow-origin: *
vary: Origin

GET
H2 200 gweiniV1_6_1.min.js Show response
fs.gweini.com/ 15 KB
16 KB 159ms
50ms Script
application/javascript 13.35.253.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.gweini.com/gweiniV1_6_1.min.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-114.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c60536e1387fd63f18755c87e9028bc138c1cb11fc77a64a159777aae49a12b5

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 19 Feb 2020 21:00:59 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jan 2020 19:47:21 GMT
server: AmazonS3
age: 75096
etag: "e7bb56484553f1223fea5d70ca7104f4"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 15682
x-amz-cf-id: WPnDRvAyG7nAUJ6nEmfMKSJRIapnsY9lwImMoOPDuePQJ9pdrvv57Q==

GET
H/1.1 200
OK header-rep.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 4 KB
4 KB 186ms
100ms Image
image/jpeg 52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/header-rep.jpg
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cd9c139673051af705b80d8eb599aa53d534b8d51674f0f8d4dea65a449e51e2

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q4xjsj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 20 Feb 2020 17:52:35 GMT
Last-Modified: Mon, 03 Jun 2019 18:42:36 GMT
Server: AmazonS3
x-amz-request-id: 824982067882D83E
ETag: "0e973dffc15bf2796e8b24b0a1dead33"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 3922
x-amz-id-2: GMw5jTjtxE6s92gO14k/xuI1X9FC25PPJnWUUxc4qVYqrCniecY5ppwG90zKHR58fHvrFxcd/qQ=

GET
H/1.1 200
OK draw-summary-hero-bg.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 166 KB
166 KB 137ms
109ms Image
image/png 52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/draw-summary-hero-bg.png
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a2b3fc2929f834a2a22450475944ed1146a14f8e159f8b138dfc70334c0c49c8

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q4xjsj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 20 Feb 2020 17:52:35 GMT
Last-Modified: Mon, 03 Jun 2019 18:42:36 GMT
Server: AmazonS3
x-amz-request-id: EA2FC524BDB4D281
ETag: "8c85d8a92fa58059342e8f2ef6b0ab7b"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 170075
x-amz-id-2: r2Fevri2ZE9GTlXFBkgk75njBtN5dPqsvt8SFK0NR+QDo+PWlW7cNzWRAupDuoWGbzlIQHGDdL0=

GET
H/1.1 200
OK chapter-sections-digits.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 134 KB
135 KB 108ms
108ms Image
image/png 52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/chapter-sections-digits.png
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 03bdd68a1e549bf59bc419d1842bec52628885efc75ed8a58a7d1f7671d6c4d7

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q4xjsj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 20 Feb 2020 17:52:35 GMT
Last-Modified: Mon, 03 Jun 2019 18:42:35 GMT
Server: AmazonS3
x-amz-request-id: D100FEE11A0A31A5
ETag: "463652a321bd08768e5436662ab77a65"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 137704
x-amz-id-2: GeNAcbBOfZL5RwFMJzEol3/2dTklKFcHt7DE5kjFJdsJfRCy6CefXOUjH31fuaYUdKIVDrESkpA=

GET
H/1.1 200
OK chapter-icon-digits.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 5 KB
5 KB 141ms
106ms Image
image/png 52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/chapter-icon-digits.png
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 325cee8a45b452b68fe28fb92173f63a7f19967dbe3bf794bf4e3211772150c9

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q4xjsj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 20 Feb 2020 17:52:35 GMT
Last-Modified: Mon, 03 Jun 2019 18:42:34 GMT
Server: AmazonS3
x-amz-request-id: C1B87457E2402916
ETag: "941ef7347e719b3dd272745a601be5ca"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4711
x-amz-id-2: 4z2YK8IYmpSDlqJqk3A4SsksfIVfhBMlznzQqU1cL20ZWhfj/wapyBhikfVnbkCRy7rWYV/jcp0=

GET
H/1.1 200
OK selected-tab.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 358 B
714 B 131ms
107ms Image
image/png 52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/selected-tab.png
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 60d9368fc1deb5a275b3786195a53ef1272fc24b05a313aa52b1bfcc0a0356a3

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q4xjsj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 20 Feb 2020 17:52:35 GMT
Last-Modified: Mon, 03 Jun 2019 18:42:37 GMT
Server: AmazonS3
x-amz-request-id: 5670A0A660881ED8
ETag: "a534365977f2b2e499d219861587f18f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 358
x-amz-id-2: HAGKU438DXfPucV5Jg4FrDSqYqR7z1vesxRpMXiZs2BLUkIHZLODq4okiBcInija1PhSNGV+kdU=

GET
H/1.1 200
OK ball-powerball-red.svg
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/home/ 2 KB
2 KB 109ms
109ms Image
image/svg+xml 52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/home/ball-powerball-red.svg
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9b0e415f742585b82139fb7076506657dde225088247e2ac0fba6f88a3d19588

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q4xjsj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 20 Feb 2020 17:52:35 GMT
Last-Modified: Mon, 03 Jun 2019 18:42:32 GMT
Server: AmazonS3
x-amz-request-id: 574C8C3656B1C7EB
ETag: "b51736b050323703cfdd1b2dea37359b"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1539
x-amz-id-2: 4a4zPKdjWW+htUiPMsfNFcgadW2xCkD0yp0+lGGQU8n8q0nClhoyjZ/8JMbc4XA7v97dPNx9q54=

GET
H/1.1 200
OK chapter-sections-plap.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 127 KB
128 KB 112ms
112ms Image
image/png 52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/chapter-sections-plap.png
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d134107061dcfaad34af3db635f5ca3b3e368bdeeada543ac4b2b6e183c6ecb8

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q4xjsj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 20 Feb 2020 17:52:35 GMT
Last-Modified: Mon, 03 Jun 2019 18:42:35 GMT
Server: AmazonS3
x-amz-request-id: DBAE97B19A413B8D
ETag: "919037d9f382c51cc1f7a8315a0fba30"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 130339
x-amz-id-2: v5FJBIpg+UcmDDTbK2mGxQdcAMY1Q4ZhULKMl1Z0ATZtjRaQTLpDDmdAOd2O7b8wmXTYDIYw+CQ=

GET
H/1.1 200
OK chapter-icon-plap.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 3 KB
3 KB 103ms
103ms Image
image/png 52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/chapter-icon-plap.png
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b5abf5b778d2b365d80d73fe19360dc9d79b037de4533335716e3a10cb02a19e

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q4xjsj
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 20 Feb 2020 17:52:35 GMT
Last-Modified: Mon, 03 Jun 2019 18:42:34 GMT
Server: AmazonS3
x-amz-request-id: ADBF6B454AF1C9FF
ETag: "dbf5cfdb8c71d88c4763528d7d7746d8"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2674
x-amz-id-2: OB0PPCbG02L6HkdZ/tm5uYehrg58RzLBviSok9H5jVnjm0JSTHnZOPLB3MW/7aEiDil4l/DS9K8=

GET
H/1.1 200
OK how-tall-desktop_0.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/ 10 KB
10 KB 104ms
104ms Image
image/jpeg 52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/how-tall-desktop_0.jpg
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 77e253f505244807bb3b20519289552308191f98fee3bf62a5ed216ef0027bbf

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 20 Feb 2020 17:52:35 GMT
Last-Modified: Mon, 03 Jun 2019 18:45:54 GMT
Server: AmazonS3
x-amz-request-id: DAFDF0667A425702
ETag: "d94fd880ae887e896b75c3a3992f6572"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 9768
x-amz-id-2: 7zCduxqA/eIegdyHiux33JUUP8vK4w+7InZ+emzY1/C9azlE1uiaBFq/q/G7AOWr/ve+ksb9NXw=

GET
H/1.1 200
OK ProximaNova-Regular.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Regular/ 39 KB
40 KB 401ms
115ms Font
application/font-woff 52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Regular/ProximaNova-Regular.woff
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5d1765ca16cb96e4294a5c96b2084b580e200a2743b1ff7805d18bd8348825e9

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q4xjsj
Origin: https://www.powerball.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 20 Feb 2020 17:52:35 GMT
Last-Modified: Tue, 04 Jun 2019 03:53:18 GMT
Server: AmazonS3
x-amz-request-id: 1F1DB79DF4570CF1
ETag: "78adc015dc4ffc4db6e237fefddcf605"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://www.powerball.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 40260
x-amz-id-2: 9VYyHdkhRMtgRFpP7AS9a9MlAugWiEWHwyyId73qyziYlR0BitVNdNjK+Y8R5HRoHLqSJnMBTBA=

GET
H2 200 ionicons.ttf
code.ionicframework.com/ionicons/2.0.1/fonts/ 184 KB
102 KB 45ms
20ms Font
font/ttf 2606:4700:20::681a:6ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.ionicframework.com/ionicons/2.0.1/fonts/ionicons.ttf?v=2.0.1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2

Request headers

Referer: https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Origin: https://www.powerball.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 2cb558fdb89b116d6f6eb50d4c8a1473c60526ca
date: Thu, 20 Feb 2020 17:52:33 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 323
x-cache: HIT
status: 200
content-encoding: br
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-served-by: cache-fra19162-FRA
last-modified: Mon, 04 Feb 2019 22:08:34 GMT
server: cloudflare
x-github-request-id: A56A:662D:DDC8F:129C44:5E3E1767
x-timer: S1582220830.334986,VS0,VE0
etag: W/"5c58b7e2-2e05c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
expires: Sat, 08 Feb 2020 01:57:13 GMT
cache-control: max-age=31536000
cf-ray: 568255c45f46dfd3-FRA
x-proxy-cache: HIT
x-cache-hits: 6

GET
H/1.1 200
OK ProximaNova-Bold.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Bold/ 40 KB
40 KB 402ms
117ms Font
application/font-woff 52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Bold/ProximaNova-Bold.woff
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 37cc0451eec571b22864bfac29a3766ccebe2d1e48ac4a552a8e9b8e6f9be02f

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q4xjsj
Origin: https://www.powerball.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 20 Feb 2020 17:52:35 GMT
Last-Modified: Tue, 04 Jun 2019 03:53:14 GMT
Server: AmazonS3
x-amz-request-id: 530DEDAB8DC088DE
ETag: "e05ada7ee5a2d1e5a50c5305ce23de68"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://www.powerball.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 40836
x-amz-id-2: nC+YfNJaoPSkUnP7z3W+bvWLoXf3HGZN40xsKLsMU82FKH7gotGlXl3MrZR1BPllI1E6j5vcxLk=

GET
H/1.1 200
OK ProximaNova-Semibold.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Semibold/ 39 KB
40 KB 429ms
146ms Font
application/font-woff 52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Semibold/ProximaNova-Semibold.woff
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 16bc74e3ebb6ef6cc2c56565701502e39ea269aa665dd74da5742d371f3b2939

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q4xjsj
Origin: https://www.powerball.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 20 Feb 2020 17:52:35 GMT
Last-Modified: Tue, 04 Jun 2019 03:53:19 GMT
Server: AmazonS3
x-amz-request-id: AB509BC42F38A03D
ETag: "cc1a6c632152a90dfa994a7280496cb3"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://www.powerball.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 40304
x-amz-id-2: W6wiFM9rqVCeIm/KfQjEzxtVgrR+C00GfkmrTYrtHklbR3+VrOjh9cWfswvN6MIaFB3OCjm5iFY=

GET
H/1.1 200
OK ProximaNova-Extrabld.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Extrabld/ 40 KB
40 KB 390ms
107ms Font
application/font-woff 52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Extrabld/ProximaNova-Extrabld.woff
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6bac28b40c710514ce42fda86320277f18b0c22a4ddb3091748cfe6493359a78

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q4xjsj
Origin: https://www.powerball.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 20 Feb 2020 17:52:35 GMT
Last-Modified: Tue, 04 Jun 2019 03:53:15 GMT
Server: AmazonS3
x-amz-request-id: 7166C190E937A159
ETag: "dbce0260a4c434e83703edda344b0329"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://www.powerball.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 40852
x-amz-id-2: ViAFQBr7lFga7t44NI1CtrVR/hVXkzXYkEHT1YOkBRuqsWmjDzkDTYOHmVDET7UrEvJxT+TCU48=

GET
H/1.1 200
OK ProximaNova-Light.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Light/ 39 KB
40 KB 412ms
125ms Font
application/font-woff 52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Light/ProximaNova-Light.woff
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 91822d970ea4cb3dbae6039431aaebfd36c46997c43a53a507518eed6dc230b2

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q4xjsj
Origin: https://www.powerball.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 20 Feb 2020 17:52:35 GMT
Last-Modified: Tue, 04 Jun 2019 03:53:17 GMT
Server: AmazonS3
x-amz-request-id: 226BD6EFE362F652
ETag: "0b903f87bae9c87f54243c90469294ee"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://www.powerball.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 40260
x-amz-id-2: e/rs7vs19ng+vhiFX37sh/GA+Egghs3z1nXl8ygIfhiqvdNIah2yIdPTPkgrnWo+tftoLTiX7tk=

GET
H/1.1 200
OK ProximaNova-RegularIt.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-RegularIt/ 39 KB
40 KB 412ms
125ms Font
application/font-woff 52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-RegularIt/ProximaNova-RegularIt.woff
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 59ff4e9457a98e72723231e1ad962b8c2a77c67f6c025dc6464843931d061c0f

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q4xjsj
Origin: https://www.powerball.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 20 Feb 2020 17:52:35 GMT
Last-Modified: Tue, 04 Jun 2019 03:53:19 GMT
Server: AmazonS3
x-amz-request-id: B37AE6E0CC47CB21
ETag: "24d85649dddd19938b718e8d57ddb2bf"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://www.powerball.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 40116
x-amz-id-2: tfNY7gUFm3/YZAN1BfqrpJWFDT59jdG/Btxyw/BfXqguamJSfyMOYDFUUvMQo629jqa9aZkVAO8=

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=1382914180&t=pageview&_s=1&dl=https%3A%2F%2Fwww.powerball.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Powerball&sd=24-bit&sr=1600x1200&vp=...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29233419-1&cid=1845920512.1582221154&jid=325709922&_gid=2118266949.1582221154&gjid=2096108155&_v=j81&z=1507799740

35 B
102 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29233419-1&cid=1845920512.1582221154&jid=325709922&_gid=2118266949.1582221154&gjid=2096108155&_v=j81&z=1507799740

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Thu, 20 Feb 2020 17:52:34 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:33 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29233419-1&cid=1845920512.1582221154&jid=325709922&_gid=2118266949.1582221154&gjid=2096108155&_v=j81&z=1507799740
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 419
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 17ms
17ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
access-control-allow-origin: *
etag: "493ea254-2b"
content-type: image/gif
status: 200
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 14 Feb 2021 17:52:34 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 15ms
15ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
access-control-allow-origin: *
etag: "493ea254-2b"
content-type: image/gif
status: 200
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 14 Feb 2021 17:52:34 GMT

GET
H2 200 recent Show response
www.powerball.com/api/v1/numbers/powerball/ 301 B
560 B 125ms
125ms XHR
application/json 54.82.250.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powerball.com/api/v1/numbers/powerball/recent?_format=json

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.250.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-250-222.compute-1.amazonaws.com

Software

Apache /

Resource Hash

ad2a6b8c6da9c45f9fcdf0520cdca0d33bec1bcc8ca776aa64ce382987b296b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.powerball.com/
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
status: 200
x-drupal-dynamic-cache: MISS
content-length: 146
x-ua-compatible: IE=edge
last-modified: Thu, 20 Feb 2020 15:54:13 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1582214053"
vary: Cookie,Accept-Encoding
content-language: en
x-generator: Drupal 8 (https://www.drupal.org)
cache-control: max-age=86400, public
content-type: application/json
x-drupal-cache: HIT
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 powerball Show response
www.powerball.com/api/v1/estimates/ 160 B
551 B 126ms
125ms XHR
application/json 54.82.250.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powerball.com/api/v1/estimates/powerball?_format=json

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.250.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-250-222.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b1119a7192a90116d4eda38a6ef0bed5574645146060016eba7aa26835e5077e

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.powerball.com/
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
status: 200
x-drupal-dynamic-cache: HIT
content-length: 138
x-ua-compatible: IE=edge
last-modified: Thu, 20 Feb 2020 15:54:13 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1582214053"
vary: Cookie,Accept-Encoding
content-language: en
x-generator: Drupal 8 (https://www.drupal.org)
cache-control: max-age=86400, public
content-type: application/json
x-drupal-cache: HIT
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 recent10 Show response
www.powerball.com/api/v1/numbers/powerball/ 1001 B
665 B 126ms
125ms XHR
application/json 54.82.250.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powerball.com/api/v1/numbers/powerball/recent10?_format=json

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.250.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-250-222.compute-1.amazonaws.com

Software

Apache /

Resource Hash

2839650b3ee37babe07a373e693fb7c483b56a395f3af1e1fe7809dfb5371dee

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.powerball.com/
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
status: 200
x-drupal-dynamic-cache: MISS
content-length: 251
x-ua-compatible: IE=edge
last-modified: Thu, 20 Feb 2020 15:54:13 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1582214053"
vary: Cookie,Accept-Encoding
content-language: en
x-generator: Drupal 8 (https://www.drupal.org)
cache-control: max-age=86400, public
content-type: application/json
x-drupal-cache: HIT
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H/1.1 200
OK hero-home-d-v2.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2018-02/ 141 KB
141 KB 177ms
107ms Image
image/jpeg 52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2018-02/hero-home-d-v2.jpg
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4266325a01fe2566fd77a4c1c061f8f05b73b07e498ebca7597942c9bd1d4fa0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 20 Feb 2020 17:52:35 GMT
Last-Modified: Mon, 03 Jun 2019 18:47:14 GMT
Server: AmazonS3
x-amz-request-id: 26199CB925F595E9
ETag: "9564c99c2a65359a431fdf65e45d4cb8"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 144068
x-amz-id-2: ck7wHIdIG9WemkfF32yWWeCwRWwZ0KPCyS4sA6A0l7xb3KdfJusuJrQMAvJjipJ9Fn5IT+QWGKU=

GET
H2 200 /
www.powerball.com/ 64 KB
64 KB 128ms
127ms Image
text/html 54.82.250.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.250.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-250-222.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
status: 200
x-drupal-dynamic-cache: MISS
vary: Cookie,Accept-Encoding
x-ua-compatible: IE=edge
last-modified: Thu, 20 Feb 2020 13:54:38 GMT
server: Apache
etag: "1582206878"
x-frame-options: SAMEORIGIN
content-language: en
x-generator: Drupal 8 (https://www.drupal.org)
cache-control: max-age=86400, public
content-type: text/html; charset=UTF-8
link: <http://www.powerball.com/>; rel="shortlink", <http://www.powerball.com/>; rel="canonical", <http://www.powerball.com/games/home>; rel="alternate"; hreflang="en", <http://www.powerball.com/es/games/home>; rel="alternate"; hreflang="es", </games/home>; rel="revision", </node?node=1>; rel="create"
x-drupal-cache: HIT
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H/1.1 200
OK hero-home-d_0.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2018-01/ 264 KB
264 KB 113ms
112ms Image
image/jpeg 52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2018-01/hero-home-d_0.jpg
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6b3422c0bf088fb098d4cf5a1e63791c8eecdcb4d3ab1dc0c36f19a30b171e36

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 20 Feb 2020 17:52:35 GMT
Last-Modified: Mon, 03 Jun 2019 18:46:29 GMT
Server: AmazonS3
x-amz-request-id: 73E116AAC3018454
ETag: "7f3021434efe42ed5c9720ca66cbfdc0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 270033
x-amz-id-2: xD6DvLD5CAE9pfVhtEXzpXVhaWyCs9xYVQJgS8N63OR5T9Pf3QbxxBypKyD8YwwnJFI6Y3xSLCc=

GET
H/1.1 200
OK divider-img-home-9ways.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2018-01/ 486 KB
486 KB 143ms
143ms Image
image/jpeg 52.216.135.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2018-01/divider-img-home-9ways.jpg
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.135.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b758f60ab7ad38a56bdff71e6464b146312ea575f56ab7f6b05ed7f157f5bc48

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 20 Feb 2020 17:52:35 GMT
Last-Modified: Mon, 03 Jun 2019 18:46:23 GMT
Server: AmazonS3
x-amz-request-id: F8B142B1D11306E8
ETag: "02dfd34fecf8640a24d1123ca8a81313"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 497334
x-amz-id-2: +L1cRbh5xpiKl3hKpSO2osjQLX/p3M0p0xhZdtsIFzG6/Nmb+O0ESN8cenAIM45pqK0vAn+unJA=

GET
H2 200 powerball Show response
www.powerball.com/api/v1/estimates/ 160 B
551 B 121ms
121ms XHR
application/json 54.82.250.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powerball.com/api/v1/estimates/powerball?_format=json

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.250.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-250-222.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b1119a7192a90116d4eda38a6ef0bed5574645146060016eba7aa26835e5077e

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.powerball.com/
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
status: 200
x-drupal-dynamic-cache: HIT
content-length: 138
x-ua-compatible: IE=edge
last-modified: Thu, 20 Feb 2020 15:54:13 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1582214053"
vary: Cookie,Accept-Encoding
content-language: en
x-generator: Drupal 8 (https://www.drupal.org)
cache-control: max-age=86400, public
content-type: application/json
x-drupal-cache: HIT
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 jstag Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 8E21 166 KB
57 KB 137ms
79ms Script
text/javascript 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash: 93168de01bbf26ba2b3a1e91258fcbe401b7101bbca35054c3086adc5d57ac75

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
server: OXGW/16.176.1
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 57980
via: 1.1 google
expires: Thu, 20 Feb 2020 18:52:34 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 8E21 277 KB
277 KB 170ms
33ms Script
application/javascript 13.35.254.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-64.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 19 Feb 2020 22:40:40 GMT
Via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 69115
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
X-Amz-Cf-Pop: FRA6-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: qPTpH3jM6bdsEVIcPfJgmorL3v9RCnmb_SJ9PsU8PZAw17dWNhfR4g==

GET
H2 200 jstag Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 4AE2 166 KB
57 KB 88ms
42ms Script
text/javascript 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash: cb1a28e024751f74290795028b5b3c0d4dd317abf690468fd9f5072cdfab7aee

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
server: OXGW/16.176.1
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 57977
via: 1.1 google
expires: Thu, 20 Feb 2020 18:52:34 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 4AE2 277 KB
277 KB 162ms
36ms Script
application/javascript 13.35.254.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-64.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 19 Feb 2020 22:40:40 GMT
Via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 69115
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
X-Amz-Cf-Pop: FRA6-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: z86AgkLj8ICgBDrxRIDjixLeqc9kdKJT7dhASA8GaTWJdRWmzCMZFg==

GET
H2 200 jstag Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 84FB 166 KB
57 KB 122ms
88ms Script
text/javascript 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash: 568474cd097612b01c1d833acce0d89e3dc3b7025ef4f5ce2edce5916e343bc4

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
server: OXGW/16.176.1
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 57972
via: 1.1 google
expires: Thu, 20 Feb 2020 18:52:34 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 84FB 277 KB
277 KB 152ms
37ms Script
application/javascript 13.35.254.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-64.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 19 Feb 2020 22:40:40 GMT
Via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 69115
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
X-Amz-Cf-Pop: FRA6-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: nHo3ji3PJgy8mp-ry83mC1fXRo8eoA0vn9buvmG6s83spDbtmSXmUA==

GET
H2 200 jstag Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 4F27 166 KB
57 KB 126ms
104ms Script
text/javascript 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash: dd7334593836d8688061782f39c8e4bfc31ba3fc68f08a23d1757cecc2ad5706

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
server: OXGW/16.176.1
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 57967
via: 1.1 google
expires: Thu, 20 Feb 2020 18:52:34 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 4F27 277 KB
277 KB 151ms
40ms Script
application/javascript 13.35.254.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-64.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 19 Feb 2020 22:40:40 GMT
Via: 1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 69115
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
X-Amz-Cf-Pop: FRA6-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: 5g85wzUu-FOgNmTkc5zPxvobTBrynpeHkRdc8lt20DkHqV30BsZ11Q==

GET
H2 200 jstag Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 0361 166 KB
57 KB 117ms
107ms Script
text/javascript 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash: 93e3e4603daf747b6329d561752827ba833cd64b66bb8bd5d56efc15ea23c5d2

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
server: OXGW/16.176.1
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 57974
via: 1.1 google
expires: Thu, 20 Feb 2020 18:52:34 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 0361 277 KB
277 KB 152ms
41ms Script
application/javascript 13.35.254.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-64.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 19 Feb 2020 22:40:40 GMT
Via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 69115
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
X-Amz-Cf-Pop: FRA6-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: dWEDr2lQj5zG0XecjUeaYw5xVruG0WzYEIYFnvEblyWK8tMz_b79Kg==

GET
H2 200 jstag Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 8A3D 166 KB
57 KB 116ms
116ms Script
text/javascript 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash: e27f20db3953f659d4d57f2e07df27a7f6699301ef72d1f83d98b6ff7a429408

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
server: OXGW/16.176.1
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 57976
via: 1.1 google
expires: Thu, 20 Feb 2020 18:52:34 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 8A3D 277 KB
277 KB 128ms
56ms Script
application/javascript 13.35.254.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-64.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 19 Feb 2020 22:40:40 GMT
Via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 69115
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
X-Amz-Cf-Pop: FRA6-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: C__VstWSwSg4XhQv0QwQKvD6_0YY4wyfQKL7NAvp8el4UxXrF8uq5w==

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
328 B 418ms
100ms Image
image/png 54.145.105.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=970x250&SiteID=APST09010385POWB9701&Zone=ATF&g=259
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.105.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-105-206.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 Feb 2020 17:52:33 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
transfer-encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
322 B 428ms
103ms Image
image/png 54.145.105.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=970x250&SiteID=APST09010385POWB9702&Zone=ATF&g=330
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.105.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-105-206.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 Feb 2020 17:52:34 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
transfer-encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
323 B 426ms
103ms Image
image/png 54.145.105.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3001&Zone=ATF&g=205
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.105.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-105-206.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 Feb 2020 17:52:33 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
transfer-encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
323 B 428ms
106ms Image
image/png 54.145.105.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3002&Zone=ATF&g=760
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.105.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-105-206.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 Feb 2020 17:52:34 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
transfer-encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
323 B 405ms
100ms Image
image/png 54.145.105.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3003&Zone=ATF&g=772
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.105.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-105-206.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 Feb 2020 17:52:33 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
transfer-encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
298 B 403ms
103ms Image
image/png 54.145.105.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3004&Zone=ATF&g=242
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.105.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-105-206.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 Feb 2020 17:52:33 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 70
Content-Type: image/png

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 4AE2 43 KB
15 KB 51ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d08ff48ec5b86dd1dcdff144d6a9edd7608ff6146713a35bba361ff44ba545d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "433 / 816 of 1000 / last-modified: 1582218796"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14495
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:34 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 8E21 43 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5942fe1a6c99120ec11cb98230cd557a5bfe60e98466dd96824a036d80a78aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "433 / 201 of 1000 / last-modified: 1582218842"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:34 GMT

GET
H2

302

acj Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 84FB
Redirect Chain

https://lanista-bidder-d.openx.net/w/1.0/acj?ai=29815815-740f-47ec-9594-010c223dd953&o=2528625f14b219&ju=https%3A//www.powerball.com/%23winning-numbers&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=...
https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=29815815-740f-47ec-9594-010c223dd953&o=2528625f14b219&ju=https%3A//www.powerball.com/%23winning-numbers&jr=&be=1&prf=0&auid=538738919&aus=300x25...

0
-1 B

30ms
30ms

XHR

34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=29815815-740f-47ec-9594-010c223dd953&o=2528625f14b219&ju=https%3A//www.powerball.com/%23winning-numbers&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ifr=1&tws=1600x1200
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
via: 1.1 google
server: OXGW/16.176.1
access-control-allow-origin: https://www.powerball.com
location: https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=29815815-740f-47ec-9594-010c223dd953&o=2528625f14b219&ju=https%3A//www.powerball.com/%23winning-numbers&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ifr=1&tws=1600x1200
p3p: CP="CUR ADM OUR NOR STA NID"
status: 302
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

Redirect headers

date: Thu, 20 Feb 2020 17:52:34 GMT
via: 1.1 google
server: OXGW/16.176.1
status: 302
location: https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=29815815-740f-47ec-9594-010c223dd953&o=2528625f14b219&ju=https%3A//www.powerball.com/%23winning-numbers&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ifr=1&tws=1600x1200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.powerball.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2

302

acj Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 4F27
Redirect Chain

https://lanista-bidder-d.openx.net/w/1.0/acj?ai=50de23e5-014e-4ee5-9ae6-8b0a15ad1edf&o=206deb3e7607da&ju=https%3A//www.powerball.com/%23winning-numbers&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=...
https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=50de23e5-014e-4ee5-9ae6-8b0a15ad1edf&o=206deb3e7607da&ju=https%3A//www.powerball.com/%23winning-numbers&jr=&be=1&prf=0&auid=538738919&aus=300x25...

0
-1 B

30ms
30ms

XHR

34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=50de23e5-014e-4ee5-9ae6-8b0a15ad1edf&o=206deb3e7607da&ju=https%3A//www.powerball.com/%23winning-numbers&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ifr=1&tws=1600x1200
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
via: 1.1 google
server: OXGW/16.176.1
access-control-allow-origin: https://www.powerball.com
location: https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=50de23e5-014e-4ee5-9ae6-8b0a15ad1edf&o=206deb3e7607da&ju=https%3A//www.powerball.com/%23winning-numbers&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ifr=1&tws=1600x1200
p3p: CP="CUR ADM OUR NOR STA NID"
status: 302
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

Redirect headers

date: Thu, 20 Feb 2020 17:52:34 GMT
via: 1.1 google
server: OXGW/16.176.1
status: 302
location: https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=50de23e5-014e-4ee5-9ae6-8b0a15ad1edf&o=206deb3e7607da&ju=https%3A//www.powerball.com/%23winning-numbers&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ifr=1&tws=1600x1200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.powerball.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 acj Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 0361 454 B
487 B 63ms
63ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/acj?ai=aaee5896-b014-447e-a3f0-d3ae05ef9fa0&o=207124e68e6de7&ju=https%3A//www.powerball.com/%23winning-numbers&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=300x250&ifr=1&tws=1600x1200
Requested by: Host: lanista-bidder-d.openx.net
URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash: ad1dd0f75fad2002ed5d8856aa65d51960011c109659917d002cee358e0e0927

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
server: OXGW/16.176.1
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.powerball.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 282
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 acj Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 84FB 453 B
574 B 37ms
36ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=29815815-740f-47ec-9594-010c223dd953&o=2528625f14b219&ju=https%3A//www.powerball.com/%23winning-numbers&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ifr=1&tws=1600x1200
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash: 282e82832a9d710fbe4afa05a8da453b967e5718cebb39438642d35f7f36c520

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
server: OXGW/16.176.1
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.powerball.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 281
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 acj Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 8A3D 454 B
484 B 44ms
43ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/acj?ai=d63797f4-e73c-4fc4-a107-198127d16b67&o=2372e56b957a67&ju=https%3A//www.powerball.com/%23winning-numbers&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=300x250&ifr=1&tws=1600x1200
Requested by: Host: lanista-bidder-d.openx.net
URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash: 6a0ee7aa79a9fdd5c678da186ab2bfad75ad0f3b18a1df52b2505c455b6b359e

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
server: OXGW/16.176.1
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.powerball.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 282
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 acj Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 4F27 453 B
483 B 36ms
35ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=50de23e5-014e-4ee5-9ae6-8b0a15ad1edf&o=206deb3e7607da&ju=https%3A//www.powerball.com/%23winning-numbers&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ifr=1&tws=1600x1200
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash: 3c740e7a65f491916c536f9593ab4e96cdd40d7b8efb10c93a074d54efb3eee3

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
server: OXGW/16.176.1
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.powerball.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 281
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 8E21 0
442 B 91ms
45ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.powerball.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 568255c7e87ddbff-LHR
access-control-allow-headers: origin, content-type

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 8E21 3 KB
2 KB 438ms
303ms XHR
application/json 3.123.135.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=2.44.3&referrer=https%3A%2F%2Fwww.powerball.com%2F%23winning-numbers&tmax=3000

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.135.36 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-123-135-36.eu-central-1.compute.amazonaws.com

Software

Resource Hash

48c3f76ce8f7a776bfc1e72a6368b56e5d28e35019f8c4464f0f5c9a7b5e2312

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 1816
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame C7CB 0
0 31ms
30ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=63814856-6a60-0fa5-03ad-4dfe4b80f101|1582221154
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=63814856-6a60-0fa5-03ad-4dfe4b80f101|1582221154; Version=1; Expires=Fri, 19-Feb-2021 17:52:34 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1582221154|mOsLgqgikin0fcmWiygu; Version=1; Expires=Fri, 06-Mar-2020 17:52:34 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.176.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 20 Feb 2020 17:52:34 GMT
content-type: text/html
content-length: 482
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 84FB 43 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d08ff48ec5b86dd1dcdff144d6a9edd7608ff6146713a35bba361ff44ba545d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "433 / 351 of 1000 / last-modified: 1582218796"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14495
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:34 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 84FB
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3;
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3

0
-1 B

379ms
318ms

XHR

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:34 GMT
server: nginx
access-control-allow-origin: https://www.powerball.com
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:34 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.powerball.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 84FB 0
39 B 73ms
52ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.powerball.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 568255c7e882dbff-LHR
access-control-allow-headers: origin, content-type

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 84FB 24 B
990 B 248ms
156ms XHR
application/json 72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=398900&v=7.2&r=%7B%22id%22%3A%225912114a9b442f%22%2C%22imp%22%3A%5B%7B%22id%22%3A%226018cee06fee2e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22398900%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.powerball.com%2F%23winning-numbers%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f6583df084303deb69ba3387cfa7c4ce2ac0305f56d35a50270de0f8af3b6df6

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 17:52:34 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.powerball.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 44
Expires: Thu, 20 Feb 2020 17:52:34 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 84FB 0
62 B 237ms
178ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 20 Feb 2020 17:52:34 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.powerball.com

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 84FB 238 B
2 KB 265ms
126ms XHR
application/json 69.173.144.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=https%3A%2F%2Fwww.powerball.com%2F%23winning-numbers&tk_flint=pbjs_lite_v2.44.3&x_source.tid=3ebd506c-af6c-4f3b-9cc1-e7e0d1be662b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3596365402832269
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 94a20ad6be9c79571f682570df938813afd221123c16c6c6b318b0b034cb48d3

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 17:52:34 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.powerball.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 238
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 84FB 19 B
478 B 272ms
173ms XHR
application/json 3.123.135.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=2.44.3&referrer=https%3A%2F%2Fwww.powerball.com%2F%23winning-numbers&tmax=3000

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.135.36 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-123-135-36.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:34 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 4AE2 0
39 B 55ms
51ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.powerball.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 568255c7e880dbff-LHR
access-control-allow-headers: origin, content-type

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 4AE2 3 KB
2 KB 292ms
199ms XHR
application/json 3.123.135.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=2.44.3&referrer=https%3A%2F%2Fwww.powerball.com%2F%23winning-numbers&tmax=3000

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.135.36 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-123-135-36.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6c04979989423dbab6e3652d8ccbd923f7a74e01930d0fb90678edc322a16bab

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 1821
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 4F27
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3;
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3

0
-1 B

327ms
327ms

XHR

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:34 GMT
server: nginx
access-control-allow-origin: https://www.powerball.com
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:34 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.powerball.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 4F27 238 B
2 KB 452ms
286ms XHR
application/json 69.173.144.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=https%3A%2F%2Fwww.powerball.com%2F%23winning-numbers&tk_flint=pbjs_lite_v2.44.3&x_source.tid=635ff587-3c14-44d4-afa5-eb18f009fe41&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8761207650530705
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 102057bc3b54f941f994f2e2e5360e50b501a025f7819703f21cd7b193dcb16d

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 17:52:34 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.powerball.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 238
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 4F27 0
39 B 44ms
44ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.powerball.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 568255c82914dbff-LHR
access-control-allow-headers: origin, content-type

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 4F27 0
118 B 37ms
29ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 20 Feb 2020 17:52:34 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.powerball.com

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 4F27 19 B
478 B 211ms
164ms XHR
application/json 3.123.135.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=2.44.3&referrer=https%3A%2F%2Fwww.powerball.com%2F%23winning-numbers&tmax=3000

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.135.36 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-123-135-36.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:34 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 4F27 25 B
991 B 298ms
112ms XHR
application/json 72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=398900&v=7.2&r=%7B%22id%22%3A%221101710a1fc30de%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2212e97b0c1151df5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22398900%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.powerball.com%2F%23winning-numbers%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b535234cdfbb37fac75d8bffe21a567fc50a049fba22e5ff63fcbacad3192a77

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 17:52:34 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.powerball.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Thu, 20 Feb 2020 17:52:34 GMT

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 7A09 0
0 40ms
40ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=63814856-6a60-0fa5-03ad-4dfe4b80f101|1582221154; pd=v2|1582221154|mOsLgqgikin0fcmWiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=63814856-6a60-0fa5-03ad-4dfe4b80f101|1582221154; Version=1; Expires=Fri, 19-Feb-2021 17:52:34 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1582221154|rsgmkimWfcvmsHqGgqmuiynIsLomgemOgunsn0gi; Version=1; Expires=Fri, 06-Mar-2020 17:52:34 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.176.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 20 Feb 2020 17:52:34 GMT
content-type: text/html
content-length: 480
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 0361 43 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d08ff48ec5b86dd1dcdff144d6a9edd7608ff6146713a35bba361ff44ba545d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "433 / 966 of 1000 / last-modified: 1582218796"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14495
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:34 GMT

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame D154 0
0 30ms
30ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=63814856-6a60-0fa5-03ad-4dfe4b80f101|1582221154; pd=v2|1582221154|mOsLgqgikin0fcmWiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=63814856-6a60-0fa5-03ad-4dfe4b80f101|1582221154; Version=1; Expires=Fri, 19-Feb-2021 17:52:34 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1582221154|rsgmkimWfcvmsHqGgqmuiynIsLomgemOgunsn0gi; Version=1; Expires=Fri, 06-Mar-2020 17:52:34 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.176.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 20 Feb 2020 17:52:34 GMT
content-type: text/html
content-length: 480
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 8A3D 43 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d08ff48ec5b86dd1dcdff144d6a9edd7608ff6146713a35bba361ff44ba545d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "433 / 766 of 1000 / last-modified: 1582218796"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14495
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:34 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 0361 0
39 B 43ms
43ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.powerball.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 568255c85990dbff-LHR
access-control-allow-headers: origin, content-type

GET
H2

302

ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 0361
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3;
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3

0
-1 B

318ms
318ms

XHR

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:34 GMT
server: nginx
access-control-allow-origin: https://www.powerball.com
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:34 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.powerball.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 0361 238 B
2 KB 278ms
97ms XHR
application/json 69.173.144.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=https%3A%2F%2Fwww.powerball.com%2F%23winning-numbers&tk_flint=pbjs_lite_v2.44.3&x_source.tid=2c37b75f-5a4d-40e4-8cca-6b5a30b4c969&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6131833476083581
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 40921502d76e0e2dd2e8172b291e5c35da8c3315b75c5f93809378a68e5781a3

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 17:52:34 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.powerball.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 238
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 0361 19 B
478 B 185ms
171ms XHR
application/json 3.123.135.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=2.44.3&referrer=https%3A%2F%2Fwww.powerball.com%2F%23winning-numbers&tmax=3000

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.135.36 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-123-135-36.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:34 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 0361 24 B
990 B 370ms
104ms XHR
application/json 72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=398900&v=7.2&r=%7B%22id%22%3A%229c06b1761b62ce%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2210ecd77ff10bf4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22398900%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.powerball.com%2F%23winning-numbers%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5eed85a3265467e1c3aee8c89e218d4147ea0b85cef1aac8cbdd90a57dedf63d

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 17:52:34 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.powerball.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 44
Expires: Thu, 20 Feb 2020 17:52:34 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 0361 0
62 B 30ms
30ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 20 Feb 2020 17:52:34 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.powerball.com

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame ECA2 0
0 31ms
31ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=63814856-6a60-0fa5-03ad-4dfe4b80f101|1582221154; pd=v2|1582221154|mOsLgqgikin0fcmWiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=63814856-6a60-0fa5-03ad-4dfe4b80f101|1582221154; Version=1; Expires=Fri, 19-Feb-2021 17:52:34 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1582221154|rsgmkimWfcvmsHqGgqmuiynIsLomgemOgunsn0gi; Version=1; Expires=Fri, 06-Mar-2020 17:52:34 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.176.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 20 Feb 2020 17:52:34 GMT
content-type: text/html
content-length: 480
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 4F27 43 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d08ff48ec5b86dd1dcdff144d6a9edd7608ff6146713a35bba361ff44ba545d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "433 / 924 of 1000 / last-modified: 1582218796"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14495
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:34 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 8A3D 238 B
2 KB 238ms
108ms XHR
application/json 69.173.144.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=https%3A%2F%2Fwww.powerball.com%2F%23winning-numbers&tk_flint=pbjs_lite_v2.44.3&x_source.tid=4588bcf6-04db-4294-a24e-31675e707877&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.03136379372258724
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 2ec20d0eb31989e3cdf4703e84aca61637104ff66037193da49b1999b64c251d

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 17:52:34 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.powerball.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 238
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 8A3D 0
62 B 32ms
31ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 20 Feb 2020 17:52:34 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.powerball.com

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 8A3D 24 B
990 B 396ms
100ms XHR
application/json 72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=398900&v=7.2&r=%7B%22id%22%3A%225ad439fb3fe1dc%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2264f7dc3f323c66%22%2C%22ext%22%3A%7B%22siteID%22%3A%22398900%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.powerball.com%2F%23winning-numbers%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 529105b11eccd81d3d141b3508ce35e02387f89cd234d561c085ce48b9866c64

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 17:52:35 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.powerball.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 44
Expires: Thu, 20 Feb 2020 17:52:35 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 8A3D
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3;
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3

0
-1 B

320ms
318ms

XHR

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:34 GMT
server: nginx
access-control-allow-origin: https://www.powerball.com
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:34 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://www.powerball.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 8A3D 19 B
479 B 279ms
278ms XHR
application/json 3.123.135.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=2.44.3&referrer=https%3A%2F%2Fwww.powerball.com%2F%23winning-numbers&tmax=3000

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.135.36 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-123-135-36.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:34 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 8A3D 0
39 B 48ms
48ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.powerball.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 568255c8db0cdbff-LHR
access-control-allow-headers: origin, content-type

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4AE2 109 B
778 B 32ms
14ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4AE2 109 B
778 B 32ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4AE2 167 KB
61 KB 228ms
94ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62230
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:34 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 8E21 109 B
171 B 22ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8E21 109 B
171 B 21ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020021802.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8E21 167 KB
61 KB 268ms
145ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020021802.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

06c08e3ba81a0a899a551a554791954c7b40ff431de2c6a206e166617578903d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Feb 2020 20:41:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62262
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:34 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 84FB 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 84FB 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 84FB 167 KB
61 KB 301ms
182ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62230
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:34 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 0361 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0361 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0361 167 KB
61 KB 223ms
135ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62230
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:34 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 8A3D 109 B
171 B 18ms
18ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8A3D 109 B
171 B 17ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8A3D 167 KB
61 KB 319ms
243ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62230
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:34 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4F27 109 B
171 B 18ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4F27 109 B
171 B 16ms
14ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4F27 167 KB
61 KB 338ms
264ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62230
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:34 GMT

GET
H2

302

ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3 Show response
adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 84FB
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidflo...

0
-1 B

332ms
331ms

XHR

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: nginx
access-control-allow-origin: https://www.powerball.com
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: nginx
status: 302
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: https://www.powerball.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3 Show response
adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 4F27
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidflo...

0
-1 B

340ms
340ms

XHR

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: nginx
access-control-allow-origin: https://www.powerball.com
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: nginx
status: 302
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: https://www.powerball.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3 Show response
adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 0361
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidflo...

0
-1 B

330ms
330ms

XHR

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: nginx
access-control-allow-origin: https://www.powerball.com
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: nginx
status: 302
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: https://www.powerball.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3 Show response
adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 8A3D
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidflo...

0
-1 B

315ms
315ms

XHR

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: nginx
access-control-allow-origin: https://www.powerball.com
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: nginx
status: 302
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: https://www.powerball.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8E21 4 KB
2 KB 213ms
212ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3156965395163289&correlator=2276916312193157&output=ldjh&impl=fifs&adsid=NT&eid=21065570%2C21062888%2C21063635%2C21065371%2C21065305&vrg=2020021802&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200220&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&prev_scp=hb_name%3DAPST09010385POWB9701__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D970x250_t%26hb_pb_triplelift%3D0.50%26hb_adid_triplelift%3D5c4f08bb610a4e%26hb_bidder_triplelift%3Dtriplelift%26hb_pb%3D0.50%26hb_adid%3D5c4f08bb610a4e%26hb_bidder%3Dtriplelift&eri=1&cookie_enabled=1&cdm=www.powerball.com&bc=31&abxe=1&lmt=1582221155&dt=1582221155120&dlt=1582221154148&idt=954&ea=0&frm=23&biw=1585&bih=1200&isw=970&ish=250&oid=3&adxs=308&adys=960&adks=3386903054&ucis=f2e9a97dff543326cf4fa7cec1b34f1b&ifi=1&ifk=627720725&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.powerball.com%2F&top=https%3A%2F%2Fwww.powerball.com%2F%23winning-numbers&dssz=11&icsg=2724&mso=4&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x250&ga_vid=1845920512.1582221154&ga_sid=1582221155&ga_hid=1716149958&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020021802.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

d8afc3ddba3b6c466770cf4a8729e5e5451b2549d9aba7aa4493b366d7ec3cc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2132
x-xss-protection: 0
google-lineitem-id: 5150465474
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 93506260334
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020021802.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8E21 66 KB
24 KB 92ms
92ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020021802.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

1a36f0a6f239c7826ac18991fae20560138d016bbd336c5e5156b9ef15ebf523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Feb 2020 20:41:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24891
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:35 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 8E21 0
0 19ms
6ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4AE2 4 KB
3 KB 142ms
142ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1576544880911809&correlator=3492618789153478&output=ldjh&impl=fifs&adsid=NT&eid=21064169%2C21065371%2C21065391%2C21065304%2C21065305&vrg=2020013001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200220&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&prev_scp=hb_name%3DAPST09010385POWB9702__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D970x250_t%26hb_pb_triplelift%3D0.75%26hb_adid_triplelift%3D54d5d47e8d57f7%26hb_bidder_triplelift%3Dtriplelift%26hb_pb%3D0.75%26hb_adid%3D54d5d47e8d57f7%26hb_bidder%3Dtriplelift&eri=1&cookie_enabled=1&cdm=www.powerball.com&bc=31&abxe=1&lmt=1582221155&dt=1582221155172&dlt=1582221154168&idt=993&ea=0&frm=23&biw=1585&bih=1200&isw=970&ish=250&oid=3&adxs=308&adys=3139&adks=3392797045&ucis=937ef48e4a456ae5b9f9eaef8d2b248e&ifi=1&ifk=627720725&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.powerball.com%2F&top=https%3A%2F%2Fwww.powerball.com%2F%23winning-numbers&dssz=11&icsg=2724&mso=4&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x250&ga_vid=1845920512.1582221154&ga_sid=1582221155&ga_hid=787175892&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

94270c22d6027f50f8471fa95d3cf91762ab8caec4dbb2c65ce223365b928cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2395
x-xss-protection: 0
google-lineitem-id: 5149903621
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 93506260334
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4AE2 66 KB
24 KB 92ms
92ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24903
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:35 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 4AE2 0
0 8ms
5ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2

302

ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3 Show response
adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 84FB
Redirect Chain

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidflo...
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidflo...

0
-1 B

160ms
94ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: nginx
access-control-allow-origin: null
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: nginx
status: 302
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 7B77 0
0 30ms
29ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=63814856-6a60-0fa5-03ad-4dfe4b80f101|1582221154; pd=v2|1582221154|rsgmkimWfcvmsHqGgqmuiynIsLomgemOgunsn0gi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=63814856-6a60-0fa5-03ad-4dfe4b80f101|1582221154; Version=1; Expires=Fri, 19-Feb-2021 17:52:35 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1582221154.1|rsgmkimWfcvmsHqGgqmuiynIsLomgemOgunsn0gi.foj8jotutlvtfQiSsflE; Version=1; Expires=Fri, 06-Mar-2020 17:52:35 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.176.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 20 Feb 2020 17:52:35 GMT
content-type: text/html
content-length: 548
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2

302

ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3 Show response
adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 4F27
Redirect Chain

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidflo...
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidflo...

0
-1 B

144ms
96ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: nginx
access-control-allow-origin: null
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: nginx
status: 302
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3 Show response
adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 0361
Redirect Chain

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidflo...
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidflo...

0
-1 B

133ms
100ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: nginx
access-control-allow-origin: null
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: nginx
status: 302
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame B124 0
0 59ms
58ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=63814856-6a60-0fa5-03ad-4dfe4b80f101|1582221154; pd=v2|1582221154.1|rsgmkimWfcvmsHqGgqmuiynIsLomgemOgunsn0gi.foj8jotutlvtfQiSsflE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=63814856-6a60-0fa5-03ad-4dfe4b80f101|1582221154; Version=1; Expires=Fri, 19-Feb-2021 17:52:35 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1582221154.1|rsgmkimWfcvmsHqGgqmuiynIsLomgemOgunsn0gi.fogSj8tKjotutlvtfQiSsflErF; Version=1; Expires=Fri, 06-Mar-2020 17:52:35 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.176.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 20 Feb 2020 17:52:35 GMT
content-type: text/html
content-length: 322
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6972 0
0 70ms
70ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqgbtz6QqNCrvXveaAuWl7D6IQOXH77uVVErT4LTJc6O2RLBgVLKNxb3kbfkhgHPr5ooC5P3NYYkZnKDnx1C0sZflnIRLwjYkbCy0m3HfbgiO2l7llKCQ72GPxxRUmq1_Q-0MOtEt_gVV7dRPfO29ICWDelv64ZYwPxZ0wr5DX00Lwnp-SdMsXV7Ndr5x0vxRIU8f0Tdwf_NgrStnhA3Wa3xKUjmCQ_SvLyz0yq4xl9mZeRkgx6kTzKIAHEo6XsagEcJWtUPfGTxvP1j6COGs&sai=AMfl-YS-jkErXS92iD3d6l-LAPxbroRz6Kv5xlUroG-tFkDZ3LFB729sGBoBpmA8tqYy-U5zqeaR9QsPSDil084Uv5_N5Ut7Mto6HqQXNrLz_XdvOkHmj6Nz2P3WEDop1VQ&sig=Cg0ArKJSzBTp2gNfj3ArEAE&urlfix=1&adurl=

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Thu, 20 Feb 2020 17:52:35 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:35 GMT

GET
H/1.1 200
OK ttj Show response
ib.3lift.com/ Frame 6972 8 KB
3 KB 1501ms
137ms Script
application/javascript 143.204.202.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=powerball_desktop_970x250
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.23 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-23.fra53.r.cloudfront.net
Software: /
Resource Hash: 24b306a6ee219c34e039771a1f1c0bb51252ec1afa183bb8740f2e68c113bca0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 20 Feb 2020 17:52:36 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA53-C1
ETag: "ee57ef5625f021a0972330ca1c2767bf"
X-Cache: Miss from cloudfront
Content-Type: application/javascript; charset=utf-8
Via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
Cache-Control: public, max-age=900
Connection: keep-alive
Content-Length: 2755
X-Amz-Cf-Id: Q0ZlFq2jZAyjfvuUN624NstrNjdMnG9ykYxIu_6TWR4wKmKZDrwptg==

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6972 71 KB
27 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b7f95ea376c84f25dd1359009f53c0a00a2999c897fde63e84d8384c019f614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582122122802407"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27379
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:35 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4AE2 73 KB
27 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

753def12fae8722bef366a340b5ab7c34a15c8cd8432cdddb30d8f91ab987b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582122122802407"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27674
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:35 GMT

GET
H2 200 notify
tlx.3lift.com/header/ Frame 6972 37 B
183 B 78ms
77ms Image
image/gif 3.123.135.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/header/notify?px=1&pr=0.531&ts=1582221154&aid=161213508188684666070&ec=4945_66498_337769_ssl&n=GpIDaHR0cDovL3J0Yi1ldS5tZmFkc3J2ci5jb20vaW1wX3Mycy92MS9PNUp2R3ZnWXJUdkNqS0ppcGpZdGtWZm5lYlhqcGdVLTBPZFQ2MngxNjNTbXVnWkJEUEl4OGNRNmprYjdoS2RYWW4wY0E0TFhHd3hTakVONnNQQTFzenQwOHRKSkRlaVhSSlNWOXU1MlY2RDBLRF8xZ3BtZ3ZYQ2JQU2VxOWtfU1pjMEEzMHFfYUZTLUdMNlBtMTFVdE1rUUx5YURnT083YkdJM0djYXpKRk9oY3BKZk9yMzZaSlNncTdKVS1DLUV6NlM5X1lwUktvakdabmdUbV9KeFFmZFFVUUx6UXJVeVlwOVF2dXRZQWlldS1VSTJnTVBkYWdkcTZaV0dRaWJNV3lQNWdlVGVYQk5RbERTOEd6c09wNjhBbU8xeUhDa0JIOEZibDdDTEpteDVfT2NicUpBMWlFcGNVRlloN1NmMmhKRnBNOTZHN2czLWhoeGFUWmtqakRXUlh4VVJHQkI3blZzc0J3LzAuNjYz8gKfAQgAEhUxNjEyMTM1MDgxODg2ODQ2NjYwNzAYACABKNEmMMKHBEABSABQAGABaABwxtkZkAEAmAEAqAH70dYCsAGXBbgBAMABkwTIAZcF4AEK8AEA%2BAGXBYACkwSIAgqRAgAAAAAAAPA%2FmQKamZmZmZnJP6ECAAAAAAAA8D%2BoAgCwAgDIAgLYAgDxAq5H4XoUru8%2F%2BALRJpADApgDAKADAPgCDIgDAJIDBDMxYWM%3D
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.135.36 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-135-36.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
content-length: 37
content-type: image/gif

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4AE2 7 KB
6 KB 33ms
17ms XHR
application/json 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020013001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0441fbe7c5d2525f78a0e975c17397503778a73109cfa289a7195c35241bd16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5139
x-xss-protection: 0

GET
H2

302

ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3 Show response
adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 8A3D
Redirect Chain

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidflo...
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidflo...

0
-1 B

101ms
101ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: nginx
access-control-allow-origin: null
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: nginx
status: 302
location: https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E21 0
68 B 14ms
14ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=3156965395163289&r=970x250&w=1&h=1

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A5F5 0
0 69ms
69ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZNFnjTrImMABCQ-g4umE8IsFqjDdyQrF8yZBr_cs-RRd0EDW37wccCOU27BBEJ8UP22TGTQWlqjvzxAAbTGn3KJk_HWjwkazKOAG1FJ1nTJ7q6Uh_qpwRNLr-RcxA5Z3r58rcag-sM4QUMO0opzIk5Xb8KWurinlaJpDsQWqCI80ubn9IpfuQWLOpWKAj4kD1f7sa29qq-s6MhL4mOhSTzjv3uCnqi8hrxJU7_yR2mJhPv7zkUZoOm9nE2ViGh1-EyPV2hkXMhxniDkOptDo&sai=AMfl-YRIDBncqxbZmNgDLl2ruc_mSCgsRNz38yxnYMRDGkAy-SkC-hGyOjLDaNWZj70Ln4woUBZJt5NSrDS5chu_kqVG_YYG7YzI985Qt70o&sig=Cg0ArKJSzMjZABsnlnIBEAE&urlfix=1&adurl=

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Thu, 20 Feb 2020 17:52:35 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:35 GMT

GET
H/1.1 200
OK ttj Show response
ib.3lift.com/ Frame A5F5 8 KB
3 KB 1520ms
44ms Script
application/javascript 143.204.202.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/ttj?inv_code=powerball_desktop_970x250
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.23 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-23.fra53.r.cloudfront.net
Software: /
Resource Hash: 24b306a6ee219c34e039771a1f1c0bb51252ec1afa183bb8740f2e68c113bca0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 20 Feb 2020 17:52:36 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA53-C1
ETag: "ee57ef5625f021a0972330ca1c2767bf"
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=utf-8
Via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
Cache-Control: public, max-age=900
Connection: keep-alive
Content-Length: 2755
X-Amz-Cf-Id: kyuQWKL_s_Pv_xVR_rkrilIUV_F7EkQaz_emYQDmIfmo5OTvO73fhg==

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame A5F5 71 KB
27 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b7f95ea376c84f25dd1359009f53c0a00a2999c897fde63e84d8384c019f614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582122122802407"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27379
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:35 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E21 73 KB
27 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

753def12fae8722bef366a340b5ab7c34a15c8cd8432cdddb30d8f91ab987b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582122122802407"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27674
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:35 GMT

GET
H2 200 notify
tlx.3lift.com/header/ Frame A5F5 37 B
183 B 79ms
79ms Image
image/gif 3.123.135.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/header/notify?px=1&pr=0.345&ts=1582221154&aid=158715717432129345990&ec=4945_66498_343320_ssl&n=GpIDaHR0cDovL3J0Yi1ldS5tZmFkc3J2ci5jb20vaW1wX3Mycy92MS8wdzhqd2NNWmVQNXpyZ3dCa1RkQU5jNXA4YlRlSUk1U1BhdjZYdzBtN1hHT0dWcTVfMi1BVjZQb1VBTzhRTkdyUXlQOWNyVV94LWtVMC11QlBReDFlOU9qajg3bFVoNzE3MllQdjJSNS1rMGhvQ05IdkowLUlPbnYwYWRUd0gwSXJQR1VCdXRWSXZHMDlNc2NhQlFUU0ZBdWpCdG9IdENlM2tqdUZIRVJfUVdQQjlJTXhqSmdKeURJX1ViRnZNZnJWNlh6RGJjTDgzeElsSG5sVXctZURrcnBlMnhHT0t1WVhFQTJKMllkWnBfdlhEeGw1QWRYNE9yeDlqSE9sdFJQdHltd1BYNm53ZzZBd3kyQ0hQdTU5YXFyd0VmRjNlMVFvU2NwMjRMRmpIUm5iejZONUZOcEdjVzhuNG1PM3dNU0c0dVVxczZKX2tBdjlMcldQYnNmYVVWQ2tYUEo3RGhWRnZ1XzV3LzAuNDMy8gKfAQgAEhUxNTg3MTU3MTc0MzIxMjkzNDU5OTAYACABKNEmMMKHBEABSABQAGABaABwxtkZkAEAmAEAqAGlqY4FsAGwA7gBAMAB2QLIAbAD4AEK8AEA%2BAGwA4AC2QKIAgqRAgAAAAAAAPA%2FmQKamZmZmZnJP6ECAAAAAAAA8D%2BoAgCwAgDIAgLYAgDxAq5H4XoUru8%2F%2BALRJpADApgDAKADAPgCDIgDAJIDBDMxYWM%3D
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.135.36 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-135-36.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
content-length: 37
content-type: image/gif

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8E21 7 KB
5 KB 20ms
20ms XHR
application/json 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020021802&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020021802.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

674da3a2254b3d0b424d2a8e3641180336318a7859d589bd4b58bdf1f7fad0c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5186
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4AE2 21 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580338855439378"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:35 GMT

GET
H2

302

ADTECH;apid=1Ac6c37764-5409-11ea-bbe7-12eca44d2d72;cfp=1;rndc=1582221155;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 84FB
Redirect Chain

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidflo...
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1Ac6c37764-5409-11ea-bbe7-12eca44d2d72;cfp=1;rndc=1582221155;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;b...

0
-1 B

93ms
93ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1Ac6c37764-5409-11ea-bbe7-12eca44d2d72;cfp=1;rndc=1582221155;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: nginx
access-control-allow-origin: null
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1Ac6c37764-5409-11ea-bbe7-12eca44d2d72;cfp=1;rndc=1582221155;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1Ac6c37764-5409-11ea-bbe7-12eca44d2d72;cfp=1;rndc=1582221155;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;apid=1Ac6c87c32-5409-11ea-b811-12359aeea65a;cfp=1;rndc=1582221155;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 4F27
Redirect Chain

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidflo...
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1Ac6c87c32-5409-11ea-b811-12359aeea65a;cfp=1;rndc=1582221155;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;b...

0
-1 B

99ms
99ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1Ac6c87c32-5409-11ea-b811-12359aeea65a;cfp=1;rndc=1582221155;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: nginx
access-control-allow-origin: null
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1Ac6c87c32-5409-11ea-b811-12359aeea65a;cfp=1;rndc=1582221155;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1Ac6c87c32-5409-11ea-b811-12359aeea65a;cfp=1;rndc=1582221155;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8E21 21 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580338855439378"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:35 GMT

GET
H2

302

ADTECH;apid=1Ac6c846ae-5409-11ea-825a-120ea4e1ae80;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 0361
Redirect Chain

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidflo...
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1Ac6c846ae-5409-11ea-825a-120ea4e1ae80;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;b...

0
-1 B

97ms
97ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1Ac6c846ae-5409-11ea-825a-120ea4e1ae80;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: nginx
access-control-allow-origin: null
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1Ac6c846ae-5409-11ea-825a-120ea4e1ae80;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1Ac6c846ae-5409-11ea-825a-120ea4e1ae80;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/206/ Frame E5AF 0
0 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/206/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4624
date: Thu, 20 Feb 2020 16:55:25 GMT
expires: Fri, 19 Feb 2021 16:55:25 GMT
last-modified: Tue, 19 Nov 2019 17:13:16 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3430
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/206/ Frame F6F8 0
0 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/206/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4624
date: Thu, 20 Feb 2020 16:55:25 GMT
expires: Fri, 19 Feb 2021 16:55:25 GMT
last-modified: Tue, 19 Nov 2019 17:13:16 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3430
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2

302

ADTECH;apid=1Ac6cd62e2-5409-11ea-8169-12e650fea264;cfp=1;rndc=1582221155;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 8A3D
Redirect Chain

https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidflo...
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1Ac6cd62e2-5409-11ea-8169-12e650fea264;cfp=1;rndc=1582221155;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;b...

0
-1 B

99ms
99ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1Ac6cd62e2-5409-11ea-8169-12e650fea264;cfp=1;rndc=1582221155;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: nginx
access-control-allow-origin: null
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1Ac6cd62e2-5409-11ea-8169-12e650fea264;cfp=1;rndc=1582221155;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1Ac6cd62e2-5409-11ea-8169-12e650fea264;cfp=1;rndc=1582221155;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1Ac6c37764-5409-11ea-bbe7-12eca44d2d72;cfp=1;rndc=1582221155;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 84FB 945 B
1 KB 353ms
353ms XHR
application/json 152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1Ac6c37764-5409-11ea-bbe7-12eca44d2d72;cfp=1;rndc=1582221155;v=2;cmd=bid;cors=yes;alias=135940d948f10ea;misc=1582221154514;bidfloor=0.3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 85c740bbec4b189d8872f222d4428ec29f6e34f86f116e186a171234971748e7

Request headers

Referer: https://www.powerball.com/
Origin: null
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 945
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1Ac6c846ae-5409-11ea-825a-120ea4e1ae80;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 0361 944 B
1 KB 133ms
132ms XHR
application/json 152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1Ac6c846ae-5409-11ea-825a-120ea4e1ae80;cfp=1;rndc=1582221154;v=2;cmd=bid;cors=yes;alias=134415820b144b2;misc=1582221154609;bidfloor=0.3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: f940a2e54d757140229885b43423a1ba1dfdbeb12a9f77b69ed159997e71821e

Request headers

Referer: https://www.powerball.com/
Origin: null
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 944
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1Ac6c87c32-5409-11ea-b811-12359aeea65a;cfp=1;rndc=1582221155;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 4F27 945 B
1 KB 135ms
134ms XHR
application/json 152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1Ac6c87c32-5409-11ea-b811-12359aeea65a;cfp=1;rndc=1582221155;v=2;cmd=bid;cors=yes;alias=13a1adb6934f894;misc=1582221154576;bidfloor=0.3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 14141eb1e4aa392a2afe7ea36ade7ea1406fc98be16d2f48ede7a92b94d07f38

Request headers

Referer: https://www.powerball.com/
Origin: null
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 945
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1Ac6cd62e2-5409-11ea-8169-12e650fea264;cfp=1;rndc=1582221155;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 8A3D 944 B
1 KB 361ms
361ms XHR
application/json 152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1Ac6cd62e2-5409-11ea-8169-12e650fea264;cfp=1;rndc=1582221155;v=2;cmd=bid;cors=yes;alias=13d22079b9d9658;misc=1582221154686;bidfloor=0.3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: ef75d377d4e2ffbf694134d2f4f7d1eb6b6ca7b6fabcd79b2b0057fd1f71de92

Request headers

Referer: https://www.powerball.com/
Origin: null
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 944
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AE2 0
59 B 15ms
15ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=206&t=2&li=gpt_2020013001&jk=1576544880911809&bg=!ysmlydFYElwInupauuICAAAATlIAAAAXmQF4oZ2_px2bCum-k5vuI0WeTBL7XyeFIEfmKIxxkVlebSMNDqRmdwKMS-TZjq6rpT0jXew5HdGP04A6-kknP2eChyXRk4pZ6_2VPc3nnoJ4jaajtco9TjOcruy6NJwtHqGS6aFMaAPQZIrYQ2VnxqdBneM8yP9MvMRDsNhDA03F4sPVVeYogWnNlXVJVlxRiBtmjKyPIfH2WCumjaIgT1pFjX1a06grPzkn0qM36sn22j8SFBQj1sbMJqcpjSpg2as4H_l61xqx4nvWVtxwbF5LcZPbjpixr4CtxTMGjqzvwxEJKtWnmgGJum9a14JQU1vQTQ-DB2PfCFP39qxk7BdtRrLOR8ciljGRz6jB740lVYrt_kaMj51zn33jlNTu3u9fBVhluUpS-jsD4t-TFHHU_hmk-F_P2fGe9M-OVmUzDGlnWyP7b0CHW0CXBT6g0cuSGk-SceNeJR3fKemiWR_wzT_ctwur5O4HSiPbrgc-ZdV3oTs0a9BKrw

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E21 0
59 B 15ms
15ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=206&t=2&li=gpt_2020021802&jk=3156965395163289&bg=!HR6lHgZYTkVVsgrLvDsCAAAARVIAAAAPmQF40ev9vrrcj0k1DBvUYKgfM1AXpSMnPdebJGWu9NZJ2aBLC7MO6vbnqW4f5HKx_yFE68Vq_mxocBgGeXnNbvgCJtPII219JZd7VSNEElyyxYyvURiV9oegDhyAv-3HYK40BCneriNDRS_KyWPrsUWZNs_XW7fah4kClRx6WmUpQdPuzokx-eoDQHN7ud9Zos1Ih5bpr75e9cluB482-1Ofm9Lx0w9rF4UqfVsfB_kgO_rYBYUD8S-Q3JDFlvFzz0ftQTATeQZELRb5mD40Nwr083Py0Odnc5Mk69wkBum-mqu5XQoflmyygGEFScdnlbhKBPvJerVqSYHp-psrP5kXa18bKHZGpHJ6xrXGe1KPNf9IPkL13XZ_7GIeF5mcB8ldI0cKkKZJzchn2KuCwGlhK1811WyIa8O6cfykO1nzUFqNbNu2wMAkkqj6YQhHH-ovycgQjzSNg253dMQh0tOAcxxqJ8gJjFCK_cDyOMFED1F_oVCNpwGeOw

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:35 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0361 3 KB
2 KB 234ms
233ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1750967540235636&correlator=3134223053926116&output=ldjh&impl=fifs&adsid=NT&eid=21065390%2C21065304%2C21065305&vrg=2020013001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200220&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DAPST04010385POWB3003__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D300x250_0%252Chb-bid-3add6164cd1a63&eri=1&cookie=ID%3D4d5783227ec5d481%3AT%3D1582221155%3AS%3DALNI_MaI-YgeB-mWkBUTicJZjxAazgFutA&cookie_enabled=1&cdm=www.powerball.com&bc=31&abxe=1&lmt=1582221155&dt=1582221155649&dlt=1582221154205&idt=951&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adxs=433&adys=4111&adks=1992055404&ucis=hdejxp2kg16u&ifi=1&ifk=3672954154&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.powerball.com%2F&top=https%3A%2F%2Fwww.powerball.com%2F%23winning-numbers&dssz=11&icsg=2724&mso=4&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1845920512.1582221154&ga_sid=1582221156&ga_hid=752032957&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

40dd7f11e74fa3b11379d921b20a3701d29e0f2d09f4566cedcaf185b774dd2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1941
x-xss-protection: 0
google-lineitem-id: 5293712860
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138303009295
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0361 66 KB
24 KB 93ms
92ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24903
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:35 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 0361 0
0 5ms
5ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4F27 3 KB
2 KB 145ms
144ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3775658743200992&correlator=1395533741428769&output=ldjh&impl=fifs&adsid=NT&eid=21065516%2C21065304&vrg=2020013001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200220&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DAPST04010385POWB3002__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D300x250_0%252Chb-bid-36bb1a054aa8ab&eri=1&cookie=ID%3D4d5783227ec5d481%3AT%3D1582221155%3AS%3DALNI_MaI-YgeB-mWkBUTicJZjxAazgFutA&cookie_enabled=1&cdm=www.powerball.com&bc=31&abxe=1&lmt=1582221155&dt=1582221155657&dlt=1582221154192&idt=994&ea=0&frm=23&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1986902392&ucis=r1k6wboowvwy&ifi=1&ifk=2743823900&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.powerball.com%2F&top=https%3A%2F%2Fwww.powerball.com%2F%23winning-numbers&dssz=11&icsg=2724&mso=4&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1845920512.1582221154&ga_sid=1582221156&ga_hid=1070993266&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

e0ebc93f0d274efd0ba7a032ce0f0bbbbcc886dab554bc9b94279d313e925dfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1941
x-xss-protection: 0
google-lineitem-id: 5293712860
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138303009295
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4F27 66 KB
24 KB 94ms
94ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24903
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:35 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 4F27 0
0 6ms
5ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame E308 0
0 71ms
70ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnHbnadvtj63Q8YsPJ0tTMlLHocMqKfOJZqgr3oNtOrjPtTPXFxOxmIkkP7XWv3fTpTGmX3yhzgp5S_S-BCOivUoHElf5BwUyZqjEgKT87TsEZK7CCZWJZfE5DM4LM-ratOzVzj5QMXw5qeYypigod1f0NVk6iiVaF014BMNvcQ8sqBSlTD5jcg82b1Zqn8U8bsxe1VXhvUKly_UDwTWuBpdj3OzWmdvGi98K-JKjMcjzZOXd3Gem2XOPurESql3-yAiUGIq6zDcPlZkDZRw&sig=Cg0ArKJSzCu-7wkRcXvREAE&urlfix=1&adurl=

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Thu, 20 Feb 2020 17:52:35 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 wowyowdisplay300x250desktop.js Show response
deio3v2go54x9.cloudfront.net/ Frame E308 442 B
775 B 53ms
28ms Script
application/javascript 2600:9000:2057:9000:e:ff8:b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deio3v2go54x9.cloudfront.net/wowyowdisplay300x250desktop.js
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:9000:e:ff8:b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46186939915707d85ad90276bbb49596af9e77af068523618d88f35a3a29a550

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 21:54:10 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
last-modified: Fri, 31 Jan 2020 15:31:53 GMT
server: AmazonS3
age: 52276
etag: "169217f2388de4afdc7ca2340f85bef3"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 442
x-amz-cf-id: vLsHvtz0EPoZDiCrKOu6pDJVkNUBANm1inE4-4rMhiBQvkKLWPC0-w==

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame E308 71 KB
27 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b7f95ea376c84f25dd1359009f53c0a00a2999c897fde63e84d8384c019f614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582122122802407"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27379
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:35 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F27 73 KB
27 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

753def12fae8722bef366a340b5ab7c34a15c8cd8432cdddb30d8f91ab987b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582122122802407"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27674
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:35 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 84FB 3 KB
2 KB 176ms
176ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1791488754048248&correlator=2970008319177719&output=ldjh&impl=fifs&adsid=NT&eid=21062453%2C21065305&vrg=2020013001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200220&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DAPST04010385POWB3001__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D300x250_0%252Chb-bid-37e1ac980bfe2a&eri=1&cookie=ID%3D4d5783227ec5d481%3AT%3D1582221155%3AS%3DALNI_MaI-YgeB-mWkBUTicJZjxAazgFutA&cookie_enabled=1&cdm=www.powerball.com&bc=31&abxe=1&lmt=1582221155&dt=1582221155838&dlt=1582221154181&idt=958&ea=0&frm=23&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1990784575&ucis=ww8aapu7627m&ifi=1&ifk=2743823900&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.powerball.com%2F&top=https%3A%2F%2Fwww.powerball.com%2F%23winning-numbers&dssz=11&icsg=2724&mso=4&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1845920512.1582221154&ga_sid=1582221156&ga_hid=684041382&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

03b97ddafe1ec5e7b0d2758e7d54c2fcdea648e30f4e7a9613e1666f63199a7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1941
x-xss-protection: 0
google-lineitem-id: 5293712860
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138303009295
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 84FB 66 KB
24 KB 96ms
95ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24903
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:35 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 84FB 0
0 6ms
5ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1EDC 0
0 69ms
69ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrp1IsnaFZe4BISIWx_IoqtYhlcYpyTFfkrQ4xpai04owPIDH4UErCvwlZr9Qa6tZEs68QawH-BOIVovcfeaOrj_Lg_XiICFDkpYCiIBJw_Iv-BVtXpcUc04u3mk35uvpUWTSnEeDoQn28Sjeu5e6WphyMHqROiXsjcGcSfsEbrIk32RSycq88O3Gnoaa6bpgNg7g3dTjfpxT4UoiWgL_Ye7Ck6NOCt8ej1Hj3loo4lz0YJuB89968zPKM_U5c0vB4QkpA39tMbhXsOZ0cRQ&sig=Cg0ArKJSzBeyyaEqQ-4gEAE&urlfix=1&adurl=

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Thu, 20 Feb 2020 17:52:35 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 wowyowdisplay300x250desktop.js Show response
deio3v2go54x9.cloudfront.net/ Frame 1EDC 442 B
775 B 7ms
7ms Script
application/javascript 2600:9000:2057:9000:e:ff8:b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deio3v2go54x9.cloudfront.net/wowyowdisplay300x250desktop.js
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:9000:e:ff8:b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46186939915707d85ad90276bbb49596af9e77af068523618d88f35a3a29a550

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 21:54:10 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
last-modified: Fri, 31 Jan 2020 15:31:53 GMT
server: AmazonS3
age: 52276
etag: "169217f2388de4afdc7ca2340f85bef3"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 442
x-amz-cf-id: 4alADrepvu4rZH9GMKCQfRuO5i1FsJ2O91B7JZkWwfzIY4Csb_-3gw==

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1EDC 71 KB
27 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b7f95ea376c84f25dd1359009f53c0a00a2999c897fde63e84d8384c019f614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582122122802407"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27379
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:35 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0361 73 KB
27 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

753def12fae8722bef366a340b5ab7c34a15c8cd8432cdddb30d8f91ab987b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582122122802407"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27674
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:35 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0361 7 KB
5 KB 18ms
17ms XHR
application/json 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020013001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c7a11561924e27598d9e3975e5e8491aed48c6a64ef2df27d574c65e56608da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5232
x-xss-protection: 0

GET
H/1.1 200
OK wowyowdisplay300x250desktop.php
wowyowapi.com/ Frame A4A2 0
0 692ms
164ms Document
text/html 35.162.11.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wowyowapi.com/wowyowdisplay300x250desktop.php?u=fb243434-6d38-f6b6-4543-c462ef8458dc
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.162.11.246 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-162-11-246.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Host: wowyowapi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.powerball.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/

Response headers

access-control-allow-origin: *
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Thu, 20 Feb 2020 17:52:36 GMT
Server: Apache
Content-Length: 908
Connection: keep-alive

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8A3D 3 KB
2 KB 136ms
136ms XHR
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3054550076963&correlator=2376123346824139&output=ldjh&impl=fifs&adsid=NT&eid=21065304&vrg=2020013001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200220&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DAPST04010385POWB3004__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D300x250_0%252Chb-bid-34d7107a0256dd&eri=1&cookie=ID%3D4d5783227ec5d481%3AT%3D1582221155%3AS%3DALNI_MaI-YgeB-mWkBUTicJZjxAazgFutA&cookie_enabled=1&cdm=www.powerball.com&bc=31&abxe=1&lmt=1582221155&dt=1582221155913&dlt=1582221154218&idt=932&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adxs=853&adys=4111&adks=1443960515&ucis=x1dduabritnw&ifi=1&ifk=3672954154&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.powerball.com%2F&top=https%3A%2F%2Fwww.powerball.com%2F%23winning-numbers&dssz=11&icsg=2724&mso=4&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1845920512.1582221154&ga_sid=1582221156&ga_hid=888211753&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

6c50468e92cc650063d9e5b232e7d4090b97ba4d074cdc9765f0926bbbba4fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 20 Feb 2020 17:52:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1943
x-xss-protection: 0
google-lineitem-id: 5293712860
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138303009295
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8A3D 66 KB
24 KB 92ms
92ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

sffe /

Resource Hash

ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24903
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:35 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 8A3D 0
0 6ms
5ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H/1.1 200
OK wowyowdisplay300x250desktop.php
wowyowapi.com/ Frame D614 0
0 844ms
164ms Document
text/html 35.162.11.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wowyowapi.com/wowyowdisplay300x250desktop.php?u=fb243434-6d38-f6b6-4543-c462ef8458dc
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.162.11.246 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-162-11-246.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Host: wowyowapi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.powerball.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/

Response headers

access-control-allow-origin: *
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Thu, 20 Feb 2020 17:52:36 GMT
Server: Apache
Content-Length: 908
Connection: keep-alive

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0361 21 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580338855439378"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:35 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/206/ Frame 9EAA 0
0 6ms
5ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/206/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4624
date: Thu, 20 Feb 2020 16:55:25 GMT
expires: Fri, 19 Feb 2021 16:55:25 GMT
last-modified: Tue, 19 Nov 2019 17:13:16 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3430
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
DATA 200
OK truncated
/ Frame 1EDC 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 584e784a3826890065adfa7a71638b191c33390154e5a07cc70ebe15e12d6beb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 79AA 0
0 73ms
72ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaQTN5sY5KuKgo4rPM00gvkys_yb_nXD8_ReBaCWQWpwAyLOrCAGL1C9TGpqWssev26Sh7OvVeGutsqA6dfKFZq-QRrx_Yz2dn-JN_QZkmJyDu2Oi9MN7A0yi7jtp9asMRCxQd8brWlDnN1rFoSu-5ACyCRtaVqpVXJwAcybKIWea75sszw_0-EFovuifUy4ChmYxZ0jtNehmqeuDHV1AZun8ff4Lz--CywBTkx3gYbI4qG3p71TMLstLL8hNaA3GHwtLapwo4q7q2PytlnQ&sig=Cg0ArKJSzP7wLJX0RL22EAE&urlfix=1&adurl=

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Thu, 20 Feb 2020 17:52:36 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 wowyowdisplay300x250desktop.js Show response
deio3v2go54x9.cloudfront.net/ Frame 79AA 442 B
776 B 6ms
6ms Script
application/javascript 2600:9000:2057:9000:e:ff8:b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deio3v2go54x9.cloudfront.net/wowyowdisplay300x250desktop.js
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:9000:e:ff8:b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46186939915707d85ad90276bbb49596af9e77af068523618d88f35a3a29a550

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 21:54:10 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
last-modified: Fri, 31 Jan 2020 15:31:53 GMT
server: AmazonS3
age: 52277
etag: "169217f2388de4afdc7ca2340f85bef3"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 442
x-amz-cf-id: FKM8mW6Ex52m__eTwGQNXD5MFCV7UqWomZqitMVFyo8HjxUh6Hlpgw==

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 79AA 71 KB
27 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b7f95ea376c84f25dd1359009f53c0a00a2999c897fde63e84d8384c019f614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582122122802407"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27379
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:36 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 84FB 73 KB
27 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

753def12fae8722bef366a340b5ab7c34a15c8cd8432cdddb30d8f91ab987b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582122122802407"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27674
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:36 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 84FB 7 KB
5 KB 21ms
20ms XHR
application/json 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020013001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1492be9dc88113f5cd57adb359bf1fdc999bc645338449525ec8c4d6de8bce9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
Origin: https://www.powerball.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 Feb 2020 17:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5267
x-xss-protection: 0

GET
H/1.1 200
OK wowyowdisplay300x250desktop.php
wowyowapi.com/ Frame 9DEB 0
0 891ms
164ms Document
text/html 35.162.11.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wowyowapi.com/wowyowdisplay300x250desktop.php?u=fb243434-6d38-f6b6-4543-c462ef8458dc
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.162.11.246 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-162-11-246.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Host: wowyowapi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.powerball.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/

Response headers

access-control-allow-origin: *
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Thu, 20 Feb 2020 17:52:36 GMT
Server: Apache
Content-Length: 908
Connection: keep-alive

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0361 0
68 B 15ms
14ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=206&t=2&li=gpt_2020013001&jk=1750967540235636&bg=!JiWlJT1YtBaYBUqu8zsCAAAAOVIAAAAJmQF4KFSarx-YePHZ9yhuOg8Jf9tSGFCfmse7_njwPiI2t1VLH9E467lbUO7SKq_bNraY62sSKk8XQTAFWn1tH8jA4BR8veHI5sgPbqcRVFrKvKG7uL1K1WtvC04DhXYhCFjNqd4XERltMvtwq3pStd5Fyr4HDXIdoJEuHi405eR_bII6Wz8MaDK6p1_2MFrcsrrptlAG557gacDsctXQcloqjT7UlPuDqVBdVEjRtrp7lYPywmZm0M_pMny35y4i00VQHKyh8FpjUcgltMp8jrB-MN5IU7B75mvcUHf6vAW-RFza4607RqsZlelakVismpQv3OnXrGseM3MNw97cdvtQHjokRk73aIDO3myprHyssDMfw6ntvmjQpwjijrvICiCXtXDKof-Q3jqQqVQNtkd_iAQSgknlv768C4yUwAFRARBJHtjjlkyFLdaA_bi1IqEigH8oiO0VZ12sCS4Ah_sVYx55KvdV-S4uOUuIOaIXDvcEs3CP879PCQ

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:36 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 53DD 0
0 71ms
70ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsty1iRxNvQ4Aukx0QeuSytxyab1vCB6iu_1XkooOOqR6ENDMX9JSCMzfLqQcnbMuRbBSiwXZAazXKGRbZZQhQXrERRgS6t2K-nTrgnCJca7IPEBSLmT916F1Dkh-S5AexUORksVniUGgFX8VktqvthajQfQyVrrwOJjzC7MpZlfzqG1oaV41mxcxPto55Bf01YX1d234Hio_-sOft5JleKKnKHOpSyfgk1sneNg_iXPjxILARjv76ItK67OgBsX4iKkmqslS4HHQNWCZ8iS3w&sig=Cg0ArKJSzCNmk3i8KrfJEAE&urlfix=1&adurl=

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Thu, 20 Feb 2020 17:52:36 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 wowyowdisplay300x250desktop.js Show response
deio3v2go54x9.cloudfront.net/ Frame 53DD 442 B
775 B 7ms
6ms Script
application/javascript 2600:9000:2057:9000:e:ff8:b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deio3v2go54x9.cloudfront.net/wowyowdisplay300x250desktop.js
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:9000:e:ff8:b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46186939915707d85ad90276bbb49596af9e77af068523618d88f35a3a29a550

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 21:54:10 GMT
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
last-modified: Fri, 31 Jan 2020 15:31:53 GMT
server: AmazonS3
age: 52277
etag: "169217f2388de4afdc7ca2340f85bef3"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 442
x-amz-cf-id: kg1bnuLgoGBKUpWxilAurtlwnwvg_vHXuAx9pDLQuFYNOuYnJa1IsA==

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 53DD 71 KB
27 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b7f95ea376c84f25dd1359009f53c0a00a2999c897fde63e84d8384c019f614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582122122802407"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27379
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:36 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A3D 73 KB
27 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

753def12fae8722bef366a340b5ab7c34a15c8cd8432cdddb30d8f91ab987b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582122122802407"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27674
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:36 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 84FB 21 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 20 Feb 2020 17:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580338855439378"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
expires: Thu, 20 Feb 2020 17:52:36 GMT

GET
H/1.1 200
OK wowyowdisplay300x250desktop.php
wowyowapi.com/ Frame 8916 0
0 992ms
164ms Document
text/html 35.162.11.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wowyowapi.com/wowyowdisplay300x250desktop.php?u=fb243434-6d38-f6b6-4543-c462ef8458dc
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.162.11.246 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-162-11-246.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Host: wowyowapi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.powerball.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/

Response headers

access-control-allow-origin: *
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Thu, 20 Feb 2020 17:52:37 GMT
Server: Apache
Content-Length: 908
Connection: keep-alive

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/206/ Frame 1984 0
0 6ms
5ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/206/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4624
date: Thu, 20 Feb 2020 16:55:25 GMT
expires: Fri, 19 Feb 2021 16:55:25 GMT
last-modified: Tue, 19 Nov 2019 17:13:16 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3431
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
DATA 200
OK truncated
/ Frame 53DD 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb5b25c4d94fb533eb3ce857caccc5db1ea506905674352b60305ae9c003249e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 84FB 0
59 B 15ms
15ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=206&t=2&li=gpt_2020013001&jk=1791488754048248&bg=!oqGloblYWC4xeMu3LFMCAAAAOVIAAAAJmQF4NqqRayaqTg2TkcbZxqd6sDFnDbBYVz0yb4W9PDCMadFySTaJnLn_H2A_9ZDLMGGq3Quod-LDLhBeqx_rpDP03ynylOxj92LJ5lDyRsafRLzxmOOMKEqjGh1gjD9DskQ6N1CsHF77VAarc7CifWwnpLn8E5_KPQ0FvjrN79KLFJLpU-IsqQ2hTGW-qAB_Y-hCOelSGNpnhbD8JCPUQfuYVKIxYq5z2lHh403pmOvQgKlIoui6JcvEW9PLJIuTS8n6S4NUJ4OFi4IxyXTtW6hzhIlww7SpeZaxolVV3trPyGSAMU08DTqfvtWSI0vy9ig1qiRpYFcYSA22cjEHYwmSU_t3oK5FXn0aRbUmVGs5paY3LTXUUl47qw3B5k8IZRE8xwCghEl63_dXvxqhftzo2uv0AkNeY-FsWSSAx_wPKTRTXqN4YCZvrjCihLBEmjTgWG5iG7OeSv-U5HfHy2y4ZRx4zQK9ZAaR5exp840EIcM8H-nJVDCHvA

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:36 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bundle.js Show response
ib.3lift.com/rev/f09bc5f35b1e2426f37683ef88fa3b50285cc50b/dist/ 218 KB
69 KB 76ms
34ms Script
text/javascript 143.204.202.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/f09bc5f35b1e2426f37683ef88fa3b50285cc50b/dist/bundle.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.23 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-23.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52e76d18f61a3937790f71e9d78022aa943e69cbacf60de9c11a882b9180d272

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 19 Feb 2020 16:01:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Feb 2020 16:01:40 GMT
Server: AmazonS3
Age: 93047
ETag: "51d1cf5fa834a11f1547cb800b2930ca"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000, immutable
X-Amz-Cf-Pop: FRA53-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70254
X-Amz-Cf-Id: zekW98Yia8zvKpZOzjWobLidQcROeRLrKtO27Dt0Y648a12TxWvR_Q==

GET
DATA 200
OK truncated
/ Frame 6972 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c89f7b33ec35e7b57398a3fb07671ca1bd2c74ef315a7ecf0df9ce0711bec00

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A5F5 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fff27b27aa389954cab592d1233edd48d934b9b2d10c4bbaf4886993cd7fff1d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 r
eb2.3lift.com/ 37 B
139 B 592ms
61ms Image
image/gif 52.57.79.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=powerball_desktop_970x250&aid=161213508188684666070&rev=f09bc5f&bc=0.663&uid=10103597430521641840&pr=un&brid=421062&bmid=4945&ts=1582221154&sid=66498&unid=0&domain=www.powerball.com&ref=https%253A%252F%252Fwww.powerball.com%252F%2523winning-numbers&rr=creative&fid=1&rb=0&g=0&cb=68321
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.79.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-79-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Thu, 20 Feb 2020 17:52:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://rtb-eu.mfadsrvr.com/sync?ssp=triplelift&seller_network=triplelift_&bid_id=aa95396c-0c43-4e68-868b-8b3bf8fb964e&initiator=me
https://rtb-eu.mfadsrvr.com/ul_cb/sync?ssp=triplelift&seller_network=triplelift_&bid_id=aa95396c-0c43-4e68-868b-8b3bf8fb964e&initiator=me
https://eb2.3lift.com/xuid?mid=4945&xuid=6929d78b-82f6-463d-9995-f86a167fe078&dongle=31ac
https://eb2.3lift.com/xuid?ld=1&mid=4945&xuid=6929d78b-82f6-463d-9995-f86a167fe078&dongle=31ac&gdpr=1&cmp_cs=&us_privacy=

37 B
353 B

63ms
62ms

Image
image/gif

52.57.79.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4945&xuid=6929d78b-82f6-463d-9995-f86a167fe078&dongle=31ac&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.79.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-79-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 20 Feb 2020 17:52:37 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 37
content-type: image/gif

Redirect headers

status: 302
date: Thu, 20 Feb 2020 17:52:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: /xuid?ld=1&mid=4945&xuid=6929d78b-82f6-463d-9995-f86a167fe078&dongle=31ac&gdpr=1&cmp_cs=&us_privacy=
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 r
eb2.3lift.com/ 37 B
139 B 593ms
62ms Image
image/gif 52.57.79.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=powerball_desktop_970x250&aid=158715717432129345990&rev=f09bc5f&bc=0.432&uid=184985255511959075&pr=un&brid=421062&bmid=4945&ts=1582221154&sid=66498&unid=0&domain=www.powerball.com&ref=https%253A%252F%252Fwww.powerball.com%252F%2523winning-numbers&rr=creative&fid=1&rb=0&g=0&cb=49337
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.79.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-79-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Thu, 20 Feb 2020 17:52:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://rtb-eu.mfadsrvr.com/sync?ssp=triplelift&seller_network=triplelift_&bid_id=fc82fbb4-6cc3-435b-aa3e-a165a6284f38&initiator=me
https://rtb-eu.mfadsrvr.com/ul_cb/sync?ssp=triplelift&seller_network=triplelift_&bid_id=fc82fbb4-6cc3-435b-aa3e-a165a6284f38&initiator=me
https://eb2.3lift.com/xuid?mid=4945&xuid=64234bff-ddaa-4a0d-a358-4147d026c5b7&dongle=31ac
https://eb2.3lift.com/xuid?ld=1&mid=4945&xuid=64234bff-ddaa-4a0d-a358-4147d026c5b7&dongle=31ac&gdpr=1&cmp_cs=&us_privacy=

37 B
353 B

64ms
64ms

Image
image/gif

52.57.79.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4945&xuid=64234bff-ddaa-4a0d-a358-4147d026c5b7&dongle=31ac&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.79.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-79-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 20 Feb 2020 17:52:37 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 37
content-type: image/gif

Redirect headers

status: 302
date: Thu, 20 Feb 2020 17:52:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: /xuid?ld=1&mid=4945&xuid=64234bff-ddaa-4a0d-a358-4147d026c5b7&dongle=31ac&gdpr=1&cmp_cs=&us_privacy=
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK lp Show response
img.3lift.com/ Frame C6DB 124 B
604 B 991ms
138ms Script
text/plain 143.204.202.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.3lift.com/lp?width=600&height=338&url=%2F%2Fimages.3lift.com%2F5613819.png&logo_exclude=SE,SW&v=17
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.48 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-48.fra53.r.cloudfront.net
Software: /
Resource Hash: 497422bfc1390dbfe84dc41ec10d820d82869620e55ac244797bb38fd230ac17

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 20 Feb 2020 17:52:37 GMT
Via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf567.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 20 Feb 2020 17:52:37 GMT
X-Amz-Cf-Pop: FRA53-C1
X-Cache: Miss from cloudfront
Content-Type: text/plain; charset=utf-8
Cache-Control: public, max-age=259200
X-Rev: b31a5dc
Content-Length: 124
X-Amz-Cf-Id: LNhvjarIA1PjuTjO-Gh_8wbJ5krNUKxfLHaXfMV3p52fbDAz_TnAyw==
X-Served-By: imagerender6.us_east.prod

GET
H/1.1 200
OK lp Show response
img.3lift.com/ Frame 974A 125 B
605 B 1263ms
281ms Script
text/plain 143.204.202.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.3lift.com/lp?width=600&height=338&url=%2F%2Fimages.3lift.com%2F10720421.jpg&logo_exclude=SE,SW&v=17
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.48 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-48.fra53.r.cloudfront.net
Software: /
Resource Hash: 3cac1c68b38e0dc5bd98898b38e667c9034ca79a0058eabe81fc1a37e3475269

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 20 Feb 2020 17:52:38 GMT
Via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf567.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 20 Feb 2020 17:52:38 GMT
X-Amz-Cf-Pop: FRA53-C1
X-Cache: Miss from cloudfront
Content-Type: text/plain; charset=utf-8
Cache-Control: public, max-age=259200
X-Rev: 367eeaf
Content-Length: 125
X-Amz-Cf-Id: QUCbXGVHq9zcPvz5jVNL4j7s0SdFPcUhnIW8r4X2TItXREcUR82Fxg==
X-Served-By: imagerender1.us_east.prod

GET
H/1.1 200
OK /
img.3lift.com/ 37 KB
38 KB 1314ms
234ms Image
image/jpeg 143.204.202.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.3lift.com/?width=600&height=338&url=%2F%2Fimages.3lift.com%2F5613819.png&logo_exclude=SE,SW&v=17
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.48 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-48.fra53.r.cloudfront.net
Software: /
Resource Hash: ad23040af6c829b8804f1a1da48d1fe6e8aa1029f3743751a1048bac71922b5d

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 20 Feb 2020 17:52:38 GMT
Via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: FRA53-C1
ETag: "3b7fd586970a0d5d2a402eb891d1d610"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=2592000
X-Rev: 367eeaf
Content-Length: 38263
X-Amz-Cf-Id: I0W-gBRrSGshjFvruhuRcBqqMz6JFOX0vvBm-QLevfcyG9KBX72Q5w==
X-Served-By: imagerender2.us_east.prod

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9477c7c5e3bde8486b460eae7c614096db478d2fe558511545769acf955b1883

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK /
img.3lift.com/ 50 KB
50 KB 1909ms
647ms Image
image/jpeg 143.204.202.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.3lift.com/?width=600&height=338&url=%2F%2Fimages.3lift.com%2F10720421.jpg&logo_exclude=SE,SW&v=17
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.48 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-48.fra53.r.cloudfront.net
Software: /
Resource Hash: 8dd2aaab3ff32f5182ca2b5d01ffb0eb2354892120d868a9b4765f9f17c443c2

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 20 Feb 2020 17:52:38 GMT
Via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf567.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: FRA53-C1
ETag: "bb7d66ac2ad777d8eb01783a48a2d98f"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Cache-Control: public, max-age=2592000
X-Rev: b31a5dc
Content-Length: 51072
X-Amz-Cf-Id: KqoV02MSP5LbBHfiSQ-yEyLWxNqOVZj3BKl8GIECvWC5rXFjVc3Pug==
X-Served-By: imagerender6.us_east.prod

GET
H2

200

xuid
eb2.3lift.com/ Frame 4AE2
Redirect Chain

https://eb2.3lift.com/sync?px=1&src=prebid&
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&google_tc=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHFoIz4E8CZGSTcSEzXpP98&dongle=c627&google_cver=1
https://eb2.3lift.com/xuid?ld=1&mid=5989&xuid=CAESEHFoIz4E8CZGSTcSEzXpP98&dongle=c627&gdpr=1&cmp_cs=&us_privacy=

37 B
352 B

61ms
61ms

Image
image/gif

52.57.79.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=5989&xuid=CAESEHFoIz4E8CZGSTcSEzXpP98&dongle=c627&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.79.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-79-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 20 Feb 2020 17:52:38 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 37
content-type: image/gif

Redirect headers

status: 302
date: Thu, 20 Feb 2020 17:52:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: /xuid?ld=1&mid=5989&xuid=CAESEHFoIz4E8CZGSTcSEzXpP98&dongle=c627&gdpr=1&cmp_cs=&us_privacy=
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

xuid
eb2.3lift.com/ Frame 8E21
Redirect Chain

https://eb2.3lift.com/sync?px=1&src=prebid&
https://eb2.3lift.com/getuid?redir=%2F%2Fx.bidswitch.net%2Fsync%3Fssp%3Dtriplelift%26user_id%3D%24UID
https://x.bidswitch.net/sync?ssp=triplelift&user_id=17928146881780786190
https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=17928146881780786190
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=triplelift&bsw_custom_parameter=5a5c2a85-3c00-46fd-9148-880e76036465
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=triplelift&expires=10&bsw_param=5a5c2a85-3c00-46fd-9148-880e76036465
https://eb2.3lift.com/xuid?mid=2409&xuid=5a5c2a85-3c00-46fd-9148-880e76036465&dongle=d3d3

37 B
352 B

67ms
66ms

Image
image/gif

52.57.79.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2409&xuid=5a5c2a85-3c00-46fd-9148-880e76036465&dongle=d3d3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.79.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-79-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 20 Feb 2020 17:52:38 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 37
content-type: image/gif

Redirect headers

status: 302
date: Thu, 20 Feb 2020 17:52:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //eb2.3lift.com/xuid?mid=2409&xuid=5a5c2a85-3c00-46fd-9148-880e76036465&dongle=d3d3
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 aop
eb2.3lift.com/ 37 B
139 B 61ms
61ms Image
image/gif 52.57.79.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=powerball_desktop_970x250&aid=161213508188684666070&rev=f09bc5f&bc=0.663&uid=10103597430521641840&pr=un&brid=421062&bmid=4945&ts=1582221154&sid=66498&unid=0&domain=www.powerball.com&ref=https%253A%252F%252Fwww.powerball.com%252F%2523winning-numbers&rr=creative&fid=1&rb=0&g=0&cb=37575
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.79.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-79-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Thu, 20 Feb 2020 17:52:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame 0361
Redirect Chain

https://eb2.3lift.com/sync?px=1&src=prebid&
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHFoIz4E8CZGSTcSEzXpP98&dongle=c627&google_cver=1

37 B
352 B

68ms
68ms

Image
image/gif

52.57.79.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHFoIz4E8CZGSTcSEzXpP98&dongle=c627&google_cver=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.79.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-79-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 20 Feb 2020 17:52:38 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:38 GMT
server: HTTP server (unknown)
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHFoIz4E8CZGSTcSEzXpP98&dongle=c627&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 303
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 0361 70 B
264 B 37ms
30ms Image
image/gif 52.51.24.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.24.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-24-119.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:38 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H2 204 sync
pixel.advertising.com/ups/56465/ Frame 0361 0
124 B 203ms
84ms Image
text/plain 35.157.249.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.249.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-249-39.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
date: Thu, 20 Feb 2020 17:52:38 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
pixel.advertising.com/ups/55965/ Frame 0361
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=veOW7euxlL6l55S-v-OP67-3xLulsJDrueL7Tf_r

0
124 B

163ms
84ms

Image
text/plain

35.157.249.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=veOW7euxlL6l55S-v-OP67-3xLulsJDrueL7Tf_r

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.249.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-249-39.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Thu, 20 Feb 2020 17:52:38 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 17:52:38 GMT
Server: QS
Strict-Transport-Security: max-age=86400
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Location: https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=veOW7euxlL6l55S-v-OP67-3xLulsJDrueL7Tf_r
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ Frame 0361 0
104 B 97ms
62ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1Ac6c846ae-5409-11ea-825a-120ea4e1ae80&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
pragma: no-cache
date: Thu, 20 Feb 2020 17:52:38 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

204

sync
pixel.advertising.com/ups/55965/ Frame 4F27
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=YSNmMzdxZGB5J2o0MCJ_NTdzMTB5J2dgZyThPizd

0
124 B

153ms
83ms

Image
text/plain

35.157.249.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=YSNmMzdxZGB5J2o0MCJ_NTdzMTB5J2dgZyThPizd

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.249.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-249-39.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Thu, 20 Feb 2020 17:52:38 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 17:52:38 GMT
Server: QS
Strict-Transport-Security: max-age=86400
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Location: https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=YSNmMzdxZGB5J2o0MCJ_NTdzMTB5J2dgZyThPizd
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 4F27
Redirect Chain

https://eb2.3lift.com/sync?px=1&src=prebid&
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHFoIz4E8CZGSTcSEzXpP98&dongle=c627&google_cver=1

37 B
352 B

69ms
69ms

Image
image/gif

52.57.79.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHFoIz4E8CZGSTcSEzXpP98&dongle=c627&google_cver=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.79.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-79-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 20 Feb 2020 17:52:38 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:38 GMT
server: HTTP server (unknown)
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHFoIz4E8CZGSTcSEzXpP98&dongle=c627&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 303
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sync
pixel.advertising.com/ups/56465/ Frame 4F27 0
124 B 190ms
83ms Image
text/plain 35.157.249.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.249.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-249-39.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
date: Thu, 20 Feb 2020 17:52:38 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4F27 70 B
264 B 32ms
30ms Image
image/gif 52.51.24.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.24.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-24-119.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:38 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ Frame 4F27 0
103 B 63ms
62ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1Ac6c87c32-5409-11ea-b811-12359aeea65a&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
pragma: no-cache
date: Thu, 20 Feb 2020 17:52:38 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 84FB
Redirect Chain

https://eb2.3lift.com/sync?px=1&src=prebid&
https://eb2.3lift.com/getuid?redir=%2F%2Fx.bidswitch.net%2Fsync%3Fssp%3Dtriplelift%26user_id%3D%24UID
https://x.bidswitch.net/sync?ssp=triplelift&user_id=4277454585892056513
https://ads.avocet.io/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dtriplelift%26bsw_param%3D5a5c2a85-3c00-46fd-9148-880e76036465
https://ads.avocet.io/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dtriplelift%26bsw_param%3D5a5c2a85-3c00-46fd-9148-880e76036465
https://x.bidswitch.net/sync?dsp_id=59&user_id=209f49fa-c449-4cca-8be1-019c175a507f&ssp=triplelift&bsw_param=5a5c2a85-3c00-46fd-9148-880e76036465
https://eb2.3lift.com/xuid?mid=2409&xuid=5a5c2a85-3c00-46fd-9148-880e76036465&dongle=d3d3

37 B
352 B

63ms
62ms

Image
image/gif

52.57.79.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2409&xuid=5a5c2a85-3c00-46fd-9148-880e76036465&dongle=d3d3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.79.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-79-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 20 Feb 2020 17:52:39 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 37
content-type: image/gif

Redirect headers

status: 302
date: Thu, 20 Feb 2020 17:52:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //eb2.3lift.com/xuid?mid=2409&xuid=5a5c2a85-3c00-46fd-9148-880e76036465&dongle=d3d3
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

204

sync
pixel.advertising.com/ups/55965/ Frame 84FB
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=YSNmMzdxZGB5J2o0MCJ_NTdzMTB5J2dgZyThPizd

0
124 B

70ms
69ms

Image
text/plain

35.157.249.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=YSNmMzdxZGB5J2o0MCJ_NTdzMTB5J2dgZyThPizd

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.249.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-249-39.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Thu, 20 Feb 2020 17:52:38 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 17:52:38 GMT
Server: QS
Strict-Transport-Security: max-age=86400
Location: https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=YSNmMzdxZGB5J2o0MCJ_NTdzMTB5J2dgZyThPizd
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 84FB 70 B
264 B 31ms
30ms Image
image/gif 52.51.24.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.24.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-24-119.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:38 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H2 204 sync
pixel.advertising.com/ups/56465/ Frame 84FB 0
124 B 69ms
68ms Image
text/plain 35.157.249.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.249.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-249-39.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
date: Thu, 20 Feb 2020 17:52:38 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ Frame 84FB 0
103 B 15ms
14ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1Ac6c37764-5409-11ea-bbe7-12eca44d2d72&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
pragma: no-cache
date: Thu, 20 Feb 2020 17:52:38 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

204

sync
pixel.advertising.com/ups/55965/ Frame 8A3D
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=YSNmMzdxZGB5J2o0MCJ_NTdzMTB5J2dgZyThPizd

0
124 B

68ms
68ms

Image
text/plain

35.157.249.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=YSNmMzdxZGB5J2o0MCJ_NTdzMTB5J2dgZyThPizd

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.249.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-249-39.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Thu, 20 Feb 2020 17:52:38 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Pragma: no-cache
Date: Thu, 20 Feb 2020 17:52:38 GMT
Server: QS
Strict-Transport-Security: max-age=86400
Location: https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=YSNmMzdxZGB5J2o0MCJ_NTdzMTB5J2dgZyThPizd
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 8A3D
Redirect Chain

https://eb2.3lift.com/sync?px=1&src=prebid&
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1
https://eb2.3lift.com/xuid?mid=3658&xuid=41abf22d-8d13-4f76-a6c9-4c898fb2887d&dongle=0cfd

37 B
352 B

67ms
66ms

Image
image/gif

52.57.79.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=41abf22d-8d13-4f76-a6c9-4c898fb2887d&dongle=0cfd
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.79.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-79-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 20 Feb 2020 17:52:39 GMT
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:39 GMT
x-aspnet-version: 4.0.30319
location: https://eb2.3lift.com/xuid?mid=3658&xuid=41abf22d-8d13-4f76-a6c9-4c898fb2887d&dongle=0cfd
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 302
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 209

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 8A3D 70 B
264 B 34ms
31ms Image
image/gif 52.51.24.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.24.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-24-119.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 20 Feb 2020 17:52:38 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ Frame 8A3D 0
103 B 15ms
12ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1Ac6cd62e2-5409-11ea-8169-12e650fea264&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D1%26gdpr_consent%3D
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
pragma: no-cache
date: Thu, 20 Feb 2020 17:52:38 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 sync
pixel.advertising.com/ups/56465/ Frame 8A3D 0
124 B 74ms
72ms Image
text/plain 35.157.249.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.249.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-249-39.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
date: Thu, 20 Feb 2020 17:52:38 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 aop
eb2.3lift.com/ 37 B
139 B 63ms
62ms Image
image/gif 52.57.79.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=powerball_desktop_970x250&aid=158715717432129345990&rev=f09bc5f&bc=0.432&uid=184985255511959075&pr=un&brid=421062&bmid=4945&ts=1582221154&sid=66498&unid=0&domain=www.powerball.com&ref=https%253A%252F%252Fwww.powerball.com%252F%2523winning-numbers&rr=creative&fid=1&rb=0&g=0&cb=59523
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.79.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-79-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Thu, 20 Feb 2020 17:52:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 ev1
eb2.3lift.com/ 37 B
139 B 60ms
60ms Image
image/gif 52.57.79.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ev1?inv_code=powerball_desktop_970x250&aid=158715717432129345990&rev=f09bc5f&bc=0.432&uid=184985255511959075&pr=0.345&brid=421062&bmid=4945&ts=1582221154&sid=66498&unid=0&cepos=0&ceid=10720421&cb=61422
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.79.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-79-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Thu, 20 Feb 2020 17:52:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 ev
eb2.3lift.com/ 37 B
139 B 66ms
65ms Image
image/gif 52.57.79.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ev?inv_code=powerball_desktop_970x250&aid=158715717432129345990&rev=f09bc5f&bc=0.432&uid=184985255511959075&pr=0.345&brid=421062&bmid=4945&ts=1582221154&sid=66498&unid=0&cepos=0&ceid=10720421&cb=99770
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.79.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-79-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Thu, 20 Feb 2020 17:52:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 0D99 0
0 30ms
29ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=2eb17ae9-4d4e-4b8a-b164-d850a2cda5ea|1582221170
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=2eb17ae9-4d4e-4b8a-b164-d850a2cda5ea|1582221170; Version=1; Expires=Fri, 19-Feb-2021 17:52:50 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1582221170|mOsLgqgikin0fcmWiygu; Version=1; Expires=Fri, 06-Mar-2020 17:52:50 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.176.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 20 Feb 2020 17:52:50 GMT
content-type: text/html
content-length: 483
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame A6C1 0
0 29ms
29ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=2eb17ae9-4d4e-4b8a-b164-d850a2cda5ea|1582221170; pd=v2|1582221170|mOsLgqgikin0fcmWiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=2eb17ae9-4d4e-4b8a-b164-d850a2cda5ea|1582221170; Version=1; Expires=Fri, 19-Feb-2021 17:52:51 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1582221170.1|kimWfcgqiysLmOgun0gi.rsgmvmsHqGmunIomgens; Version=1; Expires=Fri, 06-Mar-2020 17:52:51 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.176.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 20 Feb 2020 17:52:51 GMT
content-type: text/html
content-length: 481
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 4014 0
0 29ms
29ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=810508a3-a7bb-48fb-8080-f400922b541d|1582221171
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=810508a3-a7bb-48fb-8080-f400922b541d|1582221171; Version=1; Expires=Fri, 19-Feb-2021 17:52:52 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1582221172|mOsLgqgikin0fcmWiygu; Version=1; Expires=Fri, 06-Mar-2020 17:52:52 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.176.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 20 Feb 2020 17:52:52 GMT
content-type: text/html
content-length: 482
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 5D65 0
0 29ms
29ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.176.1 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=810508a3-a7bb-48fb-8080-f400922b541d|1582221171; pd=v2|1582221172|mOsLgqgikin0fcmWiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=810508a3-a7bb-48fb-8080-f400922b541d|1582221171; Version=1; Expires=Fri, 19-Feb-2021 17:52:53 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1582221172.1|kimWfcgqiysLmOgun0gi.rsgmvmsHqGmunIomgens; Version=1; Expires=Fri, 06-Mar-2020 17:52:53 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.176.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 20 Feb 2020 17:52:53 GMT
content-type: text/html
content-length: 481
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2

200

sync
eb2.3lift.com/ Frame 817E
Redirect Chain

https://eb2.3lift.com/sync?max=10&cb=20234
https://eb2.3lift.com/sync?max=10&cb=20234&ld=1

0
0

56ms
56ms

Document
text/html

52.57.79.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&cb=20234&ld=1
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.79.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-79-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?max=10&cb=20234&ld=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tluid=2679820331640349995
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/

Response headers

status: 200
date: Thu, 20 Feb 2020 17:52:55 GMT
content-type: text/html; charset=utf-8
content-length: 493
set-cookie: sync=CgoIgQIQ99jsnYYuCgoI4gEQ99jsnYYuCgoI5gEQ99jsnYYuCgkICRD32Oydhi4KCgipARD32Oydhi4KCQg5EPfY7J2GLgoJCDoQ99jsnYYuCgkICxD32Oydhi4KCgjOARD32Oydhi4KCQgfEPfY7J2GLg==; Max-Age=7776000; Expires=Wed, 20 May 2020 17:52:55 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=2679820331640349995; Max-Age=7776000; Expires=Wed, 20 May 2020 17:52:55 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

status: 302
date: Thu, 20 Feb 2020 17:52:55 GMT
content-length: 0
set-cookie: tluid=2679820331640349995; Max-Age=7776000; Expires=Wed, 20 May 2020 17:52:55 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location: /sync?max=10&cb=20234&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.openx.net/	1970-01-19 16:15:57	Name: i Value: 2a2a26a1-b5c8-435a-876b-abefad86880c\|1582221175

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://static.criteo.net/js/ld/publishertag.js(Line 1) Message: %cPubTag color: #fff; background: #ff8f1c; display: inline-block; padding: 1px 4px; border-radius: 3px; ERROR: Error onError: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js(Line 6) Message: jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at setupWhereToPlay (https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js:429:21581) at HTMLDocument.<anonymous> (https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js:429:30302) at j (https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js:6:29999) at k (https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js:6:30313) at https://d2si3hiz85fm4q.cloudfront.net/script.js:1:175521 undefined
console-api	log	(Line 9) Message: rendering ad
console-api	log	(Line 9) Message: rendering ad

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.avocet.io
adserver.adtech.advertising.com
adserver.adtechus.com
adservice.google.com
adservice.google.de
aol-match.dotomi.com
api.lanistaads.com
as-sec.casalemedia.com
bidder.criteo.com
bidswitch-eu.splicky.com
cm.g.doubleclick.net
code.ionicframework.com
d2si3hiz85fm4q.cloudfront.net
d2tbmvllb55wxq.cloudfront.net
deio3v2go54x9.cloudfront.net
dmx.districtm.io
dw7nrwnn2bkh1.cloudfront.net
eb2.3lift.com
eu-u.openx.net
fastlane.rubiconproject.com
fonts.googleapis.com
fs.gweini.com
hbopenbid.pubmatic.com
i.clean.gg
ib.3lift.com
img.3lift.com
lanista-bidder-d.openx.net
match.adsrvr.org
pagead2.googlesyndication.com
pixel.advertising.com
pixel.quantserve.com
rtb-eu.mfadsrvr.com
s.gweini.com
s3.amazonaws.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tlx.3lift.com
tpc.googlesyndication.com
wowyowapi.com
www.google-analytics.com
www.googletagservices.com
www.powerball.com
x.bidswitch.net
104.16.68.69
13.35.253.114
13.35.254.64
143.204.202.23
143.204.202.48
152.199.21.35
152.199.22.24
172.217.18.2
172.217.22.98
178.250.2.152
18.194.31.52
185.64.189.112
2600:9000:2057:9000:e:ff8:b40:21
2600:9000:214f:9200:15:3f44:b280:21
2600:9000:214f:9600:6:266a:9940:21
2606:4700:20::681a:6ad
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:81b::200a
2a00:1450:4001:81d::2002
2a00:1450:4001:824::200e
2a00:1450:400c:c04::9b
2a02:2638::3
2a02:fa8:8806:13::1400
3.123.135.36
34.95.120.147
34.95.69.49
35.157.125.245
35.157.249.39
35.162.11.246
35.173.23.162
52.17.97.192
52.216.135.5
52.51.24.119
52.57.79.171
54.145.105.206
54.82.250.222
69.173.144.142
72.247.225.98
91.228.74.189
94.130.165.160
03b97ddafe1ec5e7b0d2758e7d54c2fcdea648e30f4e7a9613e1666f63199a7c
03bdd68a1e549bf59bc419d1842bec52628885efc75ed8a58a7d1f7671d6c4d7
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88
06c08e3ba81a0a899a551a554791954c7b40ff431de2c6a206e166617578903d
06ef905faafedcc71b11e25d395607fb6fef70fdbdaceb87c744255c67624799
0b7f95ea376c84f25dd1359009f53c0a00a2999c897fde63e84d8384c019f614
102057bc3b54f941f994f2e2e5360e50b501a025f7819703f21cd7b193dcb16d
14141eb1e4aa392a2afe7ea36ade7ea1406fc98be16d2f48ede7a92b94d07f38
1492be9dc88113f5cd57adb359bf1fdc999bc645338449525ec8c4d6de8bce9c
16bc74e3ebb6ef6cc2c56565701502e39ea269aa665dd74da5742d371f3b2939
1a36f0a6f239c7826ac18991fae20560138d016bbd336c5e5156b9ef15ebf523
1b1d51840695cebf90274b527443cd64945cd9dfc5d2b785b0a772996ec588fc
1c7a11561924e27598d9e3975e5e8491aed48c6a64ef2df27d574c65e56608da
1c89f7b33ec35e7b57398a3fb07671ca1bd2c74ef315a7ecf0df9ce0711bec00
21813a4e6e30ea7cc6ee37b69343f829c11dcc45e2929d7ca3e101d679d20f1d
24b306a6ee219c34e039771a1f1c0bb51252ec1afa183bb8740f2e68c113bca0
27c74008dd3a59ca7fe3202a74e8d6ee8e5c63247df474656396e156fa6c1983
282e82832a9d710fbe4afa05a8da453b967e5718cebb39438642d35f7f36c520
2839650b3ee37babe07a373e693fb7c483b56a395f3af1e1fe7809dfb5371dee
2ae2901f146e2e0eb83648fdfc19c78aca16e1674313e164bc93c3739bba5d36
2ec20d0eb31989e3cdf4703e84aca61637104ff66037193da49b1999b64c251d
3130091b0e40eceb12c9628caba3e4a504fe3c3b30ec6fe25d6d195de57ad4a1
325cee8a45b452b68fe28fb92173f63a7f19967dbe3bf794bf4e3211772150c9
37cc0451eec571b22864bfac29a3766ccebe2d1e48ac4a552a8e9b8e6f9be02f
3c740e7a65f491916c536f9593ab4e96cdd40d7b8efb10c93a074d54efb3eee3
3cac1c68b38e0dc5bd98898b38e667c9034ca79a0058eabe81fc1a37e3475269
3f1ff7d31ce12c7c2750f80726b70e80052dfa843702a5ec1071343bf02adea0
40921502d76e0e2dd2e8172b291e5c35da8c3315b75c5f93809378a68e5781a3
40dd7f11e74fa3b11379d921b20a3701d29e0f2d09f4566cedcaf185b774dd2d
4266325a01fe2566fd77a4c1c061f8f05b73b07e498ebca7597942c9bd1d4fa0
46186939915707d85ad90276bbb49596af9e77af068523618d88f35a3a29a550
47a3d1d29044a5086d50d45f66600b612cdd16df4893eaf01571c8d2d714f42c
48c3f76ce8f7a776bfc1e72a6368b56e5d28e35019f8c4464f0f5c9a7b5e2312
497422bfc1390dbfe84dc41ec10d820d82869620e55ac244797bb38fd230ac17
51f45c89e5baf365e97a33c12bcd2a8bd365f5e156a519eb3c6db4a270ef0d1a
529105b11eccd81d3d141b3508ce35e02387f89cd234d561c085ce48b9866c64
52e76d18f61a3937790f71e9d78022aa943e69cbacf60de9c11a882b9180d272
52fe2f0394335dab93ffb9cac2bea65d4460b5d24cbc3861e62392194b11bfff
568474cd097612b01c1d833acce0d89e3dc3b7025ef4f5ce2edce5916e343bc4
584e784a3826890065adfa7a71638b191c33390154e5a07cc70ebe15e12d6beb
5942fe1a6c99120ec11cb98230cd557a5bfe60e98466dd96824a036d80a78aa3
59ff4e9457a98e72723231e1ad962b8c2a77c67f6c025dc6464843931d061c0f
5d1765ca16cb96e4294a5c96b2084b580e200a2743b1ff7805d18bd8348825e9
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2
5eed85a3265467e1c3aee8c89e218d4147ea0b85cef1aac8cbdd90a57dedf63d
60d9368fc1deb5a275b3786195a53ef1272fc24b05a313aa52b1bfcc0a0356a3
62a6c980b8be129cceb54b1c6e63cbf6be73035a0580640635096fb0df2d51ec
6572a5c9d30eb6f8d2424be69ae3f8f4b8816cb46fbdbfe3fb0f94863c8ad922
674da3a2254b3d0b424d2a8e3641180336318a7859d589bd4b58bdf1f7fad0c6
6a0ee7aa79a9fdd5c678da186ab2bfad75ad0f3b18a1df52b2505c455b6b359e
6b3422c0bf088fb098d4cf5a1e63791c8eecdcb4d3ab1dc0c36f19a30b171e36
6bac28b40c710514ce42fda86320277f18b0c22a4ddb3091748cfe6493359a78
6c04979989423dbab6e3652d8ccbd923f7a74e01930d0fb90678edc322a16bab
6c50468e92cc650063d9e5b232e7d4090b97ba4d074cdc9765f0926bbbba4fb1
753def12fae8722bef366a340b5ab7c34a15c8cd8432cdddb30d8f91ab987b96
77e253f505244807bb3b20519289552308191f98fee3bf62a5ed216ef0027bbf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85c740bbec4b189d8872f222d4428ec29f6e34f86f116e186a171234971748e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd2aaab3ff32f5182ca2b5d01ffb0eb2354892120d868a9b4765f9f17c443c2
91822d970ea4cb3dbae6039431aaebfd36c46997c43a53a507518eed6dc230b2
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
93168de01bbf26ba2b3a1e91258fcbe401b7101bbca35054c3086adc5d57ac75
93e3e4603daf747b6329d561752827ba833cd64b66bb8bd5d56efc15ea23c5d2
94270c22d6027f50f8471fa95d3cf91762ab8caec4dbb2c65ce223365b928cee
946a4a92ed1abe0bc69dabb3125912b3214b7545ef0b69abb8d531047dd326ac
9477c7c5e3bde8486b460eae7c614096db478d2fe558511545769acf955b1883
94a20ad6be9c79571f682570df938813afd221123c16c6c6b318b0b034cb48d3
9b0e415f742585b82139fb7076506657dde225088247e2ac0fba6f88a3d19588
9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0
a2b3fc2929f834a2a22450475944ed1146a14f8e159f8b138dfc70334c0c49c8
a2ef194ebea955025ec930aaa5c9adfb4bb5169751962ef42720c95982827d76
a7019b73cbcf928d42e36f0588c8748254ef15b914690083d80a629943267dcd
ad1dd0f75fad2002ed5d8856aa65d51960011c109659917d002cee358e0e0927
ad23040af6c829b8804f1a1da48d1fe6e8aa1029f3743751a1048bac71922b5d
ad2a6b8c6da9c45f9fcdf0520cdca0d33bec1bcc8ca776aa64ce382987b296b9
b1119a7192a90116d4eda38a6ef0bed5574645146060016eba7aa26835e5077e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b535234cdfbb37fac75d8bffe21a567fc50a049fba22e5ff63fcbacad3192a77
b5abf5b778d2b365d80d73fe19360dc9d79b037de4533335716e3a10cb02a19e
b758f60ab7ad38a56bdff71e6464b146312ea575f56ab7f6b05ed7f157f5bc48
b9b9103c60ef2c61de42660d6cd67a82d9816426f2b0f0c0a8fa3a1deae3538c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd4c78cb4cd5c2c87a907794076f7a7f7392f9df50958389afbec8c40eb5da8a
be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4
becfbf498f3cc9647d8fc8a70816cb1f3f73803a9fa293735cb9059c77854409
c01fa660f5e3a79aee33f24fac394cc5f333632e26cdb380744ebac41d871b92
c60536e1387fd63f18755c87e9028bc138c1cb11fc77a64a159777aae49a12b5
cb1a28e024751f74290795028b5b3c0d4dd317abf690468fd9f5072cdfab7aee
cd9c139673051af705b80d8eb599aa53d534b8d51674f0f8d4dea65a449e51e2
d08ff48ec5b86dd1dcdff144d6a9edd7608ff6146713a35bba361ff44ba545d5
d134107061dcfaad34af3db635f5ca3b3e368bdeeada543ac4b2b6e183c6ecb8
d5ff44821e16661e64cb8f336248f282c85d7cf990b67074fbe8baf742f44da0
d67eaa6e32c34eea44a3f90b36561f63181ed3d0407665e4e7dc48d54e5b266d
d8afc3ddba3b6c466770cf4a8729e5e5451b2549d9aba7aa4493b366d7ec3cc8
dd7334593836d8688061782f39c8e4bfc31ba3fc68f08a23d1757cecc2ad5706
e01707a99a6124581a9335a6455359704fbb50fb1f43db8402ef63c258796760
e03925061ffc4e98cda3a842d70a4e1955c9c129e45ddd942038a48370e0804c
e0ebc93f0d274efd0ba7a032ce0f0bbbbcc886dab554bc9b94279d313e925dfa
e27f20db3953f659d4d57f2e07df27a7f6699301ef72d1f83d98b6ff7a429408
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eb5b25c4d94fb533eb3ce857caccc5db1ea506905674352b60305ae9c003249e
ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6
ef75d377d4e2ffbf694134d2f4f7d1eb6b6ca7b6fabcd79b2b0057fd1f71de92
f0441fbe7c5d2525f78a0e975c17397503778a73109cfa289a7195c35241bd16
f6583df084303deb69ba3387cfa7c4ce2ac0305f56d35a50270de0f8af3b6df6
f940a2e54d757140229885b43423a1ba1dfdbeb12a9f77b69ed159997e71821e
ff5e5f296b0ef16c2c0d6fbc4f47680335eac8b0a452f413e032531e9788238a
ffd2b669b1e9644f9c9173f577c545125cd4424a599f3c6068f57299cc2f5368
fff27b27aa389954cab592d1233edd48d934b9b2d10c4bbaf4886993cd7fff1d

www.powerball.com Open in urlscan Pro 54.82.250.222 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

263 Requests

100 %HTTPS

31 %IPv6

32 Domains

44 Subdomains

37 IPs

7 Countries

5884 kBTransfer

8839 kBSize

1 Cookies

2 Outgoing links

Redirected requests

263 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.powerball.com Open in urlscan Pro
54.82.250.222 Public Scan

Screenshot
Live screenshot

Full Image

263
Requests

100 %
HTTPS

31 %
IPv6

32
Domains

44
Subdomains

37
IPs

7
Countries

5884 kB
Transfer

8839 kB
Size

1
Cookies

263 HTTP transactions
5 data transactions