urlscan.io logo urlscan.io
SecurityTrails logo

powerball.com Open in urlscan Pro
50.17.150.80  Public Scan

Go To Rescan Add Verdict Report
URL: http://powerball.com/
Submission: On October 21 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 116 IPs in 8 countries across 121 domains to perform 489 HTTP transactions. The main IP is 50.17.150.80, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is powerball.com. The Cisco Umbrella rank of the primary domain is 175626.
This is the only time powerball.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
57 50.17.150.80 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:251... 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
17 54.231.229.224 16509 (AMAZON-02)
2 34.95.69.49 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2600:1901:0:3... 15169 (GOOGLE)
8 34.160.110.8 15169 (GOOGLE)
1 104.219.254.16 63214 (MUSL-RANGE1)
2 2607:f8b0:400... 15169 (GOOGLE)
1 3 108.139.47.108 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:251... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
5 104.18.13.76 13335 (CLOUDFLAR...)
3 104.18.19.126 13335 (CLOUDFLAR...)
12 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.81.230 15169 (GOOGLE)
2 35.227.238.208 15169 (GOOGLE)
1 130.211.23.194 15169 (GOOGLE)
3 143.204.150.76 16509 (AMAZON-02)
10 34.236.83.94 14618 (AMAZON-AES)
3 5 2620:116:800b... 14618 (AMAZON-AES)
9 34.107.140.113 396982 (GOOGLE-CL...)
5 184.73.201.8 14618 (AMAZON-AES)
10 18.214.75.232 14618 (AMAZON-AES)
2 80.77.87.216 46636 (NATCOWEB)
20 3.230.217.116 14618 (AMAZON-AES)
2 104.36.115.111 62713 (AS-PUBMATIC)
2 2620:100:a001... 19750 (AS-CRITEO)
3 63.251.114.182 32475 (SINGLEHOP...)
2 2602:803:c002... 26667 (RUBICONPR...)
1 37.157.3.30 198622 (ADFORM)
2 108.138.124.226 16509 (AMAZON-02)
1 2 2600:9000:21d... 16509 (AMAZON-02)
1 23.217.153.125 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 141.95.98.70 16276 (OVH)
1 2001:41d0:701... 16276 (OVH)
2 20 52.46.128.147 16509 (AMAZON-02)
2 2 20.127.253.7 8075 (MICROSOFT...)
4 5 162.19.138.118 16276 (OVH)
2 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2 35.236.220.17 396982 (GOOGLE-CL...)
1 1 52.45.195.30 14618 (AMAZON-AES)
5 5 64.202.112.63 22075 (AS-OUTBRAIN)
2 2 173.223.57.84 16625 (AKAMAI-AS)
10 2607:f8b0:400... 15169 (GOOGLE)
2 7 104.18.18.126 13335 (CLOUDFLAR...)
12 12 2606:ae80:147... 26762 (CNVR-US-EAST)
4 23.64.60.212 16625 (AKAMAI-AS)
1 3.228.253.110 14618 (AMAZON-AES)
6 104.127.172.242 16625 (AKAMAI-AS)
2 6 198.148.27.140 19189 (PULSEPOINT)
3 3 35.71.139.29 16509 (AMAZON-02)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
5 23.92.190.74 32475 (SINGLEHOP...)
5 5 35.207.24.140 15169 (GOOGLE)
8 10 35.211.178.172 15169 (GOOGLE)
2 2 3.225.197.224 14618 (AMAZON-AES)
8 8 68.67.160.117 29990 (ASN-APPNEX)
8 8 8.43.72.98 26667 (RUBICONPR...)
14 18 142.251.32.98 15169 (GOOGLE)
3 3 52.204.169.52 14618 (AMAZON-AES)
2 104.36.115.113 62713 (AS-PUBMATIC)
5 5 207.198.113.88 13768 (COGECO-PEER1)
2 3 44.194.110.25 14618 (AMAZON-AES)
4 4 107.178.246.49 15169 (GOOGLE)
1 4 2607:f8b0:400... 15169 (GOOGLE)
10 11 35.71.131.137 16509 (AMAZON-02)
1 18 192.40.39.223 27381 (CASALE-MEDIA)
1 2 38.91.45.7 398989 (DEEPINTENT)
1 1 141.226.224.48 200478 (TABOOLA-AS)
5 5 216.200.232.249 30419 (MEDIAMATH...)
1 1 34.238.100.183 14618 (AMAZON-AES)
1 5 8.43.72.97 26667 (RUBICONPR...)
1 5 2600:1f18:4e9... 14618 (AMAZON-AES)
1 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 52.94.222.140 16509 (AMAZON-02)
2 3 185.167.164.42 198622 (ADFORM)
3 3 151.101.194.49 54113 (FASTLY)
20 35 8.28.7.83 62713 (AS-PUBMATIC)
4 5 35.190.60.146 15169 (GOOGLE)
1 1 107.178.254.65 15169 (GOOGLE)
4 7 104.36.115.114 62713 (AS-PUBMATIC)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
10 2607:f8b0:400... 15169 (GOOGLE)
2 2620:100:a001::4 19750 (AS-CRITEO)
2 8 51.222.39.186 16276 (OVH)
2 4 2620:100:a001::c 19750 (AS-CRITEO)
1 2607:f8b0:400... 15169 (GOOGLE)
1 213.19.162.90 3356 (LEVEL3)
1 199.187.193.181 47043 (SMARTADSE...)
15 20 8.28.7.82 62713 (AS-PUBMATIC)
4 5 54.175.87.114 14618 (AMAZON-AES)
3 74.119.119.139 19750 (AS-CRITEO)
16 23.64.61.104 16625 (AKAMAI-AS)
3 3 18.214.193.123 14618 (AMAZON-AES)
6 23.52.164.28 16625 (AKAMAI-AS)
1 2600:9000:251... ()
2 146.75.38.132 ()
8 8 67.202.105.24 ()
1 2 67.202.105.34 ()
1 34.149.139.129 ()
2 38.133.127.63 ()
26 64.202.112.223 ()
1 2600:9000:23c... ()
1 1 23.211.130.59 ()
6 34.117.239.71 ()
3 3 34.98.64.218 ()
1 2 54.236.207.110 ()
1 54.150.52.25 ()
1 3.233.2.39 ()
2 13.225.214.90 ()
2 2 2620:100:a001... ()
1 2 35.211.168.6 ()
1 1 85.114.159.118 ()
1 2 3.230.62.22 ()
2 3 34.229.3.43 ()
2 2 3.229.253.47 ()
1 1 2600:9000:220... ()
1 1 199.187.193.197 ()
1 2620:1ec:c11:... ()
1 1 132.226.41.106 ()
1 1 35.208.249.213 ()
1 54.87.127.173 ()
2 104.17.120.107 ()
1 1 69.166.1.12 ()
8 8 159.65.196.12 ()
2 2 173.231.178.116 ()
2 2 54.84.14.122 ()
2 52.200.147.16 ()
1 1 69.90.254.78 ()
1 1 34.102.163.6 ()
4 4 199.127.204.171 ()
1 2 2606:4700::68... ()
1 35.214.174.31 ()
1 2 50.16.178.102 ()
2 2 23.217.18.198 ()
1 5.161.47.120 ()
1 1 172.105.221.29 ()
1 195.5.165.20 ()
1 1 2a04:4e42:600... ()
1 151.101.65.44 ()
2 2 35.201.96.126 ()
1 8.28.7.109 ()
1 2 50.57.31.206 ()
1 1 52.204.235.144 ()
1 18.213.85.80 ()
1 2 38.67.14.233 ()
1 1 35.211.118.13 ()
1 1 34.102.253.54 ()
3 3 68.67.161.182 ()
2 2 23.20.109.84 ()
1 1 34.111.151.213 ()
1 1 3.12.170.58 ()
1 2 52.0.100.122 ()
489 116
57    50.17.150.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-150-80.compute-1.amazonaws.com
powerball.com
1    2607:f8b0:4006:817::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2511:ba00:15:3f44:b280:21 (United States)

ASN16509 (AMAZON-02, US)
d2si3hiz85fm4q.cloudfront.net
2    2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:20::681a:7ad (United States)

ASN13335 (CLOUDFLARENET, US)
code.ionicframework.com
4    2606:4700:20::681a:8b (United States)

ASN13335 (CLOUDFLARENET, US)
a.pub.network
17    54.231.229.224 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
2    2607:f8b0:4006:817::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2600:1901:0:328a::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
cumbersomecarpenter.com
8    34.160.110.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.110.160.34.bc.googleusercontent.com
d.pub.network
c.pub.network
1    104.219.254.16 (United States)

ASN63214 (MUSL-RANGE1, US)
PTR: muslapi.musl.com
muslapi.musl.com
2    2607:f8b0:4004:c09::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    108.139.47.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-108.jfk50.r.cloudfront.net
sb.scorecardresearch.com
3    2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:2510:7e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    2606:4700::6812:106b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
4    2607:f8b0:4006:80c::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2606:4700:20::681a:832 (United States)

ASN13335 (CLOUDFLARENET, US)
freestar-io.videoplayerhub.com
1    2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
5    104.18.13.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
3    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
as-sec.casalemedia.com
htlb.casalemedia.com
12    2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.81.230 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f6.1e100.net
ad.doubleclick.net
2    35.227.238.208 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 208.238.227.35.bc.googleusercontent.com
api.floors.dev
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
3    143.204.150.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-150-76.ewr52.r.cloudfront.net
c.amazon-adsystem.com
10    34.236.83.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-83-94.compute-1.amazonaws.com
c2shb.pubgw.yahoo.com
5    2620:116:800b:21:a021:b886:81cc:55cf (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
9    34.107.140.113 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 113.140.107.34.bc.googleusercontent.com
s2s.t13.io
5    184.73.201.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-201-8.compute-1.amazonaws.com
ads.yieldmo.com
10    18.214.75.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-75-232.compute-1.amazonaws.com
g2.gumgum.com
2    80.77.87.216 (Clifton, United States)

ASN46636 (NATCOWEB, US)
colossusssp.com
20    3.230.217.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-217-116.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
c2shb.pubgw.yahoo.com
2    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
3    63.251.114.182 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    2602:803:c002:200::62 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    108.138.124.226 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-124-226.jfk50.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
2    2600:9000:21dd:1600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    23.217.153.125 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-153-125.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    141.95.98.70 (France)

ASN16276 (OVH, FR)
PTR: ns3216620.ip-141-95-98.eu
lb.eu-1-id5-sync.com
1    2001:41d0:701:1000::31ee (France)

ASN16276 (OVH, FR)
lbs.eu-1-id5-sync.com
20    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
5    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
2    2607:f8b0:4006:81d::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2607:f8b0:4006:821::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2607:f8b0:4006:817::2001 (United States)

ASN15169 (GOOGLE, US)
dd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com
2    35.236.220.17 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com
um.simpli.fi
1    52.45.195.30 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-195-30.compute-1.amazonaws.com
jadserve.postrelease.com
5    64.202.112.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    173.223.57.84 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-57-84.deploy.static.akamaitechnologies.com
stags.bluekai.com
10    2607:f8b0:4006:81c::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
12    2606:ae80:1471:11::410 (United States)

ASN26762 (CNVR-US-EAST, US)
amazon-tam-match.dotomi.com
pulsepoint-match.dotomi.com
prebid-match.dotomi.com
33across-match.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
4    23.64.60.212 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-60-212.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    3.228.253.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-253-110.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
6    104.127.172.242 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-172-242.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
5    23.92.190.74 (Katy, United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
5    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
10    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    3.225.197.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-197-224.compute-1.amazonaws.com
ads.creative-serving.com
8    68.67.160.117 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
8    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
token.rubiconproject.com
18    142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
cm.g.doubleclick.net
3    52.204.169.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-169-52.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    207.198.113.88 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    44.194.110.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-110-25.compute-1.amazonaws.com
sync.crwdcntrl.net
4    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
4    2607:f8b0:4006:81f::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
11    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
18    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
dsum.casalemedia.com
2    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
5    216.200.232.249 (Mount Airy, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    34.238.100.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-100-183.compute-1.amazonaws.com
nep.advangelists.com
5    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
5    2600:1f18:4e9:5a07:dc3:ed1a:ad6b:ca3d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    185.167.164.42 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
35    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
5    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
7    104.36.115.114 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
10    2607:f8b0:4006:80f::2001 (United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
8    51.222.39.186 (Canada)

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net
onetag-sys.com
4    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    213.19.162.90 (United Kingdom)

ASN3356 (LEVEL3, US)
pixel-eu.rubiconproject.com
1    199.187.193.181 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync-global.smartadserver.com
20    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
5    54.175.87.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com
ups.analytics.yahoo.com
3    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
16    23.64.61.104 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-61-104.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
3    18.214.193.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-193-123.compute-1.amazonaws.com
cs.emxdgt.com
6    23.52.164.28 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-164-28.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
images.outbrainimg.com
1    2600:9000:2512:4000:3:7df3:55c0:93a1 (None, )

ASN- ()
cdn2.decide.dev
2    146.75.38.132 (None, )

ASN- ()
odb.outbrain.com
8    67.202.105.24 (None, )

ASN- ()
ssc-cms.33across.com
2    67.202.105.34 (None, )

ASN- ()
de.tynt.com
hde.tynt.com
1    34.149.139.129 (None, )

ASN- ()
decide.dev
2    38.133.127.63 (None, )

ASN- ()
mcdp-sadc1.outbrain.com
26    64.202.112.223 (None, )

ASN- ()
log.outbrainimg.com
sync.outbrain.com
1    2600:9000:23ca:e200:9:d7ff:bd00:93a1 (None, )

ASN- ()
cdn1.decide.dev
1    23.211.130.59 (None, )

ASN- ()
secure-assets.rubiconproject.com
6    34.117.239.71 (None, )

ASN- ()
events-ssc.33across.com
3    34.98.64.218 (None, )

ASN- ()
us-u.openx.net
u.openx.net
2    54.236.207.110 (None, )

ASN- ()
dpm.demdex.net
1    54.150.52.25 (None, )

ASN- ()
sync-jp.im-apps.net
1    3.233.2.39 (None, )

ASN- ()
beacon.krxd.net
2    13.225.214.90 (None, )

ASN- ()
aa.agkn.com
2    2620:100:a001::17 (None, )

ASN- ()
dis.criteo.com
2    35.211.168.6 (None, )

ASN- ()
sofia.trustx.org
1    85.114.159.118 (None, )

ASN- ()
dsp.adfarm1.adition.com
2    3.230.62.22 (None, )

ASN- ()
ps.eyeota.net
3    34.229.3.43 (None, )

ASN- ()
loadus.exelator.com
2    3.229.253.47 (None, )

ASN- ()
ice.360yield.com
1    2600:9000:2209:9000:1b:5138:8a40:93a1 (None, )

ASN- ()
s.ad.smaato.net
1    199.187.193.197 (None, )

ASN- ()
ssbsync.smartadserver.com
1    2620:1ec:c11::200 (None, )

ASN- ()
c.bing.com
1    132.226.41.106 (None, )

ASN- ()
sync.technoratimedia.com
1    35.208.249.213 (None, )

ASN- ()
trace.mediago.io
1    54.87.127.173 (None, )

ASN- ()
usersync.gumgum.com
2    104.17.120.107 (None, )

ASN- ()
biddr.brealtime.com
1    69.166.1.12 (None, )

ASN- ()
sync.go.sonobi.com
8    159.65.196.12 (None, )

ASN- ()
match.adsby.bidtheatre.com
2    173.231.178.116 (None, )

ASN- ()
cm.adgrx.com
2    54.84.14.122 (None, )

ASN- ()
pm.w55c.net
2    52.200.147.16 (None, )

ASN- ()
rtb.gumgum.com
1    69.90.254.78 (None, )

ASN- ()
ums.acuityplatform.com
1    34.102.163.6 (None, )

ASN- ()
ad.mrtnsvr.com
4    199.127.204.171 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
2    2606:4700::6812:18ad (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
1    35.214.174.31 (None, )

ASN- ()
csync.loopme.me
2    50.16.178.102 (None, )

ASN- ()
beacon.lynx.cognitivlabs.com
2    23.217.18.198 (None, )

ASN- ()
px.owneriq.net
1    5.161.47.120 (None, )

ASN- ()
matching.truffle.bid
1    172.105.221.29 (None, )

ASN- ()
gocm.c.appier.net
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    2a04:4e42:600::300 (None, )

ASN- ()
trc.taboola.com
1    151.101.65.44 (None, )

ASN- ()
match.taboola.com
2    35.201.96.126 (None, )

ASN- ()
visitor.fiftyt.com
1    8.28.7.109 (None, )

ASN- ()
aud.pubmatic.com
2    50.57.31.206 (None, )

ASN- ()
uipglob.semasio.net
1    52.204.235.144 (None, )

ASN- ()
sync.ipredictive.com
1    18.213.85.80 (None, )

ASN- ()
rtb.adentifi.com
2    38.67.14.233 (None, )

ASN- ()
pmp.mxptint.net
1    35.211.118.13 (None, )

ASN- ()
r.bidswitch.net
1    34.102.253.54 (None, )

ASN- ()
ads.playground.xyz
3    68.67.161.182 (None, )

ASN- ()
secure.adnxs.com
2    23.20.109.84 (None, )

ASN- ()
match.prod.bidr.io
1    34.111.151.213 (None, )

ASN- ()
dmp.brand-display.com
1    3.12.170.58 (None, )

ASN- ()
sync.adotmob.com
2    52.0.100.122 (None, )

ASN- ()
um2.eqads.com
Apex Domain
Subdomains		 Transfer
71 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 470
ads.pubmatic.com — Cisco Umbrella Rank: 495
image6.pubmatic.com — Cisco Umbrella Rank: 671
simage2.pubmatic.com — Cisco Umbrella Rank: 706
image4.pubmatic.com — Cisco Umbrella Rank: 875
image2.pubmatic.com — Cisco Umbrella Rank: 894
image8.pubmatic.com — Cisco Umbrella Rank: 590
simage4.pubmatic.com
aud.pubmatic.com
60 KB
57 powerball.com
powerball.com — Cisco Umbrella Rank: 175626
903 KB
45 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1136
widget-pixels.outbrain.com — Cisco Umbrella Rank: 2978
odb.outbrain.com
mcdp-sadc1.outbrain.com
sync.outbrain.com
197 KB
40 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 895
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1155
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426
ups.analytics.yahoo.com — Cisco Umbrella Rank: 294
9 KB
34 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
ad.doubleclick.net — Cisco Umbrella Rank: 185
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
183 KB
28 casalemedia.com
as-sec.casalemedia.com — Cisco Umbrella Rank: 1407
htlb.casalemedia.com — Cisco Umbrella Rank: 519
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542
dsum.casalemedia.com
20 KB
26 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 313
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 534
s.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1205
65 KB
23 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 492
eus.rubiconproject.com — Cisco Umbrella Rank: 596
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 852
pixel.rubiconproject.com — Cisco Umbrella Rank: 347
token.rubiconproject.com — Cisco Umbrella Rank: 682
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2112
secure-assets.rubiconproject.com
42 KB
18 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
dd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
127 KB
17 amazonaws.com
s3.amazonaws.com
2 MB
14 33across.com
ssc-cms.33across.com
events-ssc.33across.com
5 KB
13 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1430
usersync.gumgum.com
rtb.gumgum.com
16 KB
12 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 4866
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 5949
prebid-match.dotomi.com — Cisco Umbrella Rank: 2235
33across-match.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
4 KB
12 pub.network
a.pub.network — Cisco Umbrella Rank: 5346
d.pub.network — Cisco Umbrella Rank: 5850
c.pub.network — Cisco Umbrella Rank: 5659
410 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
6 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
secure.adnxs.com
10 KB
11 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 303
r.bidswitch.net
5 KB
11 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
gum.criteo.com — Cisco Umbrella Rank: 425
mug.criteo.com — Cisco Umbrella Rank: 2786
dis.criteo.com
10 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 363
217 KB
9 t13.io
s2s.t13.io — Cisco Umbrella Rank: 5160
2 KB
8 bidtheatre.com
match.adsby.bidtheatre.com
4 KB
8 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 777
4 KB
8 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 599
ce.lijit.com — Cisco Umbrella Rank: 918
9 KB
7 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 4089
images.outbrainimg.com
log.outbrainimg.com
185 KB
6 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 538
5 KB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
2 KB
6 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1193
id5-sync.com — Cisco Umbrella Rank: 471
23 KB
6 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 660
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5478
2 KB
5 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 344
id.rlcdn.com
api.rlcdn.com Failed
949 B
5 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 462
3 KB
5 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 602
3 KB
5 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 923
2 KB
5 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 560
3 KB
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 948
pixel.quantserve.com — Cisco Umbrella Rank: 516
cms.quantserve.com
12 KB
5 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 608
cdn.indexww.com
16 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 456
680 B
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 657
1 KB
4 adform.net
cm.adform.net — Cisco Umbrella Rank: 1496
c1.adform.net — Cisco Umbrella Rank: 627
2 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
167 KB
3 1rx.io
sync.1rx.io
2 KB
3 exelator.com
loadus.exelator.com
3 KB
3 openx.net
us-u.openx.net
u.openx.net
753 B
3 decide.dev
cdn2.decide.dev
decide.dev
cdn1.decide.dev
37 KB
3 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1055
833 B
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 578
883 B
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 375
1 KB
3 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1072
trc.taboola.com
match.taboola.com
971 B
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 756
1 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 723
1 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 373
1 KB
3 gstatic.com
fonts.gstatic.com
76 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 156
3 KB
3 cumbersomecarpenter.com
cumbersomecarpenter.com
28 KB
2 eqads.com
um2.eqads.com
563 B
2 bidr.io
match.prod.bidr.io
1 KB
2 mxptint.net
pmp.mxptint.net
965 B
2 semasio.net
uipglob.semasio.net
1 KB
2 fiftyt.com
visitor.fiftyt.com
623 B
2 owneriq.net
px.owneriq.net
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com
831 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 w55c.net
pm.w55c.net
1 KB
2 adgrx.com
cm.adgrx.com
1 KB
2 brealtime.com
biddr.brealtime.com
2 KB
2 360yield.com
ice.360yield.com
828 B
2 eyeota.net
ps.eyeota.net
1 KB
2 trustx.org
sofia.trustx.org
1 KB
2 agkn.com
aa.agkn.com
1 KB
2 demdex.net
dpm.demdex.net
2 KB
2 tynt.com
de.tynt.com
hde.tynt.com
3 KB
2 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1876
ssbsync.smartadserver.com
490 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 680
57 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 766
943 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 891
593 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4112
1 KB
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 504
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 841
1 KB
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2083
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1358
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1440
553 B
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 876
2 KB
2 colossusssp.com
colossusssp.com — Cisco Umbrella Rank: 1561
478 B
2 floors.dev
api.floors.dev — Cisco Umbrella Rank: 8001
2 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1180
1 KB
2 btloader.com
btloader.com — Cisco Umbrella Rank: 1084
api.btloader.com — Cisco Umbrella Rank: 1184
104 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1515
93 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1373
104 B
2 ionicframework.com
code.ionicframework.com — Cisco Umbrella Rank: 14188
118 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
3 KB
1 adotmob.com
sync.adotmob.com
706 B
1 brand-display.com
dmp.brand-display.com
367 B
1 playground.xyz
ads.playground.xyz
465 B
1 adentifi.com
rtb.adentifi.com
35 B
1 ipredictive.com
sync.ipredictive.com
554 B
1 iprom.net
core.iprom.net
281 B
1 appier.net
gocm.c.appier.net
393 B
1 truffle.bid
matching.truffle.bid
1 loopme.me
csync.loopme.me
1 unrulymedia.com
sync.targeting.unrulymedia.com
650 B
1 mrtnsvr.com
ad.mrtnsvr.com
292 B
1 acuityplatform.com
ums.acuityplatform.com
674 B
1 sonobi.com
sync.go.sonobi.com
780 B
1 mediago.io
trace.mediago.io
331 B
1 technoratimedia.com
sync.technoratimedia.com
680 B
1 bing.com
c.bing.com
667 B
1 smaato.net
s.ad.smaato.net
616 B
1 adition.com
dsp.adfarm1.adition.com
473 B
1 krxd.net
beacon.krxd.net
338 B
1 im-apps.net
sync-jp.im-apps.net
194 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 749
633 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 2564
232 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1192
537 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1340
17 KB
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 6504
457 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 594
464 B
1 musl.com
muslapi.musl.com — Cisco Umbrella Rank: 263056
975 B
1 cloudfront.net
d2si3hiz85fm4q.cloudfront.net
42 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
43 KB
0 onaudience.com Failed
pixel.onaudience.com Failed
0 geistm.com Failed
id.geistm.com Failed
0 mobtrakk.com Failed
sync-dmp.mobtrakk.com Failed
489 121
Domain Requested by
57 powerball.com powerball.com
27 simage2.pubmatic.com 15 redirects ads.pubmatic.com
25 sync.outbrain.com widgets.outbrain.com
ads.pubmatic.com
20 image8.pubmatic.com 15 redirects onetag-sys.com
ads.pubmatic.com
20 s.amazon-adsystem.com 2 redirects d2si3hiz85fm4q.cloudfront.net
s.amazon-adsystem.com
ap.lijit.com
sync-amz.ads.yieldmo.com
bh.contextweb.com
eus.rubiconproject.com
ssum-sec.casalemedia.com
ads.pubmatic.com
onetag-sys.com
20 c2shb.pubgw.yahoo.com a.pub.network
18 cm.g.doubleclick.net 14 redirects sync-amz.ads.yieldmo.com
eus.rubiconproject.com
onetag-sys.com
17 s3.amazonaws.com powerball.com
16 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
um2.eqads.com
14 widgets.outbrain.com d2si3hiz85fm4q.cloudfront.net
powerball.com
widgets.outbrain.com
12 securepubads.g.doubleclick.net d2si3hiz85fm4q.cloudfront.net
www.googletagservices.com
securepubads.g.doubleclick.net
powerball.com
11 match.adsrvr.org 10 redirects a.pub.network
10 cdn.ampproject.org d2si3hiz85fm4q.cloudfront.net
10 x.bidswitch.net 8 redirects sync-amz.ads.yieldmo.com
onetag-sys.com
10 tpc.googlesyndication.com d2si3hiz85fm4q.cloudfront.net
powerball.com
dd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com
10 c2shb.ssp.yahoo.com a.pub.network
10 g2.gumgum.com a.pub.network
9 s2s.t13.io a.pub.network
onetag-sys.com
d2si3hiz85fm4q.cloudfront.net
hde.tynt.com
8 match.adsby.bidtheatre.com 8 redirects
8 ssc-cms.33across.com 8 redirects
8 onetag-sys.com 2 redirects d2si3hiz85fm4q.cloudfront.net
onetag-sys.com
8 image2.pubmatic.com 5 redirects ads.pubmatic.com
8 ib.adnxs.com 8 redirects
7 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
7 c.pub.network a.pub.network
6 events-ssc.33across.com hde.tynt.com
eus.rubiconproject.com
6 image4.pubmatic.com 4 redirects ads.pubmatic.com
6 bh.contextweb.com 2 redirects s.amazon-adsystem.com
bh.contextweb.com
ads.pubmatic.com
6 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
hde.tynt.com
d2si3hiz85fm4q.cloudfront.net
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
powerball.com
5 ups.analytics.yahoo.com 4 redirects onetag-sys.com
5 pr-bh.ybp.yahoo.com 1 redirects widgets.outbrain.com
ssum-sec.casalemedia.com
5 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
onetag-sys.com
5 sync.mathtag.com 5 redirects
5 pixel-sync.sitescout.com 5 redirects
5 rtb.mfadsrvr.com 5 redirects
5 ce.lijit.com ap.lijit.com
5 b1sync.zemanta.com 5 redirects
5 id5-sync.com 4 redirects cdn.id5-sync.com
5 ads.yieldmo.com a.pub.network
sync-amz.ads.yieldmo.com
4 images.outbrainimg.com
4 gum.criteo.com 2 redirects d2si3hiz85fm4q.cloudfront.net
4 idsync.rlcdn.com 3 redirects widgets.outbrain.com
4 token.rubiconproject.com 4 redirects
4 www.google.com 1 redirects d2si3hiz85fm4q.cloudfront.net
powerball.com
4 pixel.tapad.com 4 redirects
4 pixel-us-east.rubiconproject.com 4 redirects
4 creativecdn.com 4 redirects
4 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
d2si3hiz85fm4q.cloudfront.net
4 www.googletagservices.com d2si3hiz85fm4q.cloudfront.net
dd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com
4 a.pub.network powerball.com
d2si3hiz85fm4q.cloudfront.net
3 secure.adnxs.com 3 redirects
3 sync.1rx.io 3 redirects
3 cms.quantserve.com 3 redirects
3 loadus.exelator.com 2 redirects widgets.outbrain.com
3 cs.emxdgt.com 3 redirects
3 mug.criteo.com
3 sync-tm.everesttech.net 3 redirects
3 c1.adform.net 2 redirects ads.pubmatic.com
3 px.ads.linkedin.com 1 redirects eus.rubiconproject.com
ads.pubmatic.com
3 sync.crwdcntrl.net 2 redirects widgets.outbrain.com
3 sync.srv.stackadapt.com 3 redirects
3 eb2.3lift.com 3 redirects
3 ap.lijit.com a.pub.network
s.amazon-adsystem.com
3 c.amazon-adsystem.com d2si3hiz85fm4q.cloudfront.net
c.amazon-adsystem.com
3 js-sec.indexww.com d2si3hiz85fm4q.cloudfront.net
3 fonts.gstatic.com fonts.googleapis.com
3 sb.scorecardresearch.com 1 redirects d2si3hiz85fm4q.cloudfront.net
powerball.com
3 cumbersomecarpenter.com d2si3hiz85fm4q.cloudfront.net
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 casale-match.dotomi.com 2 redirects
2 cdn.indexww.com ssum-sec.casalemedia.com
2 match.prod.bidr.io 2 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pubmatic-match.dotomi.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 px.owneriq.net 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 rtb.gumgum.com ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 cm.adgrx.com 2 redirects
2 biddr.brealtime.com d2si3hiz85fm4q.cloudfront.net
2 ice.360yield.com 2 redirects
2 ps.eyeota.net 1 redirects widgets.outbrain.com
2 sofia.trustx.org 1 redirects widgets.outbrain.com
2 dis.criteo.com 2 redirects
2 aa.agkn.com widgets.outbrain.com
ads.pubmatic.com
2 dpm.demdex.net 1 redirects widgets.outbrain.com
2 us-u.openx.net 2 redirects
2 33across-match.dotomi.com 2 redirects
2 mcdp-sadc1.outbrain.com powerball.com
2 odb.outbrain.com powerball.com
2 widget-pixels.outbrain.com powerball.com
widgets.outbrain.com
2 tcheck.outbrainimg.com widgets.outbrain.com
2 prebid-match.dotomi.com 2 redirects
2 static.criteo.net d2si3hiz85fm4q.cloudfront.net
static.criteo.net
2 ad.turn.com 2 redirects
2 match.deepintent.com 1 redirects ssum-sec.casalemedia.com
2 pulsepoint-match.dotomi.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
2 ads.creative-serving.com 2 redirects
2 amazon-tam-match.dotomi.com 2 redirects
2 stags.bluekai.com 2 redirects
2 um.simpli.fi 2 redirects
2 dd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com d2si3hiz85fm4q.cloudfront.net
2 adservice.google.com d2si3hiz85fm4q.cloudfront.net
2 sync.inmobi.com 2 redirects
2 rules.quantcount.com 1 redirects
2 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
2 fastlane.rubiconproject.com a.pub.network
2 htlb.casalemedia.com a.pub.network
2 bidder.criteo.com a.pub.network
2 hbopenbid.pubmatic.com a.pub.network
2 colossusssp.com a.pub.network
2 api.floors.dev d2si3hiz85fm4q.cloudfront.net
2 ad-delivery.net powerball.com
2 cdn.confiant-integrations.net d2si3hiz85fm4q.cloudfront.net
2 stats.g.doubleclick.net www.google-analytics.com
decide.dev
2 www.google-analytics.com d2si3hiz85fm4q.cloudfront.net
www.google-analytics.com
2 i.clean.gg d2si3hiz85fm4q.cloudfront.net
2 code.ionicframework.com powerball.com
code.ionicframework.com
2 fonts.googleapis.com powerball.com
d2si3hiz85fm4q.cloudfront.net
1 sync.adotmob.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 ads.playground.xyz 1 redirects
1 r.bidswitch.net 1 redirects
1 rtb.adentifi.com ads.pubmatic.com
1 sync.ipredictive.com 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 csync.loopme.me ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 usersync.gumgum.com d2si3hiz85fm4q.cloudfront.net
1 trace.mediago.io 1 redirects
1 id.rlcdn.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 c.bing.com widgets.outbrain.com
1 ssbsync.smartadserver.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 u.openx.net 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 beacon.krxd.net widgets.outbrain.com
1 sync-jp.im-apps.net widgets.outbrain.com
1 secure-assets.rubiconproject.com 1 redirects
1 cdn1.decide.dev decide.dev
1 log.outbrainimg.com powerball.com
1 simage4.pubmatic.com ads.pubmatic.com
1 decide.dev powerball.com
1 hde.tynt.com d2si3hiz85fm4q.cloudfront.net
1 de.tynt.com 1 redirects
1 cdn2.decide.dev powerball.com
1 ssbsync-global.smartadserver.com onetag-sys.com
1 pixel-eu.rubiconproject.com onetag-sys.com
1 googleads.g.doubleclick.net powerball.com
1 pippio.com 1 redirects
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 nep.advangelists.com 1 redirects
1 sync.taboola.com 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 jadserve.postrelease.com 1 redirects
1 pixel.quantserve.com
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 cdn.id5-sync.com
1 secure.cdn.fastclick.net d2si3hiz85fm4q.cloudfront.net
1 cm.adform.net
1 secure.quantserve.com d2si3hiz85fm4q.cloudfront.net
1 api.btloader.com freestar-io.videoplayerhub.com
1 ad.doubleclick.net powerball.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 btloader.com powerball.com
1 freestar-io.videoplayerhub.com 1 redirects
1 static.adsafeprotected.com d2si3hiz85fm4q.cloudfront.net
1 muslapi.musl.com powerball.com
1 d.pub.network a.pub.network
1 d2si3hiz85fm4q.cloudfront.net powerball.com
1 www.googletagmanager.com powerball.com
0 pixel.onaudience.com Failed ads.pubmatic.com
0 api.rlcdn.com Failed a.pub.network
0 id.geistm.com Failed widgets.outbrain.com
0 sync-dmp.mobtrakk.com Failed widgets.outbrain.com
489 192

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-16 -
2023-05-16		 a year crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2022-10-04 -
2023-01-02		 3 months crt.sh
cumbersomecarpenter.com
R3		 2022-10-04 -
2023-01-02		 3 months crt.sh
*.pub.network
Go Daddy Secure Certificate Authority - G2		 2022-03-19 -
2023-04-20		 a year crt.sh
*.musl.com
Go Daddy Secure Certificate Authority - G2		 2022-08-11 -
2023-09-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.confiant-integrations.net
E1		 2022-09-26 -
2022-12-25		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
api.floors.dev
GTS CA 1D4		 2022-10-03 -
2023-01-01		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2022-10-20 -
2023-01-18		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
s2s.t13.io
GTS CA 1D4		 2022-09-27 -
2022-12-26		 3 months crt.sh
*.yieldmo.com
Amazon		 2022-09-12 -
2023-10-12		 a year crt.sh
*.gumgum.com
Amazon		 2022-09-14 -
2023-10-11		 a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2021-11-07 -
2022-11-07		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.ads.yieldmo.com
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.decide.dev
Amazon		 2022-01-24 -
2023-02-22		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
decide.dev
GTS CA 1D4		 2022-09-10 -
2022-12-09		 3 months crt.sh
*.im-apps.net
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-20 -
2023-10-19		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon		 2022-02-09 -
2023-03-10		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh
loopme.com
R3		 2022-09-26 -
2022-12-25		 3 months crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
truffle.bid
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
*.iprom.net
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
adentifi.com
Amazon		 2022-08-05 -
2023-09-03		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
um3.eqads.com
Amazon		 2022-06-11 -
2023-07-09		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-01-15 -
2023-01-13		 a year crt.sh

This page contains 67 frames:

Primary Page: http://powerball.com/
Frame ID: B5F7EA70AF62F4B45FC1CBBB1818EAF8
Requests: 213 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_sovrn_3lift_n-Outbrain&dcc=t
Frame ID: B27309C562A003DEB2A4588B1502EAFB
Requests: 1 HTTP requests in this frame

Frame: https://dd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5C4610342309CF0BD768F1786868FECB
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 154B80B54E1300D6A176534FD7CB8C5E
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: AF531D6003FF0A502B35746C17A3DBF2
Requests: 10 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOQIGabmJYjGpCH9kd2M5oFGZFzmQdg3l2S8B79w
Frame ID: 6E443CD98F7965F7020645E0A15470BD
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAABsXR95RgOXQNNoccDAAAAAAA&expiration=1666465274&is_secure=true
Frame ID: C6FBB851307056BBFD6D5122EA9BC0D9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: F3FE058BAAD17831C6ADC9C52C3CA5D4
Requests: 11 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 36C2D510308B1C0A7CF596E0C128795D
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 9AE7DB4D9879D5BF4619F21AA6F91DEE
Requests: 11 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: 9B52D8823B7BA7DCB426B8EF86DE91E5
Requests: 5 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Frame ID: 86D3CC15D83781DB271B7CB4C1E7AAC5
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4353502803413113050196
Frame ID: C5C9AD37548DC92877F106AF3558D3BD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E6AEC0D72EC32CACF24F5A04E7D541C3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C2381197B7811E29540CC5127885819E
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=29453969-1F29-420B-ACD7-6C53B45221DB
Frame ID: 95463C30CCC7AF4FF5A508B38F02ECB6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1LsegAAAYTY7AAr&gdpr=0&gdpr_consent=&_test=Y1LsegAAAYTY7AAr
Frame ID: 813FC734BAF6014D8C82B681EED0A864
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID29453969-1F29-420B-ACD7-6C53B45221DB
Frame ID: CAC914A97A14A13E540BC276763FCFD7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs
Frame ID: 8AC2D32FCDF96CCB4DA25B16B742B06B
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Frame ID: 6935AD5838C9AA13DB7B4FD2799C8D82
Requests: 15 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=powerball.com
Frame ID: 9E616360952A6C456B333A8356AF70FC
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0CnNj1R77EAoDN_p1xOJ6WtHpW6k6oKJdk7yBbjA21ztTMteIEPAx92L7P9IcScqmWDJI7BmPzHqJU-DqOJ9T6HtwK2I3rKTGNIdRrPVIsJc30ltNVi0NfjbHnbCZZw3cI6rsoZv0c5JjYUlMDFBGTmV5nSwOnimFvMa00Wy_A1cXGg8N4BJMrJx8n5Zi1pRwAt4w4gkRO4Y-wyjt8dxbLY8NmPQOzo1-Rk3fqkXuoXrXoHl8AbZbsk3hOtYfhQyYHHQCADE8VYzuVJx4WrVUi0AtJkbdtWIZyk87KtFBf_rjOYjxgODOLGYkshtvFjpuwrlPo882qstcqDFHcC3393-JHprW1WfZHw&sai=AMfl-YRPd51nKEG6DSgUraP-anA9MtDgKU9trfP_jNhMVeFJUCHDBEz9RyyDuXML96HENzQjL7ENdxxXS2NqaPUYoAEQs0HwdHtxGgaxc7kQuva9Jjvq1eB7Hyr0HWnunZR4qOczbQ&sig=Cg0ArKJSzL8EvppPbaY8EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: AF7CCD61CDEDBA959F3A7A54F021D3FC
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmqWAozQQ06t13Q1f_fof3qtMoCHIHjOl_JIzLZspg0GUN1pDKPeDF3ouup4uWXkeLpQJOOVk3aSUmcGEJaDWFS3VkewFB-Et4itR2sbPzREQGIOTlm8wz--WJ4CaqvZxnHfeqVf0jOjDW35xS49fgXDJZ6_L81J2VrQ20vuBpZkYnpR2S2SulNOlu_glvHyd1qOkbGdhScFiPZXqlNuIXLxxvBD1z6tCvl6tGed2jfmRRfThQZSucs3jY_POagXR9kweto5CPgHlH0l4NWdqHNrHwkTy5jxmuUaRV8lTte8oCg3ROk9zn4fglk7wEp8fBLNEKb3UXZK8_OzTxzfapV4KgeuIDObmxiA&sai=AMfl-YT5XhYndLCRBLB2w7dtDsyfL-p-WiO4RyqwsErZ4k381pVy1akXDuXM5KPpoZ0St2ueZvo3UX781Dat3BK-p9S8LeiT4lZNSM_gsL0SOhLow1CuEFTgLNACCodbYHGZ9i7Q_w&sig=Cg0ArKJSzKQzZFCQGB-KEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 685EC58C3059D72FBE8BB0B383836C1F
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs
Frame ID: 82E09DF13B95DDB388255C4775C225D2
Requests: 15 HTTP requests in this frame

Frame: https://dd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 25DC52CBDED1E29D66A3261A41F172FB
Requests: 7 HTTP requests in this frame

Frame: https://s2s.t13.io/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=5512368809063269799brt56781666378875893797b8
Frame ID: 8860F1AF3440C9350D100A017AE6FA60
Requests: 1 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Frame ID: 3ED54DA4264CFD485521D3C0F6E4ACF8
Requests: 7 HTTP requests in this frame

Frame: https://decide.dev/lad/15369696027285350?pubid=ld-6552-7298&pubo=https%3A%2F%2Fdd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com&rid=powerball.com&width=300
Frame ID: 7612B2FF849E1ACBEE2EFBB92DF557A2
Requests: 4 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=47aa744a-7237-42c0-9bb0-3e8b7bbbca9c
Frame ID: 8D784391DA4F079E049633A28E100FD6
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 31735470C82F4C59A7CB6A2A9725A980
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: E904E48DF83BEB42532B2E123571B262
Requests: 35 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=2c052103-d3d9-4dea-b711-2cc18de455df
Frame ID: 4514DF9F79103B3A612D3422CE541DB5
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: FB82D3A9599D1B04B66146BE1EEFDFD9
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: E4D49C4B37AF3280FEAA20387B2DA7ED
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: B17D57261387B482B5E63C8A8FA17CD8
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9528AC4F3C18211D813B45810D462FE9
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=OsCM9pDCGnwYKVIJmreF&pi=gumgum
Frame ID: DC4D7AB122B3DD9B641AEC33905C6AE3
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1425ABA54F378DDBF97F96365B81F1A9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Frame ID: 4FDE3D60FD3FE9BE1A2DD858442119B3
Requests: 15 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 14553159CD3C105ABC065CBBA4A7E924
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: C1AEDF920E61D2C44FE769AB73D22D38
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Frame ID: 472FB2BAB7B652F37C3957F0B02C399C
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fpowerball.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 05EF2E263E8C2B950DB5621933DCC38F
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 39FB051419A8E339EB0CCFDCB04E9F8F
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fpowerball.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 3DEE8009DBF7AFC59B628C4BF686C8C7
Requests: 10 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=29453969-1F29-420B-ACD7-6C53B45221DB&redir=true&gdpr=0&gdpr_consent=
Frame ID: 6E1FFE5E8310063CAB665C10F6480EBA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:dbe5eecb-7634-4a3f-97a1-12b9e55af4bf&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Frame ID: CD92895A77204DA25FA63ACD7D63D117
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAD2Kk7GpdkAACB3Vhizbg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1576690719601751309%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4
Frame ID: 76ECC781609F67632338A58581B96DF0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c856e8a6-ce21-45ca-bd1c-403476e63237&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Frame ID: 741DC0DFCF2B6FE76BA26ACC3167C374
Requests: 1 HTTP requests in this frame

Frame: https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=29453969-1F29-420B-ACD7-6C53B45221DB
Frame ID: 4B26C4B8AC5B73821C8391BABD9342BF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3ac09c56-8107-446c-b8e4-29cab53362c7&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Frame ID: 45AF18A80C84B1C3D2CEF983B9C79768
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:0dd6535c-8780-4282-a238-4c6a0558d68d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Frame ID: 81F7E76C0B8B0499206593DE81BA4675
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c3663ea6-8017-4542-92e4-a8d8467291aa&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Frame ID: 27F24C53216FE519E699546B9647F8B9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:afe5fd4c-d4d9-4c19-bd5c-290826529b6c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Frame ID: A1ADF64AFA0C75271878B9D94423E401
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: D0FA00F90461AB980E199DE963A97FF5
Requests: 1 HTTP requests in this frame

Frame: https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=29453969-1F29-420B-ACD7-6C53B45221DB
Frame ID: 9DC59BA1F072CB4E0C45880DA59643E1
Requests: 1 HTTP requests in this frame

Frame: https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=29453969-1F29-420B-ACD7-6C53B45221DB
Frame ID: 05147DE62A951970E4476F33BE4ACA73
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: E2D87FB3FB0FC5B46C77E06799C19612
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 5A08BC15FDC4DE371F766F9713BC03B7
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: 25604A3448014A3C67E703F08CEF4F11
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=29453969-1F29-420B-ACD7-6C53B45221DB
Frame ID: BF7711F26408EA9D8823E39182AF28FD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7196652771508028313
Frame ID: 1770459CF7CBC6C5C59074D284B08EC3
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 3F1D259E84B8C775BF7DB1DA2AE8BFAC
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: BECE822C57CAA08E17F5145FB4E8B2C7
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 3C4352DA7115DBC5E08A19510C69DA6B
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=b286b491-0301-4710-842c-b614974c9fc4-tucta4c71fa&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 9FB4FA90975CB9F6B4FD2DE16C3FE6F6
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 05D04B96D79B10746C7141D7EB1D22D0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home | Powerball

Detected technologies

Overall confidence: 100%
Detected patterns
  • drupal\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+ionicons(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

489
Requests

58 %
HTTPS

25 %
IPv6

121
Domains

192
Subdomains

116
IPs

8
Countries

5362 kB
Transfer

9893 kB
Size

115
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 111
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 114
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1666378872259&ns_c=UTF-8&c7=http%3A%2F%2Fpowerball.com%2F&c8=Home%20%7C%20Powerball&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1666378872259&ns_c=UTF-8&c7=http%3A%2F%2Fpowerball.com%2F&c8=Home%20%7C%20Powerball&c9=
Request Chain 178
  • http://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js HTTP 301
  • https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Request Chain 180
  • http://cdn.id5-sync.com/api/1.0/id5-api.js HTTP 307
  • https://cdn.id5-sync.com/api/1.0/id5-api.js
Request Chain 200
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_sovrn_3lift_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_sovrn_3lift_n-Outbrain&dcc=t
Request Chain 202
  • https://sync.inmobi.com/prebid?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&us_privacy=&callback=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://s2s.t13.io/setuid?bidder=inmobi&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=ID5-ZHMO3XOmabkohoZwqD20ZewTBv48Y2BRwpulyaAuHg
Request Chain 208
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=4E225F31A4974A0FA1E0AB6F4C01C6E0&ex=simpli.fi&status=ok
Request Chain 209
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=53056d15-da76-4709-b3a9-027bcd37ddaa
Request Chain 210
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=_LXaAu8R6aSZpIJwQozx&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZUWIPK7JRMGCQLVHBJDMYKTLJYESSTXKFXXU6A HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZUWIPK7JRMGCQLVHBJDMYKTLJYESSTXKFXXU6A HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=_LXaAu8R6aSZpIJwQozx
Request Chain 212
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 213
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOQIGabmJYjGpCH9kd2M5oFGZFzmQdg3l2S8B79w
Request Chain 214
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=22430e9b7c7e0506&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAABsXR95RgOXQNNoccDAAAAAAA&expiration=1666465274&is_secure=true
Request Chain 218
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 220
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4353502803413113050196
Request Chain 223
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=OsCM9pDCGnwYKVIJmreF&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Request Chain 224
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=91fcb6b9-505e-4bf8-9dda-07d18b30bc80
Request Chain 225
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=fmx&bsw_custom_parameter=420cce5a-5f42-4fc5-b516-8ea244f75d87 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=fmx&bsw_custom_parameter=420cce5a-5f42-4fc5-b516-8ea244f75d87 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=b4db78d5-f4ea-4eff-9c57-ee480daefd12&ssp=fmx&expires=30&user_group=5&bsw_param=420cce5a-5f42-4fc5-b516-8ea244f75d87 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=420cce5a-5f42-4fc5-b516-8ea244f75d87&gdpr=&gdpr_consent=
Request Chain 226
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D92%25263pid%253D%2524UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=5512368809063269799&gdpr=0&gdpr_consent=
Request Chain 227
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=L9IUYG1V-5-9AM8&gdpr=0
Request Chain 232
  • https://rtb.mfadsrvr.com/sync?ssp=yieldmo HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=91fcb6b9-505e-4bf8-9dda-07d18b30bc80&gdpr=&gdpr_pd=&gdpr_consent=
Request Chain 233
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=Z2VjMTYyZWNhYjc4Mjk2MmFlYjk= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=Z2VjMTYyZWNhYjc4Mjk2MmFlYjk=&google_tc=
Request Chain 235
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=5512368809063269799&pn_id=an
Request Chain 236
  • https://sync.srv.stackadapt.com/sync?nid=21 HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=X7y23APdTcl7PUkiRZntRWjtwR0&gdpr=&gdpr_consent=
Request Chain 238
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=eDA2RUJzVkZIWmJ1Z3VfWmdPYlpVQQ&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_hm=eDA2RUJzVkZIWmJ1Z3VfWmdPYlpVQQ&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEHCSDiGchHVegqoTueFSy8Y&google_cver=1
Request Chain 239
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=555a0945585b04db&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAABuaBUWVx_WwMwZjtzAAAAAAA&expiration=1666465274&nuid=&is_secure=true
Request Chain 240
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=95&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553%26partner_url%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D543793%2526ev%253D80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553%2526gdpr_in_effect%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553%26partner_url%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D543793%2526ev%253D80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553%2526gdpr_in_effect%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D543793%26ev%3D80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553%26gdpr_in_effect%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D543793%26ev%3D80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553%26gdpr_in_effect%3D0%26gdpr_consent%3D HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553&gdpr_in_effect=0&gdpr_consent=
Request Chain 244
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=L9IUYG1V-5-9AM8 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=L9IUYG1V-5-9AM8&ex=d-rubiconproject.com&status=ok
Request Chain 245
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://match.adsrvr.org/track/cmb/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=96c184ef-d2dc-46f0-8c36-35f68e7519ef&expiration=1668970874&gdpr=0&gdpr_consent=
Request Chain 247
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y1LseuPF-zXfayqsXM1MzAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKixhgOCVVuYXiogpg5dmE0&google_cver=1
Request Chain 248
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1LseuPF_zXfayqsXM1MzAAAAJgAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y1LseuPF_zXfayqsXM1MzAAAAJgAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIVH5xiwXi1Yqv696JmgDxo&google_cver=1
Request Chain 250
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y1LseuPF-zXfayqsXM1MzAAA%26152 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=b286b491-0301-4710-842c-b614974c9fc4-tucta4c71fa
Request Chain 251
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=22e76352-ec7a-4100-b354-5b1765a9e091
Request Chain 252
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-2a4ba89c-0aee-4d94-997b-d7a6ab1d247c
Request Chain 254
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://match.adsrvr.org/track/cmb/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=96c184ef-d2dc-46f0-8c36-35f68e7519ef&gdpr=0&gdpr_consent=&expires=30
Request Chain 255
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPiwK5WL6aOa8plQ8WJ1_6Q&google_cver=1
Request Chain 256
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/YhbebptPtCa2QH_Q08JV_g?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=192135578490051797
Request Chain 257
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlJVVlHMVYtNS05QU04
Request Chain 258
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9IUYG1V-5-9AM8
Request Chain 259
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=BMMX35tUSWuns6N4KS9eFw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=BMMX35tUSWuns6N4KS9eFw
Request Chain 261
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGRhODdkMmMxODkzOTI2ZTVmNzVkN2VlOGJiYTgwOWFkZjgzMjhjOQ
Request Chain 262
  • https://c1.adform.net/serving/cookie/match?party=14&cid=29453969-1F29-420B-ACD7-6C53B45221DB HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=29453969-1F29-420B-ACD7-6C53B45221DB
Request Chain 263
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y1LsegAAAYTY7AAr HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1LsegAAAYTY7AAr&gdpr=0&gdpr_consent=&_test=Y1LsegAAAYTY7AAr
Request Chain 265
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KUU5aR8pQgus12xTtFIh2w%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 266
  • https://idsync.rlcdn.com/420486.gif?partner_uid=29453969-1F29-420B-ACD7-6C53B45221DB HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDI5NDUzOTY5LTFGMjktNDIwQi1BQ0Q3LTZDNTNCNDUyMjFEQhAAGg0I-tjLmgYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=9ca56052d4179c4a68c74b3c0da7c5c4db9d5914b4256de275d334b3360a7055791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=9ca56052d4179c4a68c74b3c0da7c5c4db9d5914b4256de275d334b3360a7055791426b5417dce21&rand=06403571 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=9ca56052d4179c4a68c74b3c0da7c5c4db9d5914b4256de275d334b3360a7055791426b5417dce21&rand=06403571&expected_cookie=b1944eb5-1110-4d91-beeb-447e691a7d35
Request Chain 267
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d6336352-ec7a-4b00-95f1-1a9804c2db7f
Request Chain 268
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mjk0NTM5NjktMUYyOS00MjBCLUFDRDctNkM1M0I0NTIyMURC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 269
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPBKwmP8c0Si8MmNwcgfG4I&google_cver=1
Request Chain 270
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:4E225F31A4974A0FA1E0AB6F4C01C6E0
Request Chain 271
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3981096095250849001&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 272
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=96c184ef-d2dc-46f0-8c36-35f68e7519ef
Request Chain 292
  • http://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 293
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=d6336352-ec7a-4b00-95f1-1a9804c2db7f&gdpr=1&gdpr_consent=
Request Chain 295
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5512368809063269799
Request Chain 297
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg_vrfvtbnv89-pJXiVcHud4t21mi_A2NDg
Request Chain 299
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=_v2_ZAUffyfHuhwCvhUGMPYDn8Pb8Acs_MtqX-6I3Y4
Request Chain 301
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEEDh7qjRdA5rqxFFbo7ndp0&google_cver=1
Request Chain 302
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=60ff955442c619f1&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAByOcoE5-mnAMZTSYtAAAAAAA&expiration=1666465275&is_secure=true
Request Chain 304
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=96c184ef-d2dc-46f0-8c36-35f68e7519ef&gdpr=0&gdpr_consent=
Request Chain 307
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=powerball.com&sn=ChromeSyncframe&so=0&topUrl=powerball.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Ywj9sHxwbWs0eEpJSURjdTZBbVB0NTNiWHRiNlBPZUpSQ0tnSHROUUlOV0NYSlE1UGNySWdLNG1kOVhQRXVQR3MvQnpQOEN6elNjd0pPMXB1VEs2Ui84WDFOeHlZZEFvT2Y5K1BSd0hUWlV3bFZMZmxlT1FqQWJyRVNWMERzZFBCNkxwR2VrOEtCM1J4RmQ2UURHZlNIcnlOSHIwQU11QnJUUkRiUFBKRjllYUxUL3c5eVNENWwrR1ZPaHVGSDJsWTlLUGhxdnJPWTZTVXFjR1BYcEwxWFVheHNDUnJmWTRsNlVCd1o0ckxkaGhNbnhlekZVK0VoWFhSSEJZS1RFd1BmTUx2dThTaWhRSUhsMnRFY2w3MEcrS2tFUT09fA&cppv=2
Request Chain 328
  • https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9zMnMudDEzLmlvL3NldHVpZD9iaWRkZXI9ZW14X2RpZ2l0YWwmZ2Rwcj0mZ2Rwcl9jb25zZW50PSZ1c19wcml2YWN5PSZmPWImdWlkPSRFTVhVSUQ= HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=5512368809063269799&redirect=https://s2s.t13.io/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=$EMXUID&b64_redirect=aHR0cHM6Ly9zMnMudDEzLmlvL3NldHVpZD9iaWRkZXI9ZW14X2RpZ2l0YWwmZ2Rwcj0mZ2Rwcl9jb25zZW50PSZ1c19wcml2YWN5PSZmPWImdWlkPSRFTVhVSUQ= HTTP 302
  • https://s2s.t13.io/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=5512368809063269799brt56781666378875893797b8
Request Chain 344
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=99&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbasis%26uid%3D%7BuserId%7D%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26us_privacy%3D HTTP 302
  • https://s2s.t13.io/setuid?bidder=basis&uid=80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553&gdpr=&gdpr_consent=&f=i&us_privacy=
Request Chain 348
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Request Chain 377
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 378
  • https://ssc-cms.33across.com/ps/?_=1666378876983.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://s2s.t13.io/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=117943357376554
Request Chain 379
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=the33across HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=X7y23APdTcl7PUkiRZntRWjtwR0&user_group=1&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=420cce5a-5f42-4fc5-b516-8ea244f75d87 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=420cce5a-5f42-4fc5-b516-8ea244f75d87&ts=1666378877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 380
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1666378876983.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=d6336352-ec7a-4b00-95f1-1a9804c2db7f
Request Chain 381
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-Nt2XokVE2uFGhTzMiPYvS5zM_dre5HgV~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-Nt2XokVE2uFGhTzMiPYvS5zM_dre5HgV%7EA&ts=1666378877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 382
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=49ccb2dbd96204c4&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAABsXR95RgO3QNzumNfAAAAAAA&expiration=1666465277&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAABsXR95RgO3QNzumNfAAAAAAA&ts=1666378877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 383
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=4353502803413113050196 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4353502803413113050196&ts=1666378877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 384
  • https://idsync.rlcdn.com/420046.gif?partner_uid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f024039c-3bdd-4dc6-b710-4bafa3309089
Request Chain 385
  • https://b1sync.zemanta.com/usersync/outbrain/?puid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=zemanta&uid=_LXaAu8R6aSZpIJwQozx&gdpr=0&us_privacy=1---
Request Chain 386
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=5512368809063269799&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 387
  • https://dpm.demdex.net/ibs:dpid=133726&dpuuid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_pd=1&gdpr_consent=
Request Chain 389
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=96c184ef-d2dc-46f0-8c36-35f68e7519ef&gdpr=0&gdpr_consent=
Request Chain 392
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=91fcb6b9-505e-4bf8-9dda-07d18b30bc80
Request Chain 393
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=1---&ssp=outbrain&bsw=420cce5a-5f42-4fc5-b516-8ea244f75d87
Request Chain 394
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26uid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=criteo&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---&uid=204fdf0e-3824-447a-9261-6c0340f91cc0
Request Chain 395
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESENULrCoErKO-J02LJVz4R3E&google_cver=1 HTTP 302
  • https://sofia.trustx.org/sync?tp_id=1&tp_uid=420cce5a-5f42-4fc5-b516-8ea244f75d87&ssp_custom_data= HTTP 302
  • https://sofia.trustx.org/ul_cb/sync?tp_id=1&tp_uid=420cce5a-5f42-4fc5-b516-8ea244f75d87&ssp_custom_data=
Request Chain 396
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7157042779475671193&gdpr=0&gdpr_consent=
Request Chain 397
  • https://ps.eyeota.net/match?bid=1mpn7m0&uid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual
Request Chain 399
  • https://creativecdn.com/cm-notify?pi=outbrain&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=OsCM9pDCGnwYKVIJmreF&pi=outbrain&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 400
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L9IUYG1V-5-9AM8&gdpr=0&us_privacy=1---
Request Chain 402
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual HTTP 302
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&xl8blockcheck=1 HTTP 302
  • https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual{%22attributes%22:%20{},%20%22agreedId%22:%20%22%22}
Request Chain 403
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=Y1LseuPF_zXfayqsXM1MzAAAAJgAAAIB&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 404
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual%2526gdpr%253D%2524GDPR_APPLIES%2526gdpr_consent%253D%2524CONSNT_STRING%2526us_privacy%253D%2524CCPA%2526uid%253D%2523PMUID HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/29453969-1F29-420B-ACD7-6C53B45221DB?gdpr=0&gdpr_consent=PM_CONSENT
Request Chain 405
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual%26uid%3D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&uid=15f355fd-8974-465a-8b06-99f12210367a
Request Chain 406
  • https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&us_privacy=1---&redir=true HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=y-sAB1jmhE2uFYJy1KbIqQXo5LvXF9PAbh_RS.ipI-~A&gdpr=0&gdpr_consent=
Request Chain 407
  • https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=emx&uid=5512368809063269799brt56781666378875893797b8&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 408
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1--- HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=97be25de-41d9-4a7c-a66d-656d13118b0e&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 409
  • https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=smaato&uid=6b331f9b&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 410
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=smart&uid=1576690719601751309&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 412
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual%26us_privacy%3D1--- HTTP 307
  • https://sync.outbrain.com/cookie-sync?p=synacor&uid=64E176394381480A8C240ACC2295C633&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&us_privacy=1---
Request Chain 413
  • https://id.rlcdn.com/711945.gif?cparams=obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual HTTP 307
  • https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual
Request Chain 414
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=centro&uid=80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 415
  • https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&uid=p8PLAvSTyQm8lZgJ8snTBKDEyAO8xJgIqZJ4L5oq
Request Chain 416
  • https://bh.contextweb.com/bh/rtset?pid=562709&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpulsepoint%26uid%3D%7BuserId%7D%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid={userId}&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---&ev=1&us_privacy=${us_privacy}&pid=562709
Request Chain 417
  • https://trace.mediago.io/cs/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbaidu%26uid%3D%7Buserid%7D%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=baidu&uid={userid}&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 419
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fpowerball.com%2F&domain=powerball.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=dNZPJHx1VWxRQkFJZ296Y2dlNzQxZnRtRkxkVzBYMmYzMjEvamRYNXFIcStTNkl5bk05Zllwc292Qndwc0Zpc0wwcW1US2YvQ2trczg2SnY4NTRzL1lGNEYxbXM0WC9FbVRsN3lMQ0syZWtDdmYwY2FoR0lIcllXemJ6UzZjRXNTRUJRRGRUQ3Y5d1hJN2oyK0pEWk56alZFbmJvZnYvaGwwcnRnN01Fd1NkOW1HMHBMV0x3VGxPdmNGdVYyR2RFcVkzaXk5WHhVR1ZPTVkyOGFPTWduQ0lsNFJ6VmF2WnA3MDA3UGtTT3lsUWFuOU1pMVJGaGRNTUJRVElISXV0Q1pla1NpcmRMeldxNVUrc2F0VUY5anFZeDBxUT09fA&cppv=2
Request Chain 423
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=OsCM9pDCGnwYKVIJmreF&pi=gumgum
Request Chain 436
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%5BUID%5D HTTP 302
  • https://s2s.t13.io/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6b40a359-8aa7-44cc-bb0a-c66f1c0b5637
Request Chain 440
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d6336352-ec7a-4b00-95f1-1a9804c2db7f&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:dbe5eecb-7634-4a3f-97a1-12b9e55af4bf&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 441
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDVkxFN0dwZGtBQUJfcXZfckY2UQ&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAD2Kk7GpdkAACB3Vhizbg&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAD2Kk7GpdkAACB3Vhizbg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1576690719601751309 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAD2Kk7GpdkAACB3Vhizbg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1576690719601751309%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4
Request Chain 442
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5512368809063269799&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c856e8a6-ce21-45ca-bd1c-403476e63237&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 443
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=be1f778e-5172-11ed-8dcb-071661708aaa HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26uid%3D29453969-1F29-420B-ACD7-6C53B45221DB HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=29453969-1F29-420B-ACD7-6C53B45221DB
Request Chain 444
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=cQ1WQSJdVEpqWwVKJAdOR3YKVUBqCgVLf1xX28ds HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3ac09c56-8107-446c-b8e4-29cab53362c7&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 445
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_94fd6fd63b9a46a287a50 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:0dd6535c-8780-4282-a238-4c6a0558d68d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 446
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c3663ea6-8017-4542-92e4-a8d8467291aa&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 447
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=X7y23APdTcl7PUkiRZntRWjtwR0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:afe5fd4c-d4d9-4c19-bd5c-290826529b6c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 448
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:5BrdqLtE1OLXgF5&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Request Chain 449
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=701037794323 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26uid%3D29453969-1F29-420B-ACD7-6C53B45221DB HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=29453969-1F29-420B-ACD7-6C53B45221DB
Request Chain 450
  • https://ad.mrtnsvr.com/sync/pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=dXwkKBrtM HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26uid%3D29453969-1F29-420B-ACD7-6C53B45221DB HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=29453969-1F29-420B-ACD7-6C53B45221DB
Request Chain 451
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1666378877634 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=101846299 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/96c184ef-d2dc-46f0-8c36-35f68e7519ef HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-dc34dd7b-ae73-4f32-be8d-171e0f5aa0d2-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-dc34dd7b-ae73-4f32-be8d-171e0f5aa0d2-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-dc34dd7b-ae73-4f32-be8d-171e0f5aa0d2-005 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 452
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 454
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=72f98a3a-1019-4811-ab61-e0936b746b27&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=29453969-1F29-420B-ACD7-6C53B45221DB
Request Chain 455
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7196652771508028313&uid=Q7196652771508028313&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7196652771508028313
Request Chain 457
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=m3auE3thDsG67vypfuxSYw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 459
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=b286b491-0301-4710-842c-b614974c9fc4-tucta4c71fa&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 460
  • https://pixel.onaudience.com/?partner=214&mapped=29453969-1F29-420B-ACD7-6C53B45221DB HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b01bca40b8da56d9/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=f4386ae6ca672241d67422c70b045874&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
Request Chain 461
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=29453969-1F29-420B-ACD7-6C53B45221DB&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=29453969-1F29-420B-ACD7-6C53B45221DB&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=29453969-1F29-420B-ACD7-6C53B45221DB&addseg=10,33,39
Request Chain 462
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=29453969-1F29-420B-ACD7-6C53B45221DB&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=29453969-1F29-420B-ACD7-6C53B45221DB&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 464
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=29453969-1F29-420B-ACD7-6C53B45221DB&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-sPDlAgRE2uXXxpIbnJzTK3NjzXWMeHg-~A&gdpr=0&gdpr_consent=
Request Chain 465
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e500da1f-3493-4aee-9c3e-be2533ebd360&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26uid%3D29453969-1F29-420B-ACD7-6C53B45221DB HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=29453969-1F29-420B-ACD7-6C53B45221DB
Request Chain 466
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=29453969-1F29-420B-ACD7-6C53B45221DB&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=4ace32fe122e19f1&is_secure=true&networkId=17100&version=1&nuid=29453969-1F29-420B-ACD7-6C53B45221DB&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAABuaBUWVx_2QNq3TepAAAAAAA&expiration=1666465277&nuid=29453969-1F29-420B-ACD7-6C53B45221DB&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 467
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:19a427dc-0863-4418-b2ef-cf04a1e56966&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 469
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D530_F81D8241_6D8F73DD&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 470
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=420cce5a-5f42-4fc5-b516-8ea244f75d87 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=420cce5a-5f42-4fc5-b516-8ea244f75d87&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dpubmatic%26bsw_param%3D420cce5a-5f42-4fc5-b516-8ea244f75d87 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=656b145a-0197-4fca-8092-c2e4b70ca936%252Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Dpubmatic%2526bsw_param%253D420cce5a-5f42-4fc5-b516-8ea244f75d87&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=96c184ef-d2dc-46f0-8c36-35f68e7519ef&ttd_puid=656b145a-0197-4fca-8092-c2e4b70ca936%2Chttps%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dpubmatic%26bsw_param%3D420cce5a-5f42-4fc5-b516-8ea244f75d87 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=pubmatic&bsw_param=420cce5a-5f42-4fc5-b516-8ea244f75d87 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=420cce5a-5f42-4fc5-b516-8ea244f75d87&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 471
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7320634552515149901 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:40ae4f11-ec92-4ae2-9813-1c94744fc9ae&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 472
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5512368809063269799 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Request Chain 474
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5512368809063269799
Request Chain 476
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1LsegAAAYTY7AAr
Request Chain 477
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAD2Kk7GpdkAACB3Vhizbg&expiration=1667588477
Request Chain 478
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1LseuPF_zXfayqsXM1MzAAAAJgAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED2wDnoGU-nHL2X0zWrLDOQ&google_cver=1
Request Chain 479
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=_LXaAu8R6aSZpIJwQozx&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2X2MLBQUC5JYKI3GCU22OBEUU52RN55HQ HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2X2MLBQUC5JYKI3GCU22OBEUU52RN55HQ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=_LXaAu8R6aSZpIJwQozx
Request Chain 480
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=46e9e7ea-a419-489d-a165201a
Request Chain 482
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y1LseuPF_zXfayqsXM1MzAAAAJgAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y1LseuPF_zXfayqsXM1MzAAAAJgAAAIB
Request Chain 483
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3981096095250849001
Request Chain 484
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=68e300f662219f1&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAJN2GRwTOabwM6YZKYAAAAAAA&expiration=1666465277&is_secure=true
Request Chain 485
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=MFU2Z2MFNGwrA2VsZV8uYTdSNWYrUmVtPgSWuj7f
Request Chain 486
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5512368809063269799
Request Chain 487
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0847220407ea58de089ef6ee&expiration=[EXPIRATION]
Request Chain 489
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5512368809063269799
Request Chain 491
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 492
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=L9IUYG1V-5-9AM8 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=L9IUYG1V-5-9AM8 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L9IUYG1V-5-9AM8&ts=1666378877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 493
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D HTTP 302
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3551%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95314fe1-b2c2-40a5-994e-c72a0bc3d619%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9zMnMudDEzLmlvL3NldHVpZD9iaWRkZXI9YW14JmdkcHI9JmdkcHJfY29uc2VudD0mdXNfcHJpdmFjeT0mZj1pJnVpZD0%253D%26uid%3D%24UID HTTP 303
  • https://prebid.a-mo.net/cchain/1/3551?gdpr=&gdpr_consent=&us_privacy=&A=95314fe1-b2c2-40a5-994e-c72a0bc3d619&bidder=adform&cbx=aHR0cHM6Ly9zMnMudDEzLmlvL3NldHVpZD9iaWRkZXI9YW14JmdkcHI9JmdkcHJfY29uc2VudD0mdXNfcHJpdmFjeT0mZj1pJnVpZD0%3D&uid=7320634552515149901 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F3551%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95314fe1-b2c2-40a5-994e-c72a0bc3d619%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zMnMudDEzLmlvL3NldHVpZD9iaWRkZXI9YW14JmdkcHI9JmdkcHJfY29uc2VudD0mdXNfcHJpdmFjeT0mZj1pJnVpZD0%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/2/3551?gdpr=&gdpr_consent=&us_privacy=&A=95314fe1-b2c2-40a5-994e-c72a0bc3d619&bidder=index_rtb&cbx=aHR0cHM6Ly9zMnMudDEzLmlvL3NldHVpZD9iaWRkZXI9YW14JmdkcHI9JmdkcHJfY29uc2VudD0mdXNfcHJpdmFjeT0mZj1pJnVpZD0%3D&uid=Y1LseuPF-zXfayqsXM1MzAAA%26152 HTTP 302
  • https://s2s.t13.io/setuid?bidder=amx&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=95314fe1-b2c2-40a5-994e-c72a0bc3d619&gdpr=&gdpr_consent=&us_privacy=

489 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
powerball.com/ 		98 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
596b91ce744edc7970d83e2e14558a0f34cc4f4e3b6e79eb3895bce2ccb2132e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=86400, public
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Content-language
en
Date
Fri, 21 Oct 2022 19:01:10 GMT
ETag
"1666366963"
Expires
Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified
Fri, 21 Oct 2022 15:42:43 GMT
Link
<http://powerball.com/>; rel="canonical", <http://powerball.com/>; rel="shortlink", <http://powerball.com/games/home>; rel="alternate"; hreflang="en", <http://powerball.com/es/games/home>; rel="alternate"; hreflang="es", <http://powerball.com/games/home>; rel="revision"
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
Transfer-Encoding
chunked
Vary
Cookie,Accept-Encoding,User-Agent
X-Content-Type-Options
nosniff
X-Drupal-Cache
HIT
X-Drupal-Dynamic-Cache
MISS
X-Frame-Options
SAMEORIGIN
X-Generator
Drupal 8 (https://www.drupal.org)
X-UA-Compatible
IE=edge
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-29233419-1
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
17e0c05d02b2a10b46a8db89a4b6a55fb26f1326b0d8c08411d5bbec982bf47e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43648
x-xss-protection
0
last-modified
Fri, 21 Oct 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 21 Oct 2022 19:01:11 GMT
script.js
d2si3hiz85fm4q.cloudfront.net/ 		121 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d2si3hiz85fm4q.cloudfront.net/script.js
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
2600:9000:2511:ba00:15:3f44:b280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9cd1fd04fdd09c941b6474e438cdbb026eacc653bc8eed3bbff9c10f3c588eca

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
v6eyQkjE_WJOXSVL66Kl5QxliBlPwr2X
Content-Encoding
gzip
Via
1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
Date
Fri, 21 Oct 2022 18:52:21 GMT
X-Amz-Cf-Pop
JFK50-P6
Age
530
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Fri, 21 Oct 2022 15:38:00 GMT
Server
AmazonS3
ETag
W/"c50de35813b4ef4948a9548c412871d8"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=600,public,must-revalidate
X-Amz-Cf-Id
-tU7mZA1_5tnQ80JHOGT5xWYXvceBQZSvITvoU_s4qNmxMi7IlqWSg==
ajax-progress.module.css
powerball.com/core/themes/stable/css/system/components/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/themes/stable/css/system/components/ajax-progress.module.css?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
018bc192232b968b662399f1cb800c44ee22b64285a6334366c667f7ebfea058
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:10 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"40b-5e8094bb42480"
Vary
User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1035
Expires
Fri, 04 Nov 2022 19:01:10 GMT
align.module.css
powerball.com/core/themes/stable/css/system/components/ 		484 B
873 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/themes/stable/css/system/components/align.module.css?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
97fe5992208187911c3daff7fe8556ee254ca0a340ab9af0e3ba04ce7e40e2e3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:10 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"1e4-5e8094bb42480"
Vary
User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
484
Expires
Fri, 04 Nov 2022 19:01:10 GMT
autocomplete-loading.module.css
powerball.com/core/themes/stable/css/system/components/ 		611 B
1000 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/themes/stable/css/system/components/autocomplete-loading.module.css?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
f5ac9ecf677f9a456c8faf304f9cd9a6deb61b2f7cad70bac84c63428bc7dbe3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:10 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"263-5e8094bb42480"
Vary
User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
611
Expires
Fri, 04 Nov 2022 19:01:10 GMT
fieldgroup.module.css
powerball.com/core/themes/stable/css/system/components/ 		95 B
482 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/themes/stable/css/system/components/fieldgroup.module.css?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
c799ec87fb8a6e52bd93a883abdc71eef0dec77d2365ce4c2f46178a3e0909fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:10 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"5f-5e8094bb42480"
Vary
User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95
Expires
Fri, 04 Nov 2022 19:01:10 GMT
container-inline.module.css
powerball.com/core/themes/stable/css/system/components/ 		222 B
610 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/themes/stable/css/system/components/container-inline.module.css?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
c5730d19f43f160faa47af29f7e1dc2bafc393be75aa71d21dc93c775a1833c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:10 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"de-5e8094bb42480"
Vary
User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
222
Expires
Fri, 04 Nov 2022 19:01:10 GMT
clearfix.module.css
powerball.com/core/themes/stable/css/system/components/ 		306 B
695 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/themes/stable/css/system/components/clearfix.module.css?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
a0645960ade152760a6cefc0b03736a9565c09a46c94b2dd39e54da585bde30d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:10 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"132-5e8094bb42480"
Vary
User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
306
Expires
Fri, 04 Nov 2022 19:01:10 GMT
details.module.css
powerball.com/core/themes/stable/css/system/components/ 		127 B
515 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/themes/stable/css/system/components/details.module.css?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
f31746cbb75773acc9358471805e24d2f80184a9686f2e4dfbf57530c3a583c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:10 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"7f-5e8094bb42480"
Vary
User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
127
Expires
Fri, 04 Nov 2022 19:01:10 GMT
hidden.module.css
powerball.com/core/themes/stable/css/system/components/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/themes/stable/css/system/components/hidden.module.css?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
144c2b996574a2f16003848858de86dc5ad3486fb4fe14a5d5a79d134086e763
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"54f-5e8094bb42480"
Vary
User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1359
Expires
Fri, 04 Nov 2022 19:01:11 GMT
item-list.module.css
powerball.com/core/themes/stable/css/system/components/ 		285 B
674 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/themes/stable/css/system/components/item-list.module.css?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
5251ec9a6d7f9cc54b205363d70eb38bf67517f8e02b3ae04e85c9cf5f908228
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"11d-5e8094bb42480"
Vary
User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
285
Expires
Fri, 04 Nov 2022 19:01:11 GMT
js.module.css
powerball.com/core/themes/stable/css/system/components/ 		402 B
791 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/themes/stable/css/system/components/js.module.css?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
132298c08776faea963092e83b7c30712bde095c62530bd3a613322987c4663e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"192-5e8094bb42480"
Vary
User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
402
Expires
Fri, 04 Nov 2022 19:01:11 GMT
nowrap.module.css
powerball.com/core/themes/stable/css/system/components/ 		96 B
483 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/themes/stable/css/system/components/nowrap.module.css?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
4a4fa2a793d87c88f1509f370dbc40b6deec2188b6a918f92365f873b7bc566d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"60-5e8094bb42480"
Vary
User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
96
Expires
Fri, 04 Nov 2022 19:01:11 GMT
position-container.module.css
powerball.com/core/themes/stable/css/system/components/ 		95 B
482 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/themes/stable/css/system/components/position-container.module.css?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
92931ceb6a0ad1c9b3e8fc6f335b9dfd6f0c7c8ee36f089bb10241c142a78faa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"5f-5e8094bb42480"
Vary
User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95
Expires
Fri, 04 Nov 2022 19:01:11 GMT
progress.module.css
powerball.com/core/themes/stable/css/system/components/ 		826 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/themes/stable/css/system/components/progress.module.css?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
4d9de30f44d155113b05e267edeb3f534339c20b02135b37b954e2be32f1f061
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"33a-5e8094bb42480"
Vary
User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
826
Expires
Fri, 04 Nov 2022 19:01:11 GMT
reset-appearance.module.css
powerball.com/core/themes/stable/css/system/components/ 		274 B
663 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/themes/stable/css/system/components/reset-appearance.module.css?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
0ac01ab832b811cdc2dfddaf28ba2f1ee3ef3bb6486cbaeb424226fde71ee625
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"112-5e8094bb42480"
Vary
User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
274
Expires
Fri, 04 Nov 2022 19:01:11 GMT
resize.module.css
powerball.com/core/themes/stable/css/system/components/ 		270 B
659 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/themes/stable/css/system/components/resize.module.css?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
299064cf3027c5efab4ab6df345de1302dfa562db83eca51965371938480f56c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"10e-5e8094bb42480"
Vary
User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
270
Expires
Fri, 04 Nov 2022 19:01:11 GMT
sticky-header.module.css
powerball.com/core/themes/stable/css/system/components/ 		163 B
551 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/themes/stable/css/system/components/sticky-header.module.css?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
0b61e01fa0fa02eba3c6a074427ddf2a6cf98c01727b2796309b2b5b005fac70
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"a3-5e8094bb42480"
Vary
User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
163
Expires
Fri, 04 Nov 2022 19:01:11 GMT
system-status-counter.css
powerball.com/core/themes/stable/css/system/components/ 		742 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/themes/stable/css/system/components/system-status-counter.css?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
6f0160c0d198d260e42d1394b516e5495ee57c204e41cd2147e4026110843d54
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"2e6-5e8094bb42480"
Vary
User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
742
Expires
Fri, 04 Nov 2022 19:01:11 GMT
system-status-report-counters.css
powerball.com/core/themes/stable/css/system/components/ 		557 B
946 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/themes/stable/css/system/components/system-status-report-counters.css?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
da6360a75aac69be7076b4a5a4a2d0bfbd3bc4a674bba2e7a9cb698035719159
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"22d-5e8094bb42480"
Vary
User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
557
Expires
Fri, 04 Nov 2022 19:01:11 GMT
system-status-report-general-info.css
powerball.com/core/themes/stable/css/system/components/ 		255 B
643 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/themes/stable/css/system/components/system-status-report-general-info.css?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
d106f9ce97021e6ce9a05e593a70ec7e4956667eab83726c9eb1b473b709fb8e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"ff-5e8094bb42480"
Vary
User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
255
Expires
Fri, 04 Nov 2022 19:01:11 GMT
tabledrag.module.css
powerball.com/core/themes/stable/css/system/components/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/themes/stable/css/system/components/tabledrag.module.css?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
8188bad0f77aaf0e06c5d199b36c85263048a4ac6361bed201939fdab3dd196f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"730-5e8094bb42480"
Vary
User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1840
Expires
Fri, 04 Nov 2022 19:01:11 GMT
tablesort.module.css
powerball.com/core/themes/stable/css/system/components/ 		373 B
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/themes/stable/css/system/components/tablesort.module.css?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
750e66789618a2e5a917b34aa2e29abd2713041f80259ce54ef1b4f0fdffcbdb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"175-5e8094bb42480"
Vary
User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
373
Expires
Fri, 04 Nov 2022 19:01:11 GMT
tree-child.module.css
powerball.com/core/themes/stable/css/system/components/ 		478 B
867 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/themes/stable/css/system/components/tree-child.module.css?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
7b01b36d9b978726eeb935eb9cf4ca4b7ac06e7191264f079068f6b0f3a51e90
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"1de-5e8094bb42480"
Vary
User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
478
Expires
Fri, 04 Nov 2022 19:01:11 GMT
paragraphs.unpublished.css
powerball.com/modules/contrib/paragraphs/css/ 		57 B
444 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://powerball.com/modules/contrib/paragraphs/css/paragraphs.unpublished.css?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
f1eea94c1d7f9c6747515e1d7af60618498e8197905f290bc3851da41fbd5588
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"39-5e8094bb42480"
Vary
User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
57
Expires
Fri, 04 Nov 2022 19:01:11 GMT
css
fonts.googleapis.com/ 		33 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,300i,700|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f38bc63db8bce430068cac5f70c8195204b8d361092d72cf8508f4e34d4025f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Fri, 21 Oct 2022 19:01:10 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Fri, 21 Oct 2022 19:01:10 GMT
ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 		50 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:7ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

X-Fastly-Request-ID
77046055bb5db3a705de83d10ff6489435f3e027
Date
Fri, 21 Oct 2022 19:01:10 GMT
Content-Encoding
gzip
Via
1.1 varnish
X-Cache-Hits
1
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
71457
X-Cache
HIT
x-proxy-cache
HIT
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
8313
X-Served-By
cache-chi-klot8100163-CHI
Last-Modified
Tue, 28 Jun 2022 16:06:13 GMT
Server
cloudflare
X-GitHub-Request-Id
0802:4A65:42668:635CD:634F9268
X-Timer
S1666307414.888479,VS0,VE10
ETag
W/"62bb26f5-c854"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kv4CBNOo4179LHyid%2BEmVy7qERleFrKikaDplIBFqZ4D%2Fi1d8GzylczAxcSWzte2r6lDMo267lqKR0w5lsgE7kqJ7ELL5rvgBVp8Xzk1QpTwvoyWOMgsYL8yZFdlhg2GDF0gDF%2F7dXYLYW0%2FziwKsi4gvRaJ"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
75dc3d877dc4c508-ORD
expires
Wed, 19 Oct 2022 06:09:15 GMT
style.css
powerball.com/themes/rapid/dist/ 		189 KB
189 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://powerball.com/themes/rapid/dist/style.css?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
d4242e5e7d54895bd925f99f5d8b592bca47ff3e8847f6d9b1b9f7a5124ae09d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 22:01:56 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"2f3e7-5e80958387d00"
Vary
User-Agent
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
193511
Expires
Fri, 04 Nov 2022 19:01:11 GMT
pubfig.min.js
a.pub.network/powerball-com/ 		147 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/powerball-com/pubfig.min.js
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8419b271c9ca43ea4d3a59e65087d8b8720d43daf573ea7a733d7e54078629b0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16595
x-guploader-uploadid
ADPycduqIcF2sGddHQZ8SmOS-BJmK3gzByhbbs3FvTK1KvSWC68KJrUl-k8S5XzazYdmPxfLWby-ebc0qjbEm8-GWZpUFzmiyXtp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Fri, 21 Oct 2022 08:39:34 GMT
server
cloudflare
etag
W/"2dcd60705395e3e931251c9477c3090b"
vary
Accept-Encoding
x-goog-hash
crc32c=7cx4vQ==, md5=Lc1gcFOV4+kxJRyUd8MJCw==
x-goog-generation
1666341574271278
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1800
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDOdka2E2Ole%2FIAkdBXq%2B0ZeTevWCN1LWJk1Ii9UxZ%2Bu%2BaGtOGMcrgV30bLuzEiC%2FljybaP0fbdnjzqkRvOCxwbGHDQMq19BFXqHpWMFKMG4evqjyPrSGLkpIFuoDPwla76Rs0q9Hf4DRn0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
150464
cf-ray
75dc3d8a4f7f2a81-ORD
expires
Fri, 21 Oct 2022 14:25:31 GMT
powerball-power-play-logo_0.png
s3.amazonaws.com/cdn.powerball.com/drupal/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/powerball-power-play-logo_0.png
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.229.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c0f02a3ba3b3498d9ff3243cd2185bbf9f9c961f1373b2b463dfa025c2d57c5b

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:12 GMT
Last-Modified
Tue, 28 Apr 2020 05:17:42 GMT
Server
AmazonS3
x-amz-request-id
3TKS8NXN9Y0ZVH0J
ETag
"954a0848710c5224685722e2621e667e"
Content-Type
image/png
Cache-Control
public, max-age=2419200
Accept-Ranges
bytes
Content-Length
26090
x-amz-id-2
/IZDwgFC65p6UmR5cRWSa8cBDMfi3C+bEJ6N2dwzCu5dN9M9HqpoZNZad35S+PiY/rf1ogED8Uo=
powerball-logo-alternate.png
powerball.com/themes/rapid/images/shared/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://powerball.com/themes/rapid/images/shared/powerball-logo-alternate.png
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
5111b3af3c37b8466db90632f3cdb79670a1af92835aa85a510260b52f045a71
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:28 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"b61a-5e8094bd2a900"
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46618
Expires
Fri, 04 Nov 2022 19:01:11 GMT
down-arrow-mobile.png
powerball.com/themes/rapid/images/shared/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://powerball.com/themes/rapid/images/shared/down-arrow-mobile.png
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
cbc8abcf771fbe0106242a5f0fb5c6abcee8f5e2eb295bd5099999bafe14f446
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:28 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"20b3-5e8094bd2a900"
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8371
Expires
Fri, 04 Nov 2022 19:01:11 GMT
down-arrow.png
powerball.com/themes/rapid/images/shared/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://powerball.com/themes/rapid/images/shared/down-arrow.png
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
3cde3dc0691b364cf1af3f233269802b8b4d566b962c107fc49966e839222f1e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:28 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"30b2-5e8094bd2a900"
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12466
Expires
Fri, 04 Nov 2022 19:01:11 GMT
icon%20-%20suitcase.png
s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-11/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-11/icon%20-%20suitcase.png
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.229.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
62a6c980b8be129cceb54b1c6e63cbf6be73035a0580640635096fb0df2d51ec

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:12 GMT
Last-Modified
Mon, 03 Jun 2019 18:45:42 GMT
Server
AmazonS3
x-amz-request-id
3TKMS5CM6MCENGZV
ETag
"10fafcb681743db4bdf20e94bd570fe6"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1339
x-amz-id-2
h8c0IgabpMVv7he7sRTEnN/uiyLpXnlQrkcUcshRlbahRwmTbdCg/CCjs7HmSmbDhYGa4pcRfjE=
plap-icon-how.png
powerball.com/themes/rapid/images/home/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://powerball.com/themes/rapid/images/home/plap-icon-how.png
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
51f45c89e5baf365e97a33c12bcd2a8bd365f5e156a519eb3c6db4a270ef0d1a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:28 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"23e8-5e8094bd2a900"
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9192
Expires
Fri, 04 Nov 2022 19:01:11 GMT
plap-icon-where.png
powerball.com/themes/rapid/images/home/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://powerball.com/themes/rapid/images/home/plap-icon-where.png
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
946a4a92ed1abe0bc69dabb3125912b3214b7545ef0b69abb8d531047dd326ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:28 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"7b8-5e8094bd2a900"
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1976
Expires
Fri, 04 Nov 2022 19:01:11 GMT
plap-icon-powerplay.png
powerball.com/themes/rapid/images/home/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://powerball.com/themes/rapid/images/home/plap-icon-powerplay.png
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
ffd2b669b1e9644f9c9173f577c545125cd4424a599f3c6068f57299cc2f5368
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:28 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"d39-5e8094bd2a900"
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3385
Expires
Fri, 04 Nov 2022 19:01:11 GMT
plap-icon-multidraw.png
powerball.com/themes/rapid/images/home/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://powerball.com/themes/rapid/images/home/plap-icon-multidraw.png
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
bd4c78cb4cd5c2c87a907794076f7a7f7392f9df50958389afbec8c40eb5da8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:28 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"12d1-5e8094bd2a900"
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4817
Expires
Fri, 04 Nov 2022 19:01:11 GMT
monument-smithsonian-1.png
powerball.com/themes/rapid/images/home/how-tall/ 		273 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://powerball.com/themes/rapid/images/home/how-tall/monument-smithsonian-1.png
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
b9b9103c60ef2c61de42660d6cd67a82d9816426f2b0f0c0a8fa3a1deae3538c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:28 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"111-5e8094bd2a900"
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
273
Expires
Fri, 04 Nov 2022 19:01:11 GMT
monument-liberty2.png
powerball.com/themes/rapid/images/home/how-tall/ 		927 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://powerball.com/themes/rapid/images/home/how-tall/monument-liberty2.png
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
2ae2901f146e2e0eb83648fdfc19c78aca16e1674313e164bc93c3739bba5d36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:28 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"39f-5e8094bd2a900"
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
927
Expires
Fri, 04 Nov 2022 19:01:11 GMT
monument-pyramid-3.png
powerball.com/themes/rapid/images/home/how-tall/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://powerball.com/themes/rapid/images/home/how-tall/monument-pyramid-3.png
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
52fe2f0394335dab93ffb9cac2bea65d4460b5d24cbc3861e62392194b11bfff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:28 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"980-5e8094bd2a900"
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2432
Expires
Fri, 04 Nov 2022 19:01:11 GMT
monument-bloomberg4.png
powerball.com/themes/rapid/images/home/how-tall/ 		326 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://powerball.com/themes/rapid/images/home/how-tall/monument-bloomberg4.png
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
d67eaa6e32c34eea44a3f90b36561f63181ed3d0407665e4e7dc48d54e5b266d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:28 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"146-5e8094bd2a900"
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
326
Expires
Fri, 04 Nov 2022 19:01:11 GMT
monument-eiffel-5.png
powerball.com/themes/rapid/images/home/how-tall/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://powerball.com/themes/rapid/images/home/how-tall/monument-eiffel-5.png
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
becfbf498f3cc9647d8fc8a70816cb1f3f73803a9fa293735cb9059c77854409
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:28 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"94a-5e8094bd2a900"
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2378
Expires
Fri, 04 Nov 2022 19:01:11 GMT
monument-tradecenter-6.png
powerball.com/themes/rapid/images/home/how-tall/ 		806 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://powerball.com/themes/rapid/images/home/how-tall/monument-tradecenter-6.png
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
a2ef194ebea955025ec930aaa5c9adfb4bb5169751962ef42720c95982827d76
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:28 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"326-5e8094bd2a900"
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
806
Expires
Fri, 04 Nov 2022 19:01:11 GMT
monument-burj-7.png
powerball.com/themes/rapid/images/home/how-tall/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://powerball.com/themes/rapid/images/home/how-tall/monument-burj-7.png
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
47a3d1d29044a5086d50d45f66600b612cdd16df4893eaf01571c8d2d714f42c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:28 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"609-5e8094bd2a900"
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1545
Expires
Fri, 04 Nov 2022 19:01:11 GMT
monument-sears-8.png
powerball.com/themes/rapid/images/home/how-tall/ 		619 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://powerball.com/themes/rapid/images/home/how-tall/monument-sears-8.png
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
06ef905faafedcc71b11e25d395607fb6fef70fdbdaceb87c744255c67624799
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:28 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"26b-5e8094bd2a900"
Vary
User-Agent
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
619
Expires
Fri, 04 Nov 2022 19:01:11 GMT
odds.png
s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/odds.png
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.229.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ff5e5f296b0ef16c2c0d6fbc4f47680335eac8b0a452f413e032531e9788238a

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:12 GMT
Last-Modified
Mon, 03 Jun 2019 18:45:58 GMT
Server
AmazonS3
x-amz-request-id
3TKP0TVY55ZTXM3Z
ETag
"31e28e1ff8717ae89c4787ce8930a8bc"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
20304
x-amz-id-2
e9d8ZpGJ3f0/W4kKCYEF4fHHyngRpKPq4SRH8C1zBRS1XdL0au+XJZcdSM/kAClYOO190epTryU=
payments.png
s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/payments.png
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.229.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
1b1d51840695cebf90274b527443cd64945cd9dfc5d2b785b0a772996ec588fc

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:12 GMT
Last-Modified
Mon, 03 Jun 2019 18:45:58 GMT
Server
AmazonS3
x-amz-request-id
3TKXV5D5D8BE76DZ
ETag
"7f93eb9bb1be1c208734e209e3ed1f8d"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
20330
x-amz-id-2
D19e0aIDOUCkhvX5l2/6vc6FAdUBryUvsF3tZpbQXu1EKDvGQxBZ6Qljg7CRdfDfXzs9FV7Zosc=
jquery.min.js
powerball.com/core/assets/vendor/jquery/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/assets/vendor/jquery/jquery.min.js?v=3.5.1
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:24 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"15d84-5e8094b95a000"
Vary
User-Agent
Content-Type
application/javascript
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
89476
Expires
Fri, 04 Nov 2022 19:01:11 GMT
drupalSettingsLoader.js
powerball.com/core/misc/ 		519 B
922 B 		Script
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/misc/drupalSettingsLoader.js?v=8.9.20
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
5f8f69ec521f7998af455985a8ede6d8dcf3527b43795fe3d26f1f1b57a5a554
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:24 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"207-5e8094b95a000"
Vary
User-Agent
Content-Type
application/javascript
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
519
Expires
Fri, 04 Nov 2022 19:01:11 GMT
drupal.js
powerball.com/core/misc/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/misc/drupal.js?v=8.9.20
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
990fda61c1303a87f6317b47fef824552d611209f0537bd4faaa9648d3de1363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:24 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"18a8-5e8094b95a000"
Vary
User-Agent
Content-Type
application/javascript
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6312
Expires
Fri, 04 Nov 2022 19:01:11 GMT
drupal.init.js
powerball.com/core/misc/ 		727 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://powerball.com/core/misc/drupal.init.js?v=8.9.20
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
41683e0bdfed00e74de14d86441e289271ca70b2a94c721653b9a49dc32fb24e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:24 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"2d7-5e8094b95a000"
Vary
User-Agent
Content-Type
application/javascript
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
727
Expires
Fri, 04 Nov 2022 19:01:11 GMT
google_analytics.js
powerball.com/modules/contrib/google_analytics/js/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://powerball.com/modules/contrib/google_analytics/js/google_analytics.js?v=8.9.20
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
3de8ef07decf856b076ee333a2180adc73024fdcf82fdbc6d581b8f7179a79d1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:26 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"1ab2-5e8094bb42480"
Vary
User-Agent
Content-Type
application/javascript
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6834
Expires
Fri, 04 Nov 2022 19:01:11 GMT
scripts.js
powerball.com/themes/rapid/dist/ 		72 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://powerball.com/themes/rapid/dist/scripts.js?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
e9342030137f1ca8d0dddbe9a332db2ac4f4bb9cb50b9703b8f61583dd0457dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 22:01:58 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"1215d-5e80958570180"
Vary
User-Agent
Content-Type
application/javascript
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
74077
Expires
Fri, 04 Nov 2022 19:01:11 GMT
jquery-ui.min.js
powerball.com/themes/rapid/lib/jquery-ui/ 		248 KB
248 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://powerball.com/themes/rapid/lib/jquery-ui/jquery-ui.min.js?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:28 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"3dee4-5e8094bd2a900"
Vary
User-Agent
Content-Type
application/javascript
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
253668
Expires
Fri, 04 Nov 2022 19:01:11 GMT
jquery.hoverIntent.min.js
powerball.com/themes/rapid/lib/jquery-ui/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://powerball.com/themes/rapid/lib/jquery-ui/jquery.hoverIntent.min.js?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
844723d288a84c14a3f75ff2db1463fca5b4c4c710e3cc3a111624ed959665d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:28 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"8c4-5e8094bd2a900"
Vary
User-Agent
Content-Type
application/javascript
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2244
Expires
Fri, 04 Nov 2022 19:01:11 GMT
smart.resize.js
powerball.com/themes/rapid/lib/jquery-ui/ 		857 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://powerball.com/themes/rapid/lib/jquery-ui/smart.resize.js?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
23512f106a2d642d35db190fecc14b74fc2941fd95927c74071883b4664bd6cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:28 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"359-5e8094bd2a900"
Vary
User-Agent
Content-Type
application/javascript
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
857
Expires
Fri, 04 Nov 2022 19:01:11 GMT
moment.min.js
powerball.com/themes/rapid/lib/jquery-ui/ 		50 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://powerball.com/themes/rapid/lib/jquery-ui/moment.min.js?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
bdc2be5cffa8dfcb206f5e79231707fabd9a995620e6238096745ad2dc8e19ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:28 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"c994-5e8094bd2a900"
Vary
User-Agent
Content-Type
application/javascript
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51604
Expires
Fri, 04 Nov 2022 19:01:11 GMT
jquery.rwdImageMaps.min.js
powerball.com/themes/rapid/lib/jquery-ui/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://powerball.com/themes/rapid/lib/jquery-ui/jquery.rwdImageMaps.min.js?rhggnd
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
d74c2d14fc5dd9057abed6a1f6ec2a2530c0a7141b756445958a9e371bd7aadd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Sep 2022 21:58:28 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"460-5e8094bd2a900"
Vary
User-Agent
Content-Type
application/javascript
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1120
Expires
Fri, 04 Nov 2022 19:01:11 GMT
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 21 Oct 2022 19:01:11 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://powerball.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 21 Oct 2022 19:01:11 GMT
server
nginx/1.21.6
via
1.1 google
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 21 Oct 2022 18:34:58 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1573
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 21 Oct 2022 20:34:58 GMT
header-rep.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/header-rep.jpg
Requested by
Host: powerball.com
URL: http://powerball.com/themes/rapid/dist/style.css?rhggnd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.229.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
cd9c139673051af705b80d8eb599aa53d534b8d51674f0f8d4dea65a449e51e2

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:12 GMT
Last-Modified
Mon, 03 Jun 2019 18:42:36 GMT
Server
AmazonS3
x-amz-request-id
3TKZ76F45BD3A0VH
ETag
"0e973dffc15bf2796e8b24b0a1dead33"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
3922
x-amz-id-2
AjgP4H8NWuxmRd0vFI2l2+M+NM2vU1vIrZNbmjlVKiB5nFuZcCjIBlBoHL1Q5BKnaCkAVZVhizQ=
ProximaNova-Regular.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Regular/ 		0
0
ionicons.ttf
code.ionicframework.com/ionicons/2.0.1/fonts/ 		184 KB
109 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://code.ionicframework.com/ionicons/2.0.1/fonts/ionicons.ttf?v=2.0.1
Requested by
Host: code.ionicframework.com
URL: http://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Protocol
HTTP/1.1
Server
2606:4700:20::681a:7ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2

Request headers

Referer
http://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Origin
http://powerball.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

X-Fastly-Request-ID
97119437679e73f9f789d139249afde67d5d81da
Date
Fri, 21 Oct 2022 19:01:11 GMT
Content-Encoding
gzip
Via
1.1 varnish
X-Cache-Hits
3
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
71366
X-Cache
HIT
x-proxy-cache
MISS
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
110019
X-Served-By
cache-chi-klot8100121-CHI
Last-Modified
Tue, 28 Jun 2022 16:06:13 GMT
Server
cloudflare
X-GitHub-Request-Id
0801:1F2C:109CC:1719C:634F7F8C
X-Timer
S1666307506.758579,VS0,VE1
ETag
W/"62bb26f5-2e05c"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZidI71BR390JAobT9Y9Y4oWgpeqhSIgwVv%2B0TvY44DoLPffyWye7Q1OTaNelgk6cVCgc3A1Qyyi44TV1%2BMCu6F78morTfBobyA7l6XCDEAEvIoqnlSXnIbeNNwi7LUped6x8sCtkjNGXYZrdISFJlLwLQU5%2F"}],"group":"cf-nel","max_age":604800}
Content-Type
font/ttf
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
CF-RAY
75dc3d89ed6c62ab-ORD
expires
Wed, 19 Oct 2022 04:49:40 GMT
ProximaNova-Bold.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Bold/ 		0
0
beach-couple.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/beach-couple.jpg
Requested by
Host: powerball.com
URL: http://powerball.com/themes/rapid/dist/style.css?rhggnd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.229.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
821e02b7009ed37828e3acf4c71ae2f7949acd106935854e5e668d75c07e8d37

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:12 GMT
Last-Modified
Tue, 28 Apr 2020 04:52:42 GMT
Server
AmazonS3
x-amz-request-id
3TKQE5BR2879PPC6
ETag
"16fdf0e0990ae659f8dad6eb3183738d"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
108307
x-amz-id-2
poocHlFY5ObLX37/xXIsthRzYlFgfOEZotFHgV97f1mFEiWyDJpnOrGLg2wwXcEKzi9UtCteQNI=
chapter-sections-digits.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 		134 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/chapter-sections-digits.png
Requested by
Host: powerball.com
URL: http://powerball.com/themes/rapid/dist/style.css?rhggnd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.229.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
03bdd68a1e549bf59bc419d1842bec52628885efc75ed8a58a7d1f7671d6c4d7

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:12 GMT
Last-Modified
Mon, 03 Jun 2019 18:42:35 GMT
Server
AmazonS3
x-amz-request-id
3TKG5H59VSX058FR
ETag
"463652a321bd08768e5436662ab77a65"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
137704
x-amz-id-2
5Mf7mrJKiRcsZQDuyH7ZUAAiIFQBx5+NAE0uHtj/wXTEttEpjpXYgR8LgK2WJyGcs87Q2A0mwFs=
chapter-icon-digits.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/chapter-icon-digits.png
Requested by
Host: powerball.com
URL: http://powerball.com/themes/rapid/dist/style.css?rhggnd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.229.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
325cee8a45b452b68fe28fb92173f63a7f19967dbe3bf794bf4e3211772150c9

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:12 GMT
Last-Modified
Mon, 03 Jun 2019 18:42:34 GMT
Server
AmazonS3
x-amz-request-id
3TKS0N2T66THPGN1
ETag
"941ef7347e719b3dd272745a601be5ca"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4711
x-amz-id-2
kqyQra4i+8hXNkEm1P6MPPUQ79Hy8NQZVac2IBJ7M+1tQzN6A9xPt31mviAFUDjf2XY6pTnNR04=
selected-tab.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 		358 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/selected-tab.png
Requested by
Host: powerball.com
URL: http://powerball.com/themes/rapid/dist/style.css?rhggnd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.229.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
60d9368fc1deb5a275b3786195a53ef1272fc24b05a313aa52b1bfcc0a0356a3

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:12 GMT
Last-Modified
Mon, 03 Jun 2019 18:42:37 GMT
Server
AmazonS3
x-amz-request-id
3TKQ10Z3WQ2H40S0
ETag
"a534365977f2b2e499d219861587f18f"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
358
x-amz-id-2
raizN63m59iEpRSRCwXaVIwQk1rzXBH4WOQ6z51kIUB2OyjkEo9BUzOeOVCoxqAI9NCDwqiYOOw=
ball-powerball-red.svg
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/home/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/home/ball-powerball-red.svg
Requested by
Host: powerball.com
URL: http://powerball.com/themes/rapid/dist/style.css?rhggnd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.229.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
9b0e415f742585b82139fb7076506657dde225088247e2ac0fba6f88a3d19588

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:12 GMT
Last-Modified
Mon, 03 Jun 2019 18:42:32 GMT
Server
AmazonS3
x-amz-request-id
3TKGVEXK0CSCDEJN
ETag
"b51736b050323703cfdd1b2dea37359b"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1539
x-amz-id-2
NC2u8Nk0qmFcp/yGGBkG9V34jorrrwvAbv814/F1Hh0BmT8YKjT5UIOKz92XjG5NeMphIjGdB+I=
chapter-sections-plap.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/chapter-sections-plap.png
Requested by
Host: powerball.com
URL: http://powerball.com/themes/rapid/dist/style.css?rhggnd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.229.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d134107061dcfaad34af3db635f5ca3b3e368bdeeada543ac4b2b6e183c6ecb8

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:12 GMT
Last-Modified
Mon, 03 Jun 2019 18:42:35 GMT
Server
AmazonS3
x-amz-request-id
3TKSD50DFEQVPF26
ETag
"919037d9f382c51cc1f7a8315a0fba30"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
130339
x-amz-id-2
XRINO9PbSpv6PkQdG9nris/zSV07xR/Iykl+kz52BRINnVh+Ot5+hXleI4J/pAH38eHIvXUk70U=
chapter-icon-plap.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/chapter-icon-plap.png
Requested by
Host: powerball.com
URL: http://powerball.com/themes/rapid/dist/style.css?rhggnd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.229.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b5abf5b778d2b365d80d73fe19360dc9d79b037de4533335716e3a10cb02a19e

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:12 GMT
Last-Modified
Mon, 03 Jun 2019 18:42:34 GMT
Server
AmazonS3
x-amz-request-id
3TKKJWAMVNV8M395
ETag
"dbf5cfdb8c71d88c4763528d7d7746d8"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2674
x-amz-id-2
zXOjYV/Xw8TFX24KDJlqTgSlBBl9uDDfPui6DKTjeSWUG1fBfLsJfTq6+J7Owzkg5O3UGCm9HK0=
how-tall-desktop_0.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/how-tall-desktop_0.jpg
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.229.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
77e253f505244807bb3b20519289552308191f98fee3bf62a5ed216ef0027bbf

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:12 GMT
Last-Modified
Mon, 03 Jun 2019 18:45:54 GMT
Server
AmazonS3
x-amz-request-id
3TKX7JS15G16BJY5
ETag
"d94fd880ae887e896b75c3a3992f6572"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
9768
x-amz-id-2
T+55LvNxtPMjkZt71xiYie5Rd2K0qWy56vuKaCjdPkDC7UYopdI1NJN6X1Vw4RzCOLB1yU0wuR4=
ProximaNova-Light.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Light/ 		0
0
ProximaNova-Semibold.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Semibold/ 		0
0
ProximaNova-Extrabld.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Extrabld/ 		0
0
ProximaNova-RegularIt.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-RegularIt/ 		0
0
ProximaNova-Regular.woff2
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Regular/ 		0
0
ProximaNova-Bold.woff2
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Bold/ 		0
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=145959604&t=pageview&_s=1&dl=http%3A%2F%2Fpowerball.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Powerball&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=512826553&gjid=2096691413&cid=389171685.1666378872&tid=UA-29233419-1&_gid=1182684046.1666378872&_r=1&gtm=2ouaj0&did=dMDhkMT&gdid=dMDhkMT&npa=1&z=1111980816
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://powerball.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2foxK_pUxmcFi5FJtzZvkmOVEiJreXaBvpp5IXp-ZcDLid57aookQe3c
cumbersomecarpenter.com/ 		92 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cumbersomecarpenter.com/v2foxK_pUxmcFi5FJtzZvkmOVEiJreXaBvpp5IXp-ZcDLid57aookQe3c
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
79aec2becba3498299ce3679f16df2629fd562f0a6e14d8d488eb1b36fd750a3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Fri, 21 Oct 2022 19:01:11 GMT
x-datacenter
gce-us-central1
etag
"fd9319ce6db89d5061b23089a79d6af890fb1897d7103090fdbc4d38e02c1148"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-central1-q67z
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
673376020
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
init
d.pub.network/v2/ 		45 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/init?siteId=2169&env=PROD
Requested by
Host: a.pub.network
URL: https://a.pub.network/powerball-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
cb0e164268c37fa34afe2281e68c023cd3645ffc16012152990caecda0b7b3b9

Request headers

Accept
application/json, text/plain, */*
Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:11 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ProximaNova-Semibold.woff2
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Semibold/ 		0
0
ProximaNova-Light.woff2
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Light/ 		0
0
ProximaNova-RegularIt.woff2
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-RegularIt/ 		0
0
ProximaNova-Extrabld.woff2
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Extrabld/ 		0
0
ProximaNova-Regular.ttf
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Regular/ 		0
0
ProximaNova-Bold.ttf
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Bold/ 		0
0
recent
powerball.com/api/v1/numbers/powerball/ 		301 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://powerball.com/api/v1/numbers/powerball/recent?_format=json
Requested by
Host: powerball.com
URL: http://powerball.com/core/assets/vendor/jquery/jquery.min.js?v=3.5.1
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
57be6802e8fc0410b7fbef1465874b00ca5e5578ab6909289abe07e323bad786
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
http://powerball.com/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-Drupal-Dynamic-Cache
MISS
Connection
keep-alive
X-UA-Compatible
IE=edge
Last-Modified
Fri, 21 Oct 2022 17:03:15 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"1666371795"
X-Frame-Options
SAMEORIGIN
Vary
Cookie,Accept-Encoding,User-Agent
Content-Type
application/json
Content-language
en
X-Generator
Drupal 8 (https://www.drupal.org)
Cache-Control
max-age=86400, public
X-Drupal-Cache
HIT
Expires
Sun, 19 Nov 1978 05:00:00 GMT
powerball
powerball.com/api/v1/estimates/ 		162 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://powerball.com/api/v1/estimates/powerball?_format=json
Requested by
Host: powerball.com
URL: http://powerball.com/core/assets/vendor/jquery/jquery.min.js?v=3.5.1
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
a9d5ba4b6b9b759abf83dbe2564735e9d20732b9e5dca62bd01cfce069abaf6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
http://powerball.com/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-Drupal-Dynamic-Cache
MISS
Connection
keep-alive
X-UA-Compatible
IE=edge
Last-Modified
Fri, 21 Oct 2022 17:03:08 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"1666371788"
X-Frame-Options
SAMEORIGIN
Vary
Cookie,Accept-Encoding,User-Agent
Content-Type
application/json
Content-language
en
X-Generator
Drupal 8 (https://www.drupal.org)
Cache-Control
max-age=86400, public
X-Drupal-Cache
HIT
Expires
Sun, 19 Nov 1978 05:00:00 GMT
recent10
powerball.com/api/v1/numbers/powerball/ 		1001 B
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://powerball.com/api/v1/numbers/powerball/recent10?_format=json
Requested by
Host: powerball.com
URL: http://powerball.com/core/assets/vendor/jquery/jquery.min.js?v=3.5.1
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
60b9427bcf69f5666b537cc06b5b8784e8542dc84f9c30d366e9707148c7f2cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
http://powerball.com/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-Drupal-Dynamic-Cache
MISS
Connection
keep-alive
X-UA-Compatible
IE=edge
Last-Modified
Fri, 21 Oct 2022 17:03:12 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"1666371792"
X-Frame-Options
SAMEORIGIN
Vary
Cookie,Accept-Encoding,User-Agent
Content-Type
application/json
Content-language
en
X-Generator
Drupal 8 (https://www.drupal.org)
Cache-Control
max-age=86400, public
X-Drupal-Cache
HIT
Expires
Sun, 19 Nov 1978 05:00:00 GMT
powerball-hero-concept3_desktop_full.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2020-04/ 		334 KB
334 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2020-04/powerball-hero-concept3_desktop_full.jpg
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.229.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e6e69ae9133bcc7f46c03b0b6608b525ed2cf440c9a218649f9525368093836a

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:12 GMT
Last-Modified
Tue, 28 Apr 2020 03:58:01 GMT
Server
AmazonS3
x-amz-request-id
3TKTN2TYATAC4PGV
ETag
"6bc941bff6153e985cccf26af80a4414"
Content-Type
image/jpeg
Cache-Control
public, max-age=2419200
Accept-Ranges
bytes
Content-Length
341523
x-amz-id-2
nLfMPmOykdFMb3BsgNfKVd2AUobPPum8pHpC+U9HL/6NcIL2HN8ly5m68tpJGl+rp6tFpHo3IB0=
/
powerball.com/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://powerball.com/
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-Drupal-Dynamic-Cache
MISS
Connection
keep-alive
X-UA-Compatible
IE=edge
Last-Modified
Fri, 21 Oct 2022 15:42:43 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"1666366963"
X-Frame-Options
SAMEORIGIN
Vary
Cookie,Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Content-language
en
X-Generator
Drupal 8 (https://www.drupal.org)
Cache-Control
max-age=86400, public
Link
<http://powerball.com/>; rel="canonical", <http://powerball.com/>; rel="shortlink", <http://powerball.com/games/home>; rel="alternate"; hreflang="en", <http://powerball.com/es/games/home>; rel="alternate"; hreflang="es", <http://powerball.com/games/home>; rel="revision"
X-Drupal-Cache
HIT
Expires
Sun, 19 Nov 1978 05:00:00 GMT
New-Monday-Drawing-Slider_PERM_PC_0.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2021-08/ 		218 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2021-08/New-Monday-Drawing-Slider_PERM_PC_0.jpg
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.229.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b78572d6e55b45054a090026984daf46b05a13ce30e447ce9a5b7c69770cb632

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:12 GMT
Last-Modified
Mon, 23 Aug 2021 17:46:48 GMT
Server
AmazonS3
x-amz-request-id
3TKQ4GT17JWQ0WPE
ETag
"ce0493bc33c05635810b496c23c732f9"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
223735
x-amz-id-2
Xwo+nuuV0eVYXaS0S2ykQDNVYwXoiJNl+C1MFo7cK6cSLDalxGfUs3EdPCZ68T7XJaF2gnJHv90=
Powerball%20Hero%202020%20Live_PC-revised-MWS.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2021-08/ 		550 KB
550 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2021-08/Powerball%20Hero%202020%20Live_PC-revised-MWS.jpg
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.229.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f305db2d4af7b28e5a52e4d3bb69b5cf0d232ac3c741743941621f6bccccce31

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:12 GMT
Last-Modified
Mon, 23 Aug 2021 17:36:35 GMT
Server
AmazonS3
x-amz-request-id
3TKRXZWXV3HPNH2G
ETag
"36c777b0ddf79f6010d50d2755b5b5d0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
563090
x-amz-id-2
w+GD/X7E7OHT9O0nzBIWMuzZwmn4DqR+m1rJXqIDzWoXnWo1EIyXCwzoaNoz0IsREeYbUnm3M1w=
divider-img-home-9ways.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2018-01/ 		486 KB
486 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2018-01/divider-img-home-9ways.jpg
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.229.224 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b758f60ab7ad38a56bdff71e6464b146312ea575f56ab7f6b05ed7f157f5bc48

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:12 GMT
Last-Modified
Mon, 03 Jun 2019 18:46:23 GMT
Server
AmazonS3
x-amz-request-id
3TKSTY3R7RCYM043
ETag
"02dfd34fecf8640a24d1123ca8a81313"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
497334
x-amz-id-2
bmxN/b7YSrSSBn7Fx4Yw0YFmHNVCGKXSuamstPdXPesJsDn1yPZ/Mz0FQeLjyCu5Xk8XEe45IvU=
powerball
powerball.com/api/v1/estimates/ 		162 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://powerball.com/api/v1/estimates/powerball?_format=json
Requested by
Host: powerball.com
URL: http://powerball.com/core/assets/vendor/jquery/jquery.min.js?v=3.5.1
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
a9d5ba4b6b9b759abf83dbe2564735e9d20732b9e5dca62bd01cfce069abaf6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
http://powerball.com/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-Drupal-Dynamic-Cache
MISS
Connection
keep-alive
X-UA-Compatible
IE=edge
Last-Modified
Fri, 21 Oct 2022 17:03:08 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"1666371788"
X-Frame-Options
SAMEORIGIN
Vary
Cookie,Accept-Encoding,User-Agent
Content-Type
application/json
Content-language
en
X-Generator
Drupal 8 (https://www.drupal.org)
Cache-Control
max-age=86400, public
X-Drupal-Cache
HIT
Expires
Sun, 19 Nov 1978 05:00:00 GMT
GetWinners
muslapi.musl.com/GameService.svc/ 		746 B
975 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://muslapi.musl.com/GameService.svc/GetWinners?gamename=Powerball
Requested by
Host: powerball.com
URL: http://powerball.com/core/assets/vendor/jquery/jquery.min.js?v=3.5.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.219.254.16 , United States, ASN63214 (MUSL-RANGE1, US),
Reverse DNS
muslapi.musl.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
804261af2337d18a1348987292f1f626ed774ea72261c2d088c65160559df8ce

Request headers

Accept
*/*
Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:10 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
http://powerball.com
cache-control
NO-CACHE
content-length
746
powerball
powerball.com/api/v1/draw-summary/ 		181 B
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://powerball.com/api/v1/draw-summary/powerball?_format=json
Requested by
Host: powerball.com
URL: http://powerball.com/core/assets/vendor/jquery/jquery.min.js?v=3.5.1
Protocol
HTTP/1.1
Server
50.17.150.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-150-80.compute-1.amazonaws.com
Software
Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash
61a283a16ba69a9245d9b575311dd13bc28c7be3db4fd5c7c4e351ae80723a32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
http://powerball.com/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-Drupal-Dynamic-Cache
UNCACHEABLE
Connection
keep-alive
X-UA-Compatible
IE=edge
Last-Modified
Fri, 21 Oct 2022 17:03:08 GMT
Server
Apache/2.4.54 () OpenSSL/1.0.2k-fips
ETag
"1666371788"
X-Frame-Options
SAMEORIGIN
Vary
Cookie,Accept-Encoding,User-Agent
Content-Type
application/json
Content-language
en
X-Generator
Drupal 8 (https://www.drupal.org)
Cache-Control
max-age=86400, public
X-Drupal-Cache
HIT
Expires
Sun, 19 Nov 1978 05:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-29233419-1&cid=389171685.1666378872&jid=512826553&gjid=2096691413&_gid=1182684046.1666378872&npa=1&_u=YGBACUAABAAAACAAI~&z=1440786286
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 21 Oct 2022 19:01:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://powerball.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-108.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 22:43:02 GMT
content-encoding
gzip
via
1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
73090
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
UM6Y9r3I8gndfh45x72WqO6MX3ri4v-V4nGjN-uwBzXKhDJKbjb9fw==
pubfig.engine.4.34.0.049f1a3641f8329ad530a2107f33a59077a0d32e.js
a.pub.network/core/pubfig/ 		432 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.engine.4.34.0.049f1a3641f8329ad530a2107f33a59077a0d32e.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34938611aa593d7357f75d444a5027fe71a2850f752af7692b17a49dd2cd1f3e

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16605
x-guploader-uploadid
ADPycds-bPDld0ykqVnYkRW8skCbiUtqJF9LonxFI-ONy7WlKBv7Df0IFMD4lVm9UJnF8V0DfH8CVepgdUV8kPfw2cRDZ2nD0Edd
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 20 Oct 2022 20:52:53 GMT
server
cloudflare
etag
W/"fd52cb449846eb604f6b18c7830fc2f7"
vary
Accept-Encoding
x-goog-generation
1666299173510718
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=zg2hSA==, md5=/VLLRJhG62BPaxjHgw/C9w==
access-control-expose-headers
*
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=StzodgFRHobRiR%2BHERqfRlcqYrTc4b9mM7swNVcbTb1pUxk3Psum%2BQPObj%2BiL%2BivqNiOYQno8je4ulYKT%2F6V4eIyu96CcLgal93Sb3pKicG4obSFvJ9E1DNQv%2FpYrFjmd%2B7gb7EKK7CAb1I%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
442530
access-control-allow-origin
*
cf-ray
75dc3d8d8cd92a81-ORD
expires
Fri, 21 Oct 2022 15:24:26 GMT
ProximaNova-Light.ttf
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Light/ 		0
0
ProximaNova-Semibold.ttf
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Semibold/ 		0
0
ProximaNova-Extrabld.ttf
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Extrabld/ 		0
0
ProximaNova-RegularIt.ttf
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-RegularIt/ 		0
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,300i,700|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Protocol
HTTP/1.1
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://powerball.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 18 Oct 2022 00:35:17 GMT
X-Content-Type-Options
nosniff
Age
325554
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
44856
X-XSS-Protection
0
Last-Modified
Mon, 15 Aug 2022 18:20:18 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Wed, 18 Oct 2023 00:35:17 GMT
skeleton.js
static.adsafeprotected.com/ 		17 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:7e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 10:04:46 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 cf549a03d4f209dc2ee52d1dd6cb3730.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
4352187
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
qgNwus6f-rBA8tKe49eoC_r9JlkHYAdHMApLGY-mo6JpnEQjrgZu7A==
config.js
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/ 		112 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
545db9cce08fa6f5f7fca8de17444a357af03c31469c3d3efb3b3d878b89594f

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 21 Oct 2022 18:13:42 GMT
server
cloudflare
x-amz-request-id
JRH8T02G4MGCBTR7
age
887
etag
W/"f0bc58c895a570273b676ef287280b08"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
75dc3d8f8a4486d2-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
D4Qljoij7qLzy5O/57xN2lKz3o6/Ji+bqsqsluxJd2fRxrv9l3FfiYfhZ64XQIdAT6uHP2jvcjw=
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
HTTP/1.1
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c18a60649d496b8a21eb882f80b4a926b91ca7745a88cf700e6332a8c1beacbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:12 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1371 / 747 of 1000 / last-modified: 1666350292"
Vary
Accept-Encoding
Report-To
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
27379
X-XSS-Protection
0
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="ads-gpt-scs"
Expires
Fri, 21 Oct 2022 19:01:12 GMT
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
868 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H2
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c252f945137c12bdc19b58c9147a3fd9642f4fec2ca5f470abc97c3801de4de5

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:12 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 21 Oct 2022 18:46:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
755
etag
W/"519ed5d622cadbf2602d96a639d2db97"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eStttYyBSZCT50hM7rtoSkyXncGrKYN7vOnzsSI9ZcMVQWeXwGpPnqgrUYbgRJ0AI6SoAwIzXDveI85ZcQ53JEkCUj8E%2BZjzdfcxto3uJx8RJDv3gsi%2B9ZQAgO9xX2w9v6dzFC5XQJsT2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray
75dc3d90293062e2-ORD

Redirect headers

date
Fri, 21 Oct 2022 19:01:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FY9I2oDLaGYr69lUtUTlGq2H4z4%2FoREV1ix5WFvtnbNT2Ws7EGsrfnASWbFbeCG1nJaeW0yPLXnqPyGLOpEqU2dvN5PZdLOKJb2wcA05v5WeOH11IIe9yRMmjWU6POgrQ2EVevp0gPq8N3yKUkjBLwPHsCRCP1OVCgcZIA%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
75dc3d8f8ce2871a-ORD
expires
Fri, 21 Oct 2022 20:01:12 GMT
184310-82987131453484.js
js-sec.indexww.com/ht/p/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://js-sec.indexww.com/ht/p/184310-82987131453484.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
HTTP/1.1
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c8a8f4d7fc689c26598752a7d8413962509ec55d6f906f49380c653c3a90e54

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:12 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
614
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Edge-Control
cache-maxage=1h
Connection
keep-alive
Last-Modified
Fri, 21 Oct 2022 18:50:22 GMT
Server
cloudflare
ETag
W/"90575a-8ed4-5eb8fea03fb5a"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=14400
CF-Ray
75dc3d8f5d682da2-ORD
Expires
Fri, 21 Oct 2022 23:01:12 GMT
prebid-analytics-6.19.13.js
a.pub.network/core/ 		533 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-6.19.13.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70fbc2bab5280ce8aa1b20c58a0df76cfaff01701e7f99f5216a986714955f5d

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16609
x-guploader-uploadid
ADPycdvQr_Ug001bh48CSms6ZnPRAVQUCmSnfJFvHognEqr4sifHrrte47wFtJqQn1a2vESGG5wbAnKUi_dUaJIPb1nOuMEp5Mvd
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Tue, 28 Jun 2022 15:25:08 GMT
server
cloudflare
etag
W/"b8b371d9c59a412918c1649c4ab4fa8f"
vary
Accept-Encoding
x-goog-generation
1656429908313193
content-type
text/html
access-control-allow-origin
*
x-goog-hash
crc32c=xBWN/w==, md5=uLNx2cWaQSkYwWScSrT6jw==
content-language
en
access-control-expose-headers
*
cache-control
private, max-age=86400
x-goog-stored-content-length
545828
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxHvOLq%2FNBO6CPFdGgUTkXp1rLMyB6wVSfULgDShY6v0ghPVWrRj%2FtCYB63ViWPM%2FoT1ogFzP%2FTlxv1J7TxwVGglkpcSdZhiTkQDd5mk3ZGs08Q5iyZ5hxFuEdTdv9jDfjL%2BdKGLiROaSX8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
75dc3d8f4fae2a81-ORD
expires
Sat, 21 Oct 2023 14:24:23 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1666378872259&ns_c=UTF-8&c7=http%3A%2F%2Fpowerball.com%2F&c8=Home%20%7C%20Powerball&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1666378872259&ns_c=UTF-8&c7=http%3A%2F%2Fpowerball.com%2F&c8=Home%20%7C%20Powerball&c9=
0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1666378872259&ns_c=UTF-8&c7=http%3A%2F%2Fpowerball.com%2F&c8=Home%20%7C%20Powerball&c9=
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H2
Server
108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-108.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:12 GMT
via
1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
x-amz-cf-id
PCczIBIRHKIbdoPZ3MAcQJICRyx8tbtxzpQvO3K_tMT8u_cgEyNOxQ==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=23384447&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1666378872259&ns_c=UTF-8&c7=http%3A%2F%2Fpowerball.com%2F&c8=Home%20%7C%20Powerball&c9=
date
Fri, 21 Oct 2022 19:01:12 GMT
via
1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
content-length
0
x-amz-cf-id
wHdOX6Rk4zPVs39HX1Wdqpn8kps9tFi8Yn_6eq2AEUzMD_rNUrdqxA==
x-cache
Miss from cloudfront
headerstats
as-sec.casalemedia.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=222024&u=http%3A%2F%2Fpowerball.com%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: http://js-sec.indexww.com/ht/p/184310-82987131453484.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:12 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
http://powerball.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75dc3d902f5c295c-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
v2tulHeW9i-dsbDbB2a5cJF02iPAyD6jbA7l0v1MRKfYtUTpFYjuhrVwr4cOsy6L_Oyzki_4aNg
cumbersomecarpenter.com/ 		189 B
216 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cumbersomecarpenter.com/v2tulHeW9i-dsbDbB2a5cJF02iPAyD6jbA7l0v1MRKfYtUTpFYjuhrVwr4cOsy6L_Oyzki_4aNg
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
3cf9c77e85214d4a786d5f7ee18436b972eee1c1261a2cd36ef30c5c149139f8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 21 Oct 2022 19:01:12 GMT
via
1.1 google
x-buildnumber
673376020
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
189
x-datacenter
gce-us-central1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
http://powerball.com
x-hostname
fen-hoothoot-us-central1-q67z
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 21 Oct 2022 19:01:11 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202210171204/ 		212 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.confiant-integrations.net/gptprebidnative/202210171204/wrap.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
HTTP/1.1
Server
2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e095f4fbb86c7318a76ae06340cfd812a5247ea02b416ed57933365d67648df7

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:12 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
x-amz-request-id
C6TENNZC5HDFCVTK
Age
350929
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
69140
x-amz-id-2
1ppfKC3uVQAeDT35XY8ijNsgRKcVos950qYtPaqRB/VSd37wnKRZu42fYfhlNDUYgrgXngLnpho=
Last-Modified
Mon, 17 Oct 2022 16:14:48 GMT
Server
cloudflare
ETag
"a7af60ecf4cf095070eed6b7b3e4664d"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
75dc3d906f398737-ORD
pubads_impl_2022101801.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1decf50a161fc7830e2f819b3ddf4657f8e95b1a931bbb8758b245e5771136d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 16:04:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
269804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130840
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 08:35:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Oct 2023 16:04:28 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		137 B
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=powerball.com
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b065bc8931869f245786b8f36265a2869c05699108fdbf94f86834f9c13fa8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101
x-xss-protection
0
expires
Fri, 21 Oct 2022 19:01:12 GMT
v2ruoBcBAQBJH7L2BUMaVZMF3kDSslG-XdCBX4eiHxMspUzALGA_9TAhIzb7nBhuCtMTOwBe3wg
cumbersomecarpenter.com/ 		3 B
27 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cumbersomecarpenter.com/v2ruoBcBAQBJH7L2BUMaVZMF3kDSslG-XdCBX4eiHxMspUzALGA_9TAhIzb7nBhuCtMTOwBe3wg
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:328a::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 21 Oct 2022 19:01:12 GMT
via
1.1 google
x-buildnumber
673376020
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-us-central1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
http://powerball.com
x-hostname
fen-hoothoot-us-central1-q67z
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
px.gif
ad-delivery.net/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1276699
x-guploader-uploadid
ADPycdsDtmUE36TiIr9KyA6ld2UIOjX7LtZ5WGAim_s4msd8TSmCvVUhfRJQWWV1FgFD40WH2KeobtbHkocNLDcYqJ2O37ReeCLi
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZrfA2SYomyNmxeDWvZcL6aXWQlQ%2BCZcjrF0cxKtOWD1Ez9nPIcENVSwcem2fIvz3plFP1fNqtn79MeBY12lyEdaNE54UJpCilGp54eveu0vHBqZhCIGa2xW%2BFq%2FmileLUfdCQiwcR84Q78CcCw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
75dc3d91dcdc2a99-ORD
expires
Sat, 22 Oct 2022 19:01:12 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.230 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 19:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85857
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Oct 2022 19:10:15 GMT
px.gif
ad-delivery.net/ 		43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.9489502655313347
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1276699
x-guploader-uploadid
ADPycdsDtmUE36TiIr9KyA6ld2UIOjX7LtZ5WGAim_s4msd8TSmCvVUhfRJQWWV1FgFD40WH2KeobtbHkocNLDcYqJ2O37ReeCLi
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wxqWVWjTj2JKPWg4%2F7NXKAMYj7Qj22r%2FKEhIC0yA9bShgPb%2F2olYEojebjn9B9fJtlKKx%2BzTkwcbmeY3W%2BhovRvInBUDtFDBR%2F0Z7m%2FjEAwhxa4loMLLt1u6QRZNUMgnh%2Fser925xONftD82qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
75dc3d91dcdf2a99-ORD
expires
Sat, 22 Oct 2022 19:01:12 GMT
floors
api.floors.dev/sgw/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.238.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
208.238.227.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
http://powerball.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
http://powerball.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Fri, 21 Oct 2022 19:01:12 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
floors
api.floors.dev/sgw/v1/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.238.208 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
208.238.227.35.bc.googleusercontent.com
Software
/
Resource Hash
5b5f77fe91a7939b0a82ff00bafcdaaef36650383cba80aab208b8366f846540
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:13 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
http://powerball.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
pv
api.btloader.com/ 		0
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=lH8wUuzAh&w=5746431636799488&o=5714937848528896&cv=2.0.10-11-g48983ca&r=false&vr=1600x1200&pageURL=http%3A%2F%2Fpowerball.com%2F&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 21 Oct 2022 19:01:12 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
pubfig.messaging.2.34.0.049f1a3641f8329ad530a2107f33a59077a0d32e.js
a.pub.network/core/pubfig/ 		211 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/pubfig.messaging.2.34.0.049f1a3641f8329ad530a2107f33a59077a0d32e.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
354c7c31ccc820ab64e828cb4da4b90a48c3366254788fe5f87d40384b229980

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16605
x-guploader-uploadid
ADPycdteIr5e1HTMkqiJky7NlYlFhc7SOdWfF_dzS6SnvoHbSwvbSLLOzIUlMQBiRzmf9EjiEifdtFjrzOnb5v7SiTfikxlVR5fO
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 20 Oct 2022 20:52:57 GMT
server
cloudflare
etag
W/"eda8bec819401cdf3031409a158b1fd7"
vary
Accept-Encoding
x-goog-generation
1666299177613602
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=H/VOMg==, md5=7ai+yBlAHN8wMUCaFYsf1w==
access-control-expose-headers
*
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lIl2wUOPLfpFwMgOQnJ%2Bh%2B3FxgEoDM4pmmq38HqsBF0SyRZxPfOA6nKTRPpviRm7gNKKe8YW6xVqcsO85hPTh852%2FMYD7bHIQSp3pg8nit9y%2Fiu8RKUHBk5OWvSUD3odI%2Fxu6%2FpKuYCRsgs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
216534
access-control-allow-origin
*
cf-ray
75dc3d9589602a81-ORD
expires
Fri, 21 Oct 2022 15:24:28 GMT
c
c.pub.network/ 		36 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.34.0.049f1a3641f8329ad530a2107f33a59077a0d32e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
048f874e94895a241be04b856561141875dfbaccecb9d17194636e4e76e35d46

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
apstag.js
c.amazon-adsystem.com/aax2/ 		177 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
HTTP/1.1
Server
143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-76.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f59ff797b78853b110b03a4f27bac47a6d31faa53e47d55a56e3725d013f0d83

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 18:41:20 GMT
Content-Encoding
gzip
Via
1.1 2c0478fce3b7f4f5348678901d1bf60a.cloudfront.net (CloudFront), 1.1 833189e24f3e31812a47b595ff310a14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD89-P2, EWR52-C2
Age
1194
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 20 Oct 2022 16:04:04 GMT
Server
AmazonS3
ETag
W/"b13d25523ad505c18e73c78358e50098"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
X-Amz-Cf-Id
W2SzUY1FM1jzZjb2Ku56n67bSDZHf6gSjuogfk0pnllqRCAL2qZ2Qw==
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
http://powerball.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
http://powerball.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
http://powerball.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
http://powerball.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
http://powerball.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
http://powerball.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
http://powerball.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
http://powerball.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
http://powerball.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
http://powerball.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
http://powerball.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
http://powerball.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
http://powerball.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
http://powerball.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
http://powerball.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
http://powerball.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
content-encoding
gzip
etag
"cbFpuah7ilcpMTJLYeCgng=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 28 Oct 2022 19:01:13 GMT
cookie_sync
s2s.t13.io/ 		2 KB
783 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/cookie_sync
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
8779eaf847d7d0857fbfbc273cadb066aa99c65062017e650cfa4e292b544fb5

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:13 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json
access-control-allow-origin
http://powerball.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
562
expires
0
auction
s2s.t13.io/openrtb2/ 		583 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
735b6816a65ac7579d2e7da8452d39d4d63ef595dc11f22870f78b516de48fea

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/1.94.0
content-type
application/json
access-control-allow-origin
http://powerball.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
308
expires
0
prebid
ads.yieldmo.com/exchange/ 		0
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=6.19.0&p=%5B%7B%22placement_id%22%3A%22ad-lg-0%22%2C%22callback_id%22%3A%2275a9d7d16b4bc7%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B468%2C60%5D%5D%2C%22ym_placement_id%22%3A%222785004072715886604%22%2C%22gpid%22%3A%22%2F15184186%2Fpowerball_leaderboard_mid_1%2Fad-lg-0%22%7D%2C%7B%22placement_id%22%3A%22ad-lg-1%22%2C%22callback_id%22%3A%228bcabb90ec36b3%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B468%2C60%5D%5D%2C%22ym_placement_id%22%3A%222785004072715886604%22%2C%22gpid%22%3A%22%2F15184186%2Fpowerball_leaderboard_mid_2%2Fad-lg-1%22%7D%2C%7B%22placement_id%22%3A%22ad-sm-2%22%2C%22callback_id%22%3A%229b1de60afd1af%22%2C%22sizes%22%3A%5B%5B336%2C280%5D%2C%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222785004072715886604%22%2C%22gpid%22%3A%22%2F15184186%2Fpowerball_medrec_1%2Fad-sm-2%22%7D%2C%7B%22placement_id%22%3A%22ad-sm-3%22%2C%22callback_id%22%3A%2210627dbcde10c7d%22%2C%22sizes%22%3A%5B%5B336%2C280%5D%2C%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222785004072715886604%22%2C%22gpid%22%3A%22%2F15184186%2Fpowerball_medrec_2%2Fad-sm-3%22%7D%5D&page_url=http%3A%2F%2Fpowerball.com%2F&bust=1666378873482&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Home%20%7C%20Powerball&w=1600&h=1200&pubcid=b5da02d5-a2be-436e-8efb-7902efab5f5a&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22962%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b5da02d5-a2be-436e-8efb-7902efab5f5a%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.201.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-201-8.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://powerball.com
pragma
no-cache
date
Fri, 21 Oct 2022 19:01:13 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
imp
g2.gumgum.com/hbid/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1666378873485&to=0&aun=ad-lg-0&pubcid=b5da02d5-a2be-436e-8efb-7902efab5f5a&gpid=%2F15184186%2Fpowerball_leaderboard_mid_1%2Fad-lg-0&maxw=970&maxh=250&si=227083&pi=3&bf=970x250%2C970x90%2C728x90%2C468x60&schain=1.0%2C1!freestar.com%2C962%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fpowerball.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.19.0%22%7D&ogu=null&ns=9728
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.75.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-75-232.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bef230d7ab5194f6f35031932a058ec825d97e86e1add71f2e754092a0ced37a

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:13 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://powerball.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1666378873488&to=0&aun=ad-lg-0&pubcid=b5da02d5-a2be-436e-8efb-7902efab5f5a&gpid=%2F15184186%2Fpowerball_leaderboard_mid_1%2Fad-lg-0&maxw=970&maxh=250&si=227084&pi=3&bf=970x250%2C970x90%2C728x90%2C468x60&schain=1.0%2C1!freestar.com%2C962%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fpowerball.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.19.0%22%7D&ogu=null&ns=9728
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.75.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-75-232.compute-1.amazonaws.com
Software
nginx /
Resource Hash
406cfd1d5aae2dc492c9d97c40eb166a57d0b34fd0b53bad45ab13c2c45251b1

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:13 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://powerball.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1666378873489&to=0&aun=ad-lg-0&pubcid=b5da02d5-a2be-436e-8efb-7902efab5f5a&gpid=%2F15184186%2Fpowerball_leaderboard_mid_1%2Fad-lg-0&maxw=970&maxh=250&si=227082&pi=3&bf=970x250%2C970x90%2C728x90%2C468x60&schain=1.0%2C1!freestar.com%2C962%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fpowerball.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.19.0%22%7D&ogu=null&ns=9728
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.75.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-75-232.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f72dc2e0ed7ee181429860bb157bca7f87f4ccd7c48eb1aa51f67ac6e8863eb5

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:13 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://powerball.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1666378873489&to=0&aun=ad-lg-1&pubcid=b5da02d5-a2be-436e-8efb-7902efab5f5a&gpid=%2F15184186%2Fpowerball_leaderboard_mid_2%2Fad-lg-1&maxw=970&maxh=250&si=227083&pi=3&bf=970x250%2C970x90%2C728x90%2C468x60&schain=1.0%2C1!freestar.com%2C962%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fpowerball.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.19.0%22%7D&ogu=null&ns=9728
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.75.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-75-232.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ae7456b1e50878bce33ecbf2ccf6265bed367d29a57654c6d45d9eab52adf551

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:13 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://powerball.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1666378873490&to=0&aun=ad-lg-1&pubcid=b5da02d5-a2be-436e-8efb-7902efab5f5a&gpid=%2F15184186%2Fpowerball_leaderboard_mid_2%2Fad-lg-1&maxw=970&maxh=250&si=227084&pi=3&bf=970x250%2C970x90%2C728x90%2C468x60&schain=1.0%2C1!freestar.com%2C962%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fpowerball.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.19.0%22%7D&ogu=null&ns=9728
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.75.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-75-232.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8a043940b0ded0e4aa9e1fa489e9cdac5b181917ca7110e318fcb20588142aee

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:13 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://powerball.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1666378873490&to=0&aun=ad-lg-1&pubcid=b5da02d5-a2be-436e-8efb-7902efab5f5a&gpid=%2F15184186%2Fpowerball_leaderboard_mid_2%2Fad-lg-1&maxw=970&maxh=250&si=227082&pi=3&bf=970x250%2C970x90%2C728x90%2C468x60&schain=1.0%2C1!freestar.com%2C962%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fpowerball.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.19.0%22%7D&ogu=null&ns=9728
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.75.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-75-232.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3365a64785b649248d18cf746d614be77a5c0cd1f99e738c097c1f80cf14c7a

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:13 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://powerball.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1666378873490&to=0&aun=ad-sm-2&pubcid=b5da02d5-a2be-436e-8efb-7902efab5f5a&gpid=%2F15184186%2Fpowerball_medrec_1%2Fad-sm-2&maxw=336&maxh=280&si=227078&pi=3&bf=336x280%2C300x250&schain=1.0%2C1!freestar.com%2C962%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fpowerball.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.19.0%22%7D&ogu=null&ns=9728
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.75.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-75-232.compute-1.amazonaws.com
Software
nginx /
Resource Hash
667e0e6bd866b428060a706b41c7f1510b8dc1d3f1ffbea0af92b60f97c6aedb

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:13 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://powerball.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1666378873491&to=0&aun=ad-sm-3&pubcid=b5da02d5-a2be-436e-8efb-7902efab5f5a&gpid=%2F15184186%2Fpowerball_medrec_2%2Fad-sm-3&maxw=336&maxh=280&si=227078&pi=3&bf=336x280%2C300x250&schain=1.0%2C1!freestar.com%2C962%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fpowerball.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.19.0%22%7D&ogu=null&ns=9728
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.75.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-75-232.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d66250c74079fb7e8aff09813d778341b2c96be17e7d2a9189b5cab026eb1996

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:13 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://powerball.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
/
colossusssp.com/ 		2 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.77.87.216 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
http://powerball.com
Date
Fri, 21 Oct 2022 19:01:13 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96905a017c7c74f52d757a0d340018&pos=8a96905a017c7c74f52d757b412d001a&cmd=bid&req=http%3A%2F%2Fpowerball.com%2F
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
224a60d3b9ee474d9ff79d0b5eea6899a1226f5ac1be28b8b94cc8ccda928cc9

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96905a017c7c74f52d757a0d340018&pos=8a969555017c7c74fa62757b1a83001c&cmd=bid&req=http%3A%2F%2Fpowerball.com%2F
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
999ac772ecd6c89636c66006dbf5b68a66abfa304d6e096aa035c906a2b3b714

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96905a017c7c74f52d757a0d340018&pos=8a969555017c7c74fa62757aadc6001a&cmd=bid&req=http%3A%2F%2Fpowerball.com%2F
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
81cbc08ac7fc52caf69215b6998d9719d009481faeb00fee2e9d80a7cf7ad32f

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96905a017c7c74f52d757a0d340018&pos=8a96905a017c7c74f52d757b412d001a&cmd=bid&req=http%3A%2F%2Fpowerball.com%2F
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
942c3481483f1cf96a592bc13806abc150750324beab13371ee8bbe06132b6c4

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96905a017c7c74f52d757a0d340018&pos=8a969555017c7c74fa62757b1a83001c&cmd=bid&req=http%3A%2F%2Fpowerball.com%2F
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
638c472f00bf1f407e3d892fca1abd5555290a5eb32205c9e4f63c90bb02dc2e

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96905a017c7c74f52d757a0d340018&pos=8a969555017c7c74fa62757aadc6001a&cmd=bid&req=http%3A%2F%2Fpowerball.com%2F
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8df256f1e82cd2392fbd98d544713ed4556cef20f4698aaeec5b964bb128003d

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96905a017c7c74f52d757a0d340018&pos=8a969d11017c7c74f0ed757acff6001b&cmd=bid&req=http%3A%2F%2Fpowerball.com%2F
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
c0f1757f04344d5fffe43240c75d9dce255aeb776e5c7dc6ae2bde53dfa0fc4d

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96905a017c7c74f52d757a0d340018&pos=8a969d11017c7c74f0ed757acff6001b&cmd=bid&req=http%3A%2F%2Fpowerball.com%2F
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6549efdc127fdec0228e078557254246588d0f7b7c5c660c2b01024af55a747f

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
content-length
62
translator
hbopenbid.pubmatic.com/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://powerball.com
date
Fri, 21 Oct 2022 19:01:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
0505d9d35f5b800e3c33e871391e07105e854107f8d328ef2948e55c592998cf

Request headers

Referer
http://powerball.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
f03f96a43afa5287be5e99d8514f5c077637593979539175596f0e5727e7134c

Request headers

Referer
http://powerball.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
85f49301782a830a3b476d4526f19707b52797255114ea2e23f809112e93af6f

Request headers

Referer
http://powerball.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
5ead07524b2eb9ccfd50707f2fc5d31b85f73aba7b84b4c49e59541055a90b35

Request headers

Referer
http://powerball.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ea93b496de3db17a877a4d1fa67327cf419615ba5ad264e0db578e6740494fd9

Request headers

Referer
http://powerball.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
71289f1cafb92a34fbeda3807b6b4c106b580d0b80c537b76f20ea904aff9776

Request headers

Referer
http://powerball.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
4d25c6738bb1d464eae82c0a631ffa7aeb5d1dc0e08d64ccfeb8ac2a11dcc7b9

Request headers

Referer
http://powerball.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
653cfc4a507730d9c93ab88da1f305a2cc77001415c00131dc0c544e1d815ef9

Request headers

Referer
http://powerball.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
content-length
66
cdb
bidder.criteo.com/ 		18 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=51761368947
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
bid
ap.lijit.com/rtb/ 		25 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.19.0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
2b22f720d97e4d1274da1bc49f9ba0d8e025c089c972a785cac368a4232cca30

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 21 Oct 2022 19:01:13 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://powerball.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
cygnus
htlb.casalemedia.com/ 		37 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=728751&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22930b92f9091ed41%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fpowerball.com%2F%22%2C%22name%22%3A%22powerball-com%22%2C%22domain%22%3A%22powerball.com%22%2C%22cat%22%3A%5B%22IAB9%22%5D%2C%22sectioncat%22%3A%5B%22IAB9%22%5D%2C%22pagecat%22%3A%5B%22IAB9%22%5D%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%5D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2294de95adabb801a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22728751%22%2C%22sid%22%3A%22468x60%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22728751%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22728751%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22728751%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fpowerball_leaderboard_mid_1%22%2C%22gpid%22%3A%22%2F15184186%2Fpowerball_leaderboard_mid_1%2Fad-lg-0%22%7D%7D%2C%7B%22id%22%3A%2298553c4ecdd0a4c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22728751%22%2C%22sid%22%3A%22468x60%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22728751%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22728751%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22728751%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fpowerball_leaderboard_mid_2%22%2C%22gpid%22%3A%22%2F15184186%2Fpowerball_leaderboard_mid_2%2Fad-lg-1%22%7D%7D%2C%7B%22id%22%3A%2210202184bc53ba6c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22728751%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22728751%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fpowerball_medrec_1%22%2C%22gpid%22%3A%22%2F15184186%2Fpowerball_medrec_1%2Fad-sm-2%22%7D%7D%2C%7B%22id%22%3A%2210459ff6b6237e6f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22728751%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22728751%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fpowerball_medrec_2%22%2C%22gpid%22%3A%22%2F15184186%2Fpowerball_medrec_2%2Fad-sm-3%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22962%22%2C%22hp%22%3A1%2C%22rid%22%3A%228d7938b8-269a-41a0-821b-4993f7ee6971%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b5da02d5-a2be-436e-8efb-7902efab5f5a%22%7D%5D%7D%5D%7D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc7d668ce601fb1c3906fd950bad204e25d63e3cee77c4b687e75f5bf540f505

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://powerball.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75dc3d984bd92cdd-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		815 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=2112866&size_id=2%3B2%3B15%3B15&alt_size_ids=1%2C55%2C57%3B1%2C55%2C57%3B16%3B16&rp_schain=1.0,1!freestar.com,962,1,8d7938b8-269a-41a0-821b-4993f7ee6971,,&eid_pubcid.org=b5da02d5-a2be-436e-8efb-7902efab5f5a%5E1&rf=http%3A%2F%2Fpowerball.com%2F&tg_i.name=powerball-com&tg_i.domain=powerball.com&tg_i.cat=IAB9&tg_i.sectioncat=IAB9&tg_i.pagecat=IAB9&tg_i.page=http%3A%2F%2Fpowerball.com%2F&tg_i.fs_ad_product=banner&tg_i.pbadslot=%2F15184186%2Fpowerball_leaderboard_mid_1%2Fad-lg-0%3B%2F15184186%2Fpowerball_leaderboard_mid_2%2Fad-lg-1%3B%2F15184186%2Fpowerball_medrec_1%2Fad-sm-2%3B%2F15184186%2Fpowerball_medrec_2%2Fad-sm-3&tk_flint=pbjs_lite_v6.19.0&x_source.tid=c467cefc-85ff-4e90-bc91-ec83175c2c3b%3B1c1be5f3-b077-423d-ae35-79d342260362%3B950f604e-896e-4245-b055-76ce43450253%3B418e576a-be6c-4d95-9790-312201ef07e6&l_pb_bid_id=107efbee081e282e%3B108e1ea03a909dc9%3B109e92b85cefec3e%3B1103b8b32669560b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F15184186%2Fpowerball_leaderboard_mid_1%2Fad-lg-0%3B%2F15184186%2Fpowerball_leaderboard_mid_2%2Fad-lg-1%3B%2F15184186%2Fpowerball_medrec_1%2Fad-sm-2%3B%2F15184186%2Fpowerball_medrec_2%2Fad-sm-3&slots=4&rand=0.6605908287654663
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::62 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4c23e01584296ea8916b9c42cbd9a3e32a762f83a8cb7562971f7d3d1f68595f

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:13 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://powerball.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
cookie
cm.adform.net/ 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
server
nginx
content-length
43
content-type
image/gif
config
c.amazon-adsystem.com/cdn/prod/ 		736 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fpowerball.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-76.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
9cd0c52130a2ac95e21959817ca0ad8a7f85c72995e9ecd98e069ff5e01e2135

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 15:02:46 GMT
via
1.1 72e01c53ea1f597217a963cf6671454c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
age
14306
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://powerball.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
736
x-amz-cf-id
lFOjng3yNIMVpq6iNXnVa7HuEHN0NxVcrRJ4YfWVqMl5pwAuBWAI6Q==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		186 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fpowerball.com%2F&pid=uiK8kBUmYqHAi&cb=0&ws=1600x1200&v=22.10.131733&t=1000&slots=%5B%7B%22sd%22%3A%22ad-lg-0%22%2C%22s%22%3A%5B%22468x60%22%2C%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C141986346%2Fpowerball_leaderboard_mid_1%22%7D%2C%7B%22sd%22%3A%22ad-lg-1%22%2C%22s%22%3A%5B%22468x60%22%2C%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F15184186%2C141986346%2Fpowerball_leaderboard_mid_2%22%7D%2C%7B%22sd%22%3A%22ad-sm-2%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F15184186%2C141986346%2Fpowerball_medrec_1%22%7D%2C%7B%22sd%22%3A%22ad-sm-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F15184186%2C141986346%2Fpowerball_medrec_2%22%7D%5D&schain=1.0%2C1!freestar.com%2C962%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.124.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-124-226.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
df10f8355f2bd4ef1c2d1847baf4480b6dc71a9bf0d45468766b3a5d3d3b146e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a5f1848a5a38100d334f5844f0df9eac.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P4
x-amz-rid
G1R73A9KW1FS2Q7MZ1A2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
186
x-amz-cf-id
k0tuB753KkafOMacpAeJxtQ0qM0HGetlNBJVYAoFxIBRmJK7W4h7yg==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		186 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fpowerball.com%2F&pid=uiK8kBUmYqHAi&cb=1&ws=1600x1200&v=22.10.131733&t=1000&slots=%5B%7B%22sd%22%3A%22powerball_adhesion%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F15184186%2C141986346%2Fpowerball_adhesion%22%7D%5D&schain=1.0%2C1!freestar.com%2C962%2C1%2C%2C%2C&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.124.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-124-226.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
83efa753e2890486c7d52feb45bb4e02bfc2d3aa06d85a8bbf3357ea757edeb7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:14 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a5f1848a5a38100d334f5844f0df9eac.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P4
x-amz-rid
FYCG4TGBSM1JCD5P8W57
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
186
x-amz-cf-id
u1ivgdZq1U82pdi175AXTnXZAc3NoacpT3VlxULC4ZjdCZ1JYzbwiA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Server
143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-76.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 02:27:58 GMT
x-amz-version-id
YousslGi_alc9N7i1PBVBMNtdY1LkTzi
Content-Encoding
gzip
Via
1.1 71994794c0ae42f7776bc799e33a979a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR52-C2
Age
59596
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 06 Oct 2022 01:32:47 GMT
Server
AmazonS3
ETag
W/"a4d296427fc806b21335359e398c025c"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Vary
Accept-Encoding,Origin
X-Amz-Cf-Id
aSpQM54HHBa96n7l5W6kz_W2mTIzH-I_BLOZ7UkCXxTJNvM3dDHC8A==
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
  • https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Protocol
H2
Server
2600:9000:21dd:1600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 18:11:31 GMT
content-encoding
gzip
via
1.1 da79f1e019da644d2a3fd9e73f79a700.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
2982
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
YI_6rWDcHTCTKMhU7fHDELjjIV8-hIyFdpMCTBmiifgzhIOYinzAiQ==

Redirect headers

Date
Fri, 21 Oct 2022 19:01:13 GMT
Via
1.1 8f53b5d73ff2f5f8cae7b49606b79bd4.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
EWR53-C2
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
GlgqyV_2nwei80PWuZUH3NoCCtca8Hpzc5Ys3C8HM4uWrRxW8a_ltA==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
HTTP/1.1
Server
23.217.153.125 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-153-125.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Sep 2022 20:10:31 GMT
Server
Apache
ETag
"d71e-5e830058020dd-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17404
Expires
Fri, 21 Oct 2022 19:16:13 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/
Redirect Chain
  • http://cdn.id5-sync.com/api/1.0/id5-api.js
  • https://cdn.id5-sync.com/api/1.0/id5-api.js
56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
x-amz-request-id
S6V2J71RW6F4ZY7D
age
2628
etag
W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
75dc3d998bcce1ef-ORD
x-amz-id-2
KQ26W+/eD2xVPCHN387Ebbmvh9AOSpXxPOyK9zDvFCNnBbgX2fLFFERrgUTjTDu8HCp7qmcYHZ0=

Redirect headers

Location
https://cdn.id5-sync.com/api/1.0/id5-api.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.34.0.049f1a3641f8329ad530a2107f33a59077a0d32e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
048f874e94895a241be04b856561141875dfbaccecb9d17194636e4e76e35d46

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
http://powerball.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
http://powerball.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
http://powerball.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
http://powerball.com
access-control-max-age
600
age
0
content-length
0
date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
auction
s2s.t13.io/openrtb2/ 		583 B
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
d0cbf5391519ce7413f34e26d7d4c927aec0cd2536a2358c11d9049bc9d99b7a

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
content-encoding
gzip
via
1.1 google
x-prebid
pbs-java/1.94.0
content-type
application/json
access-control-allow-origin
http://powerball.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
307
expires
0
bid
ap.lijit.com/rtb/ 		25 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.19.0
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
1bf1bbcad8540f71ce9a52650312bed2a7115f5983c4aa51611ccd95a26209a9

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 21 Oct 2022 19:01:13 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
http://powerball.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
/
colossusssp.com/ 		2 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.77.87.216 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
http://powerball.com
Date
Fri, 21 Oct 2022 19:01:13 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
cdb
bidder.criteo.com/ 		18 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=31891319989
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96905a017c7c74f52d757a0d340018&pos=8a96905a017c7c74f52d757b412d001a&cmd=bid&req=http%3A%2F%2Fpowerball.com%2F
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
8fae468ab01bf03f479221385456970eed7d1b5cafaa2ad0bc29a7737118255f

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96905a017c7c74f52d757a0d340018&pos=8a969555017c7c74fa62757aadc6001a&cmd=bid&req=http%3A%2F%2Fpowerball.com%2F
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1f841e4bcea8d729fc4c3dfe99cfbb9d19d953ec3849ef63884a9b7f750e30d2

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
content-length
62
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1666378873844&to=0&aun=powerball_adhesion&pubcid=b5da02d5-a2be-436e-8efb-7902efab5f5a&gpid=%2F15184186%2Fpowerball_adhesion%2Fpowerball_adhesion&pv=41b2cfdf-a813-4e86-a3d9-4f28208f671d&maxw=970&maxh=90&si=227083&pi=3&bf=970x90%2C728x90&schain=1.0%2C1!freestar.com%2C962%2C1%2C8d7938b8-269a-41a0-821b-4993f7ee6971%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fpowerball.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.19.0%22%7D&ogu=null&ns=9728
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.75.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-75-232.compute-1.amazonaws.com
Software
nginx /
Resource Hash
34da4db7f62a34c14acd523bc1631f8a1bd106c4e254031417cf6e4ca0f03221

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:13 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://powerball.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1666378873845&to=0&aun=powerball_adhesion&pubcid=b5da02d5-a2be-436e-8efb-7902efab5f5a&gpid=%2F15184186%2Fpowerball_adhesion%2Fpowerball_adhesion&pv=41b2cfdf-a813-4e86-a3d9-4f28208f671d&maxw=970&maxh=90&si=227084&pi=3&bf=970x90%2C728x90&schain=1.0%2C1!freestar.com%2C962%2C1%2C8d7938b8-269a-41a0-821b-4993f7ee6971%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=http%3A%2F%2Fpowerball.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.19.0%22%7D&ogu=null&ns=9728
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.75.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-75-232.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d7c55765cc1650658a6d4caf887746e13cca55fd22a0a08903d94f5a19ff4715

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:13 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://powerball.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://powerball.com
date
Fri, 21 Oct 2022 19:01:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=6.19.0&p=%5B%7B%22placement_id%22%3A%22powerball_adhesion%22%2C%22callback_id%22%3A%22135b0389bb20f3b7%22%2C%22sizes%22%3A%5B%5B970%2C90%5D%2C%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222785004072715886604%22%2C%22gpid%22%3A%22%2F15184186%2Fpowerball_adhesion%2Fpowerball_adhesion%22%7D%5D&page_url=http%3A%2F%2Fpowerball.com%2F&bust=1666378873849&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=Home%20%7C%20Powerball&w=1600&h=1200&pubcid=b5da02d5-a2be-436e-8efb-7902efab5f5a&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22962%22%2C%22hp%22%3A1%2C%22rid%22%3A%228d7938b8-269a-41a0-821b-4993f7ee6971%22%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b5da02d5-a2be-436e-8efb-7902efab5f5a%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.201.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-201-8.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://powerball.com
pragma
no-cache
date
Fri, 21 Oct 2022 19:01:13 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
fastlane.json
fastlane.rubiconproject.com/a/api/ 		489 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=151312&zone_id=2112866&size_id=2&alt_size_ids=55&rp_schain=1.0,1!freestar.com,962,1,8d7938b8-269a-41a0-821b-4993f7ee6971,,&eid_pubcid.org=b5da02d5-a2be-436e-8efb-7902efab5f5a%5E1&rf=http%3A%2F%2Fpowerball.com%2F&tg_i.name=powerball-com&tg_i.domain=powerball.com&tg_i.cat=IAB9&tg_i.sectioncat=IAB9&tg_i.pagecat=IAB9&tg_i.page=http%3A%2F%2Fpowerball.com%2F&tg_i.fs_ad_product=stickyFooter&tg_i.pbadslot=%2F15184186%2Fpowerball_adhesion%2Fpowerball_adhesion&tk_flint=pbjs_lite_v6.19.0&x_source.tid=173d861e-b8e2-4fbc-b7dc-697679a8c960&l_pb_bid_id=13781996d013959a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F15184186%2Fpowerball_adhesion%2Fpowerball_adhesion&slots=1&rand=0.12853553719846977
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::62 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f72e5334c39de763824e6718c0f9e786a38b476e8f0def8f2c1d158d7a916e5c

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:13 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://powerball.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
489
expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
cea374ba66cfe4d3ca1b67915e800837cddc6f5a7d86f12c244ce7224b53ffb3

Request headers

Referer
http://powerball.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 21 Oct 2022 19:01:14 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
a4f110759ac248b71ba8191ecd216b71b867942764fca5986b64cbd1de1e9a3d

Request headers

Referer
http://powerball.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 21 Oct 2022 19:01:13 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
content-length
66
cygnus
htlb.casalemedia.com/ 		38 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=728751&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22141e0183c0714306%22%2C%22site%22%3A%7B%22page%22%3A%22http%3A%2F%2Fpowerball.com%2F%22%2C%22name%22%3A%22powerball-com%22%2C%22domain%22%3A%22powerball.com%22%2C%22cat%22%3A%5B%22IAB9%22%5D%2C%22sectioncat%22%3A%5B%22IAB9%22%5D%2C%22pagecat%22%3A%5B%22IAB9%22%5D%2C%22ref%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22www.freestar.com%22%2C%22ext%22%3A%7B%22taxonomyname%22%3A%22iab_content_taxonomy%22%7D%2C%22segment%22%3A%5B%5D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22142d829ee9058a41%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22728751%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22728751%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F15184186%2Fpowerball_adhesion%22%2C%22gpid%22%3A%22%2F15184186%2Fpowerball_adhesion%2Fpowerball_adhesion%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%22962%22%2C%22hp%22%3A1%2C%22rid%22%3A%223bca68b7-ac79-4a5c-ab1a-8b338588435c%22%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b5da02d5-a2be-436e-8efb-7902efab5f5a%22%7D%5D%7D%5D%7D%7D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5e6e6959ed6b378838af42321e6c741085ba8b771e56d6d50e5ad9ac88caefc

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://powerball.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75dc3d9a4a0b8696-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.70 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216620.ip-141-95-98.eu
Software
/
Resource Hash
09f018dc99aaf0aae3f2948465eebe07197ad50df88dbb4d7128054d6937753b

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://powerball.com
date
Fri, 21 Oct 2022 19:01:13 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		54 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::31ee , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
74b65219834e5e3a434a4bf4402d33c3128386e7832fa055bbe6a44e74f599f8

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://powerball.com
date
Fri, 21 Oct 2022 19:01:14 GMT
content-length
54
vary
Origin
content-type
application/json
iu3
s.amazon-adsystem.com/ Frame B273
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_sovrn_3lift_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_sovrn_3lift_n-Outbrain&dcc=t
356 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_sovrn_3lift_n-Outbrain&dcc=t
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f38c40b621905a9fd71641dbf0bea45bcbaa990166a170ef77df28c9970aeae8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
http://powerball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
356
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 21 Oct 2022 19:01:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
XPZMRT4CFAGZ8479MA5P

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 21 Oct 2022 19:01:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_sovrn_3lift_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ET7K8NQ64VSCGTGC5CDJ
pixel;r=1480520086;rf=0;a=p-UeXruRVtZz7w6;url=http%3A%2F%2Fpowerball.com%2F;uht=2;fpan=1;fpa=P0-1457144286-1666378873929;pbc=;ns=0;ce=1;qjs=1;qv=7a1cba14-20221011131736;cm=;gdpr=0;ref=;d=powerball....
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1480520086;rf=0;a=p-UeXruRVtZz7w6;url=http%3A%2F%2Fpowerball.com%2F;uht=2;fpan=1;fpa=P0-1457144286-1666378873929;pbc=;ns=0;ce=1;qjs=1;qv=7a1cba14-20221011131736;cm=;gdpr=0;ref=;d=powerball.com;dst=0;et=1666378873929;tzo=0;ogl=;ses=31b2c363-7112-4e4f-a532-54fa943de62f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:13 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
setuid
s2s.t13.io/
Redirect Chain
  • https://sync.inmobi.com/prebid?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&us_privacy=&callback=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dinmobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://s2s.t13.io/setuid?bidder=inmobi&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=ID5-ZHMO3XOmabkohoZwqD20ZewTBv48Y2BRwpulyaAuHg
86 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=inmobi&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=ID5-ZHMO3XOmabkohoZwqD20ZewTBv48Y2BRwpulyaAuHg
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

location
https://s2s.t13.io/setuid?bidder=inmobi&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=ID5-ZHMO3XOmabkohoZwqD20ZewTBv48Y2BRwpulyaAuHg
date
Fri, 21 Oct 2022 19:01:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=powerball.com
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1426433198053649&correlator=1720247656181251&eid=31068921&output=ldjh&gdfp_req=1&vrg=2022101801&ptt=17&impl=fifs&iu_parts=15184186%3A141986346%2Cpowerball_adhesion&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=1&adks=4037602997&sfv=1-0-38&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26floors_id%3D9ebaef%26floors_hour%3D19%26floors_user%3D1%26fs_placementName%3Dpowerball_adhesion%26fs_ad_product%3DstickyFooter%26amznbid%3D2%26amznp%3D2%26fsbid%3D0&eri=1&cust_params=user-agent%3DChrome&sc=0&cookie_enabled=1&abxe=1&dt=1666378874084&lmt=1666366963&dlt=1666378870890&idt=1753&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fpowerball.com%2F&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=389171685.1666378872&ga_sid=1666378874&ga_hid=145959604&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ee880d5083bce6d9c758b3b6312a71beaa88f435ecbb39db798df990eb33a7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10779
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://powerball.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce9eed4b8dac372b933c5a0a051228b93e2040d4084e5aae151a93e97ff81ee4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11164
x-xss-protection
0
container.html
dd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5C46 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://powerball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 19:01:14 GMT
expires
Sat, 21 Oct 2023 19:01:14 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pr
s.amazon-adsystem.com/v3/ Frame 154B 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_sovrn_3lift_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
78d9edd3753ba2f4433bce6cb49b1f1d5c5330d2d840c9771f642a1bb4739566
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_sovrn_3lift_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2999
Content-Type
text/html;charset=ISO-8859-1
Date
Fri, 21 Oct 2022 19:01:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
W8WHJRFEHP0MJ9DZQ6PQ
ecm3
s.amazon-adsystem.com/ Frame 154B
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=4E225F31A4974A0FA1E0AB6F4C01C6E0&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=4E225F31A4974A0FA1E0AB6F4C01C6E0&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2A31F4BY75MSMHHDC7A7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Fri, 21 Oct 2022 19:01:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=4E225F31A4974A0FA1E0AB6F4C01C6E0&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 20 Oct 2022 19:01:14 GMT
ecm3
s.amazon-adsystem.com/ Frame 154B
Redirect Chain
  • https://jadserve.postrelease.com/suid/101959?ntv_r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dnativo.com%26id%3DNTV_USER_ID
  • https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=53056d15-da76-4709-b3a9-027bcd37ddaa
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=53056d15-da76-4709-b3a9-027bcd37ddaa
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T3T59V6570S8ZD6EXJJF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.amazon-adsystem.com/ecm3?ex=nativo.com&id=53056d15-da76-4709-b3a9-027bcd37ddaa
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 154B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=_LXaAu8R6aSZpIJwQozx&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZUWIPK7JRMGCQLVHBJDMYKTLJYES...
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=_LXaAu8R6aSZpIJwQozx
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=_LXaAu8R6aSZpIJwQozx
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CQJRXZV7J7VRR6NNVTGX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:14 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=_LXaAu8R6aSZpIJwQozx
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
101
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Oct 2022 19:01:14 GMT
usermatch
ssum-sec.casalemedia.com/ Frame AF53
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ad27a4542f34559df5e881322bde8997fc509e133757ce3b917dfe711608cce

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75dc3d9d8bf3c508-ORD
content-encoding
br
content-type
text/html
date
Fri, 21 Oct 2022 19:01:14 GMT
expires
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75dc3d9cbcd586f0-ORD
content-length
0
date
Fri, 21 Oct 2022 19:01:14 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 6E44
Redirect Chain
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOQIGabmJYjGpCH9kd2M5oFGZFzmQdg3l2S8B79w
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOQIGabmJYjGpCH9kd2M5oFGZFzmQdg3l2S8B79w
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 21 Oct 2022 19:01:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
QYGRYVNAYWR08RE7HTYW

Redirect headers

date
Fri, 21 Oct 2022 19:01:14 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-ZHMOQIGabmJYjGpCH9kd2M5oFGZFzmQdg3l2S8B79w
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
ecm3
s.amazon-adsystem.com/ Frame C6FB
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=22430e9b7c7e0506&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAABsXR95RgOXQNNoccDAAAAAAA&expiration=1666465274&is_secure=true
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAABsXR95RgOXQNNoccDAAAAAAA&expiration=1666465274&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 21 Oct 2022 19:01:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
JG512X4EXYNQ227QWNXC

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Fri, 21 Oct 2022 19:01:14 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAABsXR95RgOXQNNoccDAAAAAAA&expiration=1666465274&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F3FE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.60.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=144320
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 21 Oct 2022 19:01:14 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 23 Oct 2022 11:06:34 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame 36C2 		842 B
720 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.253.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-253-110.compute-1.amazonaws.com
Software
/
Resource Hash
e72ad8643744ad46cfa5296fe4aebcc5cd891bcdfa5a20ef3fb6ba9fc7c52059

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Fri, 21 Oct 2022 19:01:14 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame 9AE7 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 21 Oct 2022 19:01:14 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame 9B52
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
ff368f88e73b71f11be0b361856b43add65153e2be6594b7dfef52216f74e201
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
content-length
930
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-6bdd85b5c9-xc22t
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
cw-server
bh-deployment-6bdd85b5c9-xc22t
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
amazon
ap.lijit.com/beacon/ Frame 86D3 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
d38bd44d707d8a64420252663c07bb980c451859b39ad507563b259731a8f926

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
1201
Content-Type
text/html
Date
Fri, 21 Oct 2022 19:01:14 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ewr1
ecm3
s.amazon-adsystem.com/ Frame C5C9
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4353502803413113050196
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4353502803413113050196
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-LoopMe_n-inmobi_cnv_pm-db5_n-simpli.fi_ym_rbd_ppt_n-nativo_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 21 Oct 2022 19:01:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
MAMKHXX1SPPW0SPKBHP7

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 21 Oct 2022 19:01:14 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4353502803413113050196
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
882.json
id5-sync.com/g/v2/ 		462 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/882.json
Requested by
Host: cdn.id5-sync.com
URL: http://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
0ee76f53e11119ca42f018656e6213727e14b4f9fccbb461085a4228e6a5e9c3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 19:01:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://powerball.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
ecm3
s.amazon-adsystem.com/ Frame 86D3 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=FhP1fBZHVyN1G82URc2Fpw8G&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J73BXFR899QAJ46MV5EJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 86D3
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=OsCM9pDCGnwYKVIJmreF&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=OsCM9pDCGnwYKVIJmreF&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
23.92.190.74 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:14 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=OsCM9pDCGnwYKVIJmreF&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT, Fri, 21 Oct 2022 19:01:14 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 86D3
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=91fcb6b9-505e-4bf8-9dda-07d18b30bc80
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=91fcb6b9-505e-4bf8-9dda-07d18b30bc80
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
23.92.190.74 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:14 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=91fcb6b9-505e-4bf8-9dda-07d18b30bc80
date
Fri, 21 Oct 2022 19:01:14 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame 86D3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=fmx&bsw_custom_parameter=420cce5a-5f42-4fc5-b516-8ea244f75d87
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=fmx&bsw_custom_parameter=420cce5a-5f42-4fc5-b516-8ea244f75d87
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=b4db78d5-f4ea-4eff-9c57-ee480daefd12&ssp=fmx&expires=30&user_group=5&bsw_param=420cce5a-5f42-4fc5-b516-8ea244f75d87
  • https://ce.lijit.com/merge?pid=26&3pid=420cce5a-5f42-4fc5-b516-8ea244f75d87&gdpr=&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=420cce5a-5f42-4fc5-b516-8ea244f75d87&gdpr=&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
23.92.190.74 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:15 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=420cce5a-5f42-4fc5-b516-8ea244f75d87&gdpr=&gdpr_consent=
Date
Fri, 21 Oct 2022 19:01:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 86D3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D92%25263pid%253D%2524UID%26gdpr%3D0%26gdpr_consent%3D
  • https://ce.lijit.com/merge?pid=92&3pid=5512368809063269799&gdpr=0&gdpr_consent=
43 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=5512368809063269799&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
23.92.190.74 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:14 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:14 GMT
AN-X-Request-Uuid
1c653aaf-fd04-4aca-bb01-b9c3982b7f71
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ce.lijit.com/merge?pid=92&3pid=5512368809063269799&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 86D3
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=L9IUYG1V-5-9AM8&gdpr=0
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=L9IUYG1V-5-9AM8&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
23.92.190.74 Katy, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:14 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=L9IUYG1V-5-9AM8&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
bd0f62a3fbacfef6a33ae6abaf6daf37
Expires
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=powerball.com
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		111 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1426433198053649&correlator=1720247656181251&eid=31068921&output=ldjh&gdfp_req=1&vrg=2022101801&ptt=17&impl=fifs&iu_parts=15184186%3A141986346%2Cpowerball_leaderboard_mid_1%2Cpowerball_leaderboard_mid_2%2Cpowerball_medrec_1%2Cpowerball_medrec_2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=468x60%7C728x90%7C970x90%7C970x250%2C468x60%7C728x90%7C970x90%7C970x250%2C300x250%7C336x280%2C300x250%7C336x280&ifi=2&adks=497389240%2C3756318534%2C3105621234%2C3311327862&sfv=1-0-38&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26floors_id%3Dc15917%26floors_hour%3D19%26floors_user%3D1%26fs_placementName%3Dpowerball_leaderboard_mid_1%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3D02bc62%26floors_hour%3D19%26floors_user%3D1%26fs_placementName%3Dpowerball_leaderboard_mid_2%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3D274fd5%26floors_hour%3D19%26floors_user%3D1%26fs_placementName%3Dpowerball_medrec_1%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2%7Cfsrefresh%3D0%26fsrebid%3D0%26floors_id%3D2bcf2b%26floors_hour%3D19%26floors_user%3D1%26fs_placementName%3Dpowerball_medrec_2%26fs_ad_product%3Dbanner%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=user-agent%3DChrome&sc=0&cookie_enabled=1&abxe=1&dt=1666378874426&lmt=1666366963&dlt=1666378870890&idt=1753&adxs=566%2C566%2C440%2C860&adys=960%2C2886%2C3605%2C3605&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3&ucis=2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fpowerball.com%2F&frm=20&vis=1&psz=1600x120%7C1600x120%7C1600x120%7C1600x120&msz=468x0%7C468x0%7C300x0%7C300x0&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&ga_vid=389171685.1666378872&ga_sid=1666378874&ga_hid=145959604&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
82becb6e375bdaef48f36b6971641fecb4ad52adba6c9d76ec39ef3d7c8cb6d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23441
x-xss-protection
0
google-lineitem-id
6098099919,6098099919,-1,6095636870
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138402747489,138402747480,-1,138402571576
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://powerball.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 9AE7 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
adb8fffa179674d8acb13f029a8085453f8e35301a733468f83c13e27d797870

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70117
Connection
keep-alive
Content-Length
9455
Expires
Sat, 22 Oct 2022 14:29:51 GMT
ecm3
s.amazon-adsystem.com/ Frame 36C2 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=ge8cbe2297dfc682f891
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2NWY2FHRJJKZDX4MWVJJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 36C2
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=yieldmo
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=yieldmo
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=91fcb6b9-505e-4bf8-9dda-07d18b30bc80&gdpr=&gdpr_pd=&gdpr_consent=
43 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=91fcb6b9-505e-4bf8-9dda-07d18b30bc80&gdpr=&gdpr_pd=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
184.73.201.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-201-8.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

location
//ads.yieldmo.com/v000/sync?pn_id=mf&userid=91fcb6b9-505e-4bf8-9dda-07d18b30bc80&gdpr=&gdpr_pd=&gdpr_consent=
date
Fri, 21 Oct 2022 19:01:14 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 36C2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=Z2VjMTYyZWNhYjc4Mjk2MmFlYjk=
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=Z2VjMTYyZWNhYjc4Mjk2MmFlYjk=&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=Z2VjMTYyZWNhYjc4Mjk2MmFlYjk=&google_tc=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=Z2VjMTYyZWNhYjc4Mjk2MmFlYjk=&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 36C2 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=yieldmo
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
ads.yieldmo.com/v000/ Frame 36C2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=5512368809063269799&pn_id=an
43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=5512368809063269799&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
184.73.201.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-201-8.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:14 GMT
AN-X-Request-Uuid
d2650bdb-70cd-4e05-94d4-7b1de7a8312d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.yieldmo.com/v000/sync?userid=5512368809063269799&pn_id=an
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/ Frame 36C2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=21
  • https://ads.yieldmo.com/sync?pn_id=stk&userid=X7y23APdTcl7PUkiRZntRWjtwR0&gdpr=&gdpr_consent=
43 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=stk&userid=X7y23APdTcl7PUkiRZntRWjtwR0&gdpr=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
184.73.201.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-201-8.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
https://ads.yieldmo.com/sync?pn_id=stk&userid=X7y23APdTcl7PUkiRZntRWjtwR0&gdpr=&gdpr_consent=
Date
Fri, 21 Oct 2022 19:01:14 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
PugMaster
image6.pubmatic.com/AdServer/ Frame F3FE 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=41781166&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b5000148f2a5f03cdef7efaf5a1521e76cba8d7cd457b7901f53cd6c0d88ea15

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 21 Oct 2022 19:01:13 GMT
content-length
1569
content-type
text/html; charset=UTF-8
rtset
bh.contextweb.com/bh/ Frame 9B52
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=eDA2RUJzVkZIWmJ1Z3VfWmdPYlpVQQ&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_hm=eDA2RUJzVkZIWmJ1Z3VfWmdPYlpVQQ&gdpr=0&gdpr_consent=&google_tc=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEHCSDiGchHVegqoTueFSy8Y&google_cver=1
49 B
680 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEHCSDiGchHVegqoTueFSy8Y&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6bdd85b5c9-xc22t
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEHCSDiGchHVegqoTueFSy8Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 9B52
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=555a0945585b04db&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAABuaBUWVx_WwMwZjtzAAAAAAA&expiration=1666465274&nuid=&is_secure=true
49 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAABuaBUWVx_WwMwZjtzAAAAAAA&expiration=1666465274&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6bdd85b5c9-xc22t
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAABuaBUWVx_WwMwZjtzAAAAAAA&expiration=1666465274&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rtset
bh.contextweb.com/bh/ Frame 9B52
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=95&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd...
  • https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553&gdpr_in_effect=0&gdpr_consent=
49 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553&gdpr_in_effect=0&gdpr_consent=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
content-type
image/gif;charset=iso-8859-1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6bdd85b5c9-xc22t
expires
-1

Redirect headers

location
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553&gdpr_in_effect=0&gdpr_consent=
date
Fri, 21 Oct 2022 19:01:15 GMT
strict-transport-security
max-age=31536000
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
ecm3
s.amazon-adsystem.com/ Frame 9B52 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=ctSAAwgQjiMf&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PR2M8J56PYF9DHED9J74
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E6AE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://powerball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
237105
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 01:09:29 GMT
expires
Thu, 19 Oct 2023 01:09:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C238 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
380074668f33d068dad846213f5cc473f4b62ba3b17541c5eeee2360a14158f0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5V1dsAqXVP09lNn4U3aenQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://powerball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-5V1dsAqXVP09lNn4U3aenQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 19:01:14 GMT
expires
Fri, 21 Oct 2022 19:01:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ecm3
s.amazon-adsystem.com/ Frame 9AE7
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=L9IUYG1V-5-9AM8
  • https://s.amazon-adsystem.com/ecm3?id=L9IUYG1V-5-9AM8&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=L9IUYG1V-5-9AM8&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3PJ33PGSXSXRTTGS5NJ3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=L9IUYG1V-5-9AM8&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
bd0f62a3fbacfef6a33ae6abaf6daf37
Expires
0
rum
dsum-sec.casalemedia.com/ Frame AF53
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://match.adsrvr.org/track/cmb/casale?
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=96c184ef-d2dc-46f0-8c36-35f68e7519ef&expiration=1668970874&gdpr=0&gdpr_consent=
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=96c184ef-d2dc-46f0-8c36-35f68e7519ef&expiration=1668970874&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=96c184ef-d2dc-46f0-8c36-35f68e7519ef&expiration=1668970874&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
dcm
s.amazon-adsystem.com/ Frame AF53 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1LseuPF_zXfayqsXM1MzAAAAJgAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GA7S5Z6BBRYJRQHTCQNV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame AF53
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y1LseuPF-zXfayqsXM1MzAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKixhgOCVVuYXiogpg5dmE0&google_cver=1
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKixhgOCVVuYXiogpg5dmE0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKixhgOCVVuYXiogpg5dmE0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame AF53
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1LseuPF_zXfayqsXM1MzAAAAJgAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=Y1LseuPF_zXfayqsXM1MzAAAAJgAAAIB&gdpr_consent=&us_privacy=&gdpr=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIVH5xiwXi1Yqv696JmgDxo&google_cver=1
43 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIVH5xiwXi1Yqv696JmgDxo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75dc3d9fee7bc508-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIVH5xiwXi1Yqv696JmgDxo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
113
match.deepintent.com/usersync/ Frame AF53 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 21 Oct 2022 19:01:14 GMT
server
c
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
rum
dsum-sec.casalemedia.com/ Frame AF53
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y1LseuPF-zXfayqsXM1MzAAA%26152
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=b286b491-0301-4710-842c-b614974c9fc4-tucta4c71fa
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=b286b491-0301-4710-842c-b614974c9fc4-tucta4c71fa
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=b286b491-0301-4710-842c-b614974c9fc4-tucta4c71fa
date
Fri, 21 Oct 2022 19:01:14 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
41654
crum
dsum-sec.casalemedia.com/ Frame AF53
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=22e76352-ec7a-4100-b354-5b1765a9e091
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=22e76352-ec7a-4100-b354-5b1765a9e091
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Fri, 21 Oct 2022 19:01:14 GMT
Server
MT3 4539 98cc2da master ord-pixel-x50 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=22e76352-ec7a-4100-b354-5b1765a9e091
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 21 Oct 2022 19:01:13 GMT
crum
dsum-sec.casalemedia.com/ Frame AF53
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-2a4ba89c-0aee-4d94-997b-d7a6ab1d247c
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-2a4ba89c-0aee-4d94-997b-d7a6ab1d247c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-2a4ba89c-0aee-4d94-997b-d7a6ab1d247c
date
Fri, 21 Oct 2022 19:01:14 GMT
server
Apache-Coyote/1.1
content-length
0
ecm3
s.amazon-adsystem.com/ Frame AF53 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Y1LseuPF_zXfayqsXM1MzAAAAJgAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9BAB5NHWJGJF68906KK5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 9AE7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://match.adsrvr.org/track/cmb/rubicon?
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=96c184ef-d2dc-46f0-8c36-35f68e7519ef&gdpr=0&gdpr_consent=&expires=30
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=96c184ef-d2dc-46f0-8c36-35f68e7519ef&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=96c184ef-d2dc-46f0-8c36-35f68e7519ef&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 9AE7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPiwK5WL6aOa8plQ8WJ1_6Q&google_cver=1
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPiwK5WL6aOa8plQ8WJ1_6Q&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPiwK5WL6aOa8plQ8WJ1_6Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 9AE7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/YhbebptPtCa2QH_Q08JV_g?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=192135578490051797
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=192135578490051797
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 21 Oct 2022 19:01:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=192135578490051797
content-length
0
pixel
cm.g.doubleclick.net/ Frame 9AE7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlJVVlHMVYtNS05QU04
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlJVVlHMVYtNS05QU04
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlJVVlHMVYtNS05QU04
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
bd0f62a3fbacfef6a33ae6abaf6daf37
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 9AE7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9IUYG1V-5-9AM8
0
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9IUYG1V-5-9AM8
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:14 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: D47C082F05EE4C23B5BF13D760D145BB Ref B: CHGEDGE1414 Ref C: 2022-10-21T19:01:15Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXrkBDotCqTjQJryoC8gg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9IUYG1V-5-9AM8
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 9AE7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=BMMX35tUSWuns6N4KS9eFw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=BMMX35tUSWuns6N4KS9eFw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=BMMX35tUSWuns6N4KS9eFw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EGABF73Y2PTXSMDYX146
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=BMMX35tUSWuns6N4KS9eFw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 9AE7 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K1HEW2A3JHRASGS15Y89
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9AE7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGRhODdkMmMxODkzOTI2ZTVmNzVkN2VlOGJiYTgwOWFkZjgzMjhjOQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGRhODdkMmMxODkzOTI2ZTVmNzVkN2VlOGJiYTgwOWFkZjgzMjhjOQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MGRhODdkMmMxODkzOTI2ZTVmNzVkN2VlOGJiYTgwOWFkZjgzMjhjOQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
bd0f62a3fbacfef6a33ae6abaf6daf37
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
match
c1.adform.net/serving/cookie/ Frame 9546
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=29453969-1F29-420B-ACD7-6C53B45221DB
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=29453969-1F29-420B-ACD7-6C53B45221DB
35 B
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=29453969-1F29-420B-ACD7-6C53B45221DB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.42 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 21 Oct 2022 19:01:14 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 21 Oct 2022 19:01:14 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=29453969-1F29-420B-ACD7-6C53B45221DB
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 813F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1LsegAAAYTY7AAr&gdpr=0&gdpr_consent=&_test=Y1LsegAAAYTY7AAr
1 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1LsegAAAYTY7AAr&gdpr=0&gdpr_consent=&_test=Y1LsegAAAYTY7AAr
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 21 Oct 2022 19:01:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 21 Oct 2022 19:01:14 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1LsegAAAYTY7AAr&gdpr=0&gdpr_consent=&_test=Y1LsegAAAYTY7AAr
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-chi-klot8100154-CHI
x-timer
S1666378875.829321,VS0,VE0
ecm3
s.amazon-adsystem.com/ Frame CAC9 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID29453969-1F29-420B-ACD7-6C53B45221DB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 21 Oct 2022 19:01:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
ZJ0Z0YZKP1Z3G8RV0KWW
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F3FE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KUU5aR8pQgus12xTtFIh2w%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
23.64.60.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

unused62
8096267
date
Fri, 21 Oct 2022 19:01:14 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=UTF-8
cache-control
max-age=144320
accept-ranges
bytes
content-length
5549
expires
Sun, 23 Oct 2022 11:06:34 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
db_sync
px.ads.linkedin.com/ Frame F3FE
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=29453969-1F29-420B-ACD7-6C53B45221DB
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDI5NDUzOTY5LTFGMjktNDIwQi1BQ0Q3LTZDNTNCNDUyMjFEQhAAGg0I-tjLmgYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=9ca56052d4179c4a68c74b3c0da7c5c4db9d5914b4256de275d334b3360a7055791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=9ca56052d4179c4a68c74b3c0da7c5c4db9d5914b4256de275d334b3360a7055791426b5417dce21&rand=06403571
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=9ca56052d4179c4a68c74b3c0da7c5c4db9d5914b4256de275d334b3360a7055791426b5417dce21&rand=06403571&expected_cookie=b1944eb5-1110-4d91-beeb-447e691a7d35
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=9ca56052d4179c4a68c74b3c0da7c5c4db9d5914b4256de275d334b3360a7055791426b5417dce21&rand=06403571&expected_cookie=b1944eb5-1110-4d91-beeb-447e691a7d35
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:15 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: D9803D36563745CA860D641316AEBED5 Ref B: CHGEDGE1414 Ref C: 2022-10-21T19:01:15Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXrkBDsevpQUdJ7rBiJUA==

Redirect headers

date
Fri, 21 Oct 2022 19:01:15 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 55201B0B0DBA4E48B283604B76E9E426 Ref B: CHGEDGE1414 Ref C: 2022-10-21T19:01:15Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
/db_sync?pid=10339&puuid=9ca56052d4179c4a68c74b3c0da7c5c4db9d5914b4256de275d334b3360a7055791426b5417dce21&rand=06403571&expected_cookie=b1944eb5-1110-4d91-beeb-447e691a7d35
x-li-proto
http/2
content-length
0
x-li-uuid
AAXrkBDqY1+zuazuQ0cKtQ==
SPug
image4.pubmatic.com/AdServer/ Frame F3FE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d6336352-ec7a-4b00-95f1-1a9804c2db7f
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d6336352-ec7a-4b00-95f1-1a9804c2db7f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 21 Oct 2022 19:01:14 GMT
Server
MT3 4539 98cc2da master ord-pixel-x49 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d6336352-ec7a-4b00-95f1-1a9804c2db7f
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 21 Oct 2022 19:01:13 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F3FE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mjk0NTM5NjktMUYyOS00MjBCLUFDRDctNkM1M0I0NTIyMURC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:01:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F3FE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPBKwmP8c0Si8MmNwcgfG4I&google_cver=1
42 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPBKwmP8c0Si8MmNwcgfG4I&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:01:13 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPBKwmP8c0Si8MmNwcgfG4I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F3FE
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:4E225F31A4974A0FA1E0AB6F4C01C6E0
42 B
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:4E225F31A4974A0FA1E0AB6F4C01C6E0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:01:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Fri, 21 Oct 2022 19:01:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:4E225F31A4974A0FA1E0AB6F4C01C6E0
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 20 Oct 2022 19:01:14 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F3FE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3981096095250849001&gdpr=0&gdpr_consent=&us_privacy=
1 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3981096095250849001&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 21 Oct 2022 19:01:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3981096095250849001&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame F3FE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=96c184ef-d2dc-46f0-8c36-35f68e7519ef
42 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=96c184ef-d2dc-46f0-8c36-35f68e7519ef
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:01:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=96c184ef-d2dc-46f0-8c36-35f68e7519ef
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
313
zmeOo8ONk1YqWYD8DpPjl7c0n4Y1CeYWRiKSJrvfmvk.js
pagead2.googlesyndication.com/bg/ Frame E6AE 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zmeOo8ONk1YqWYD8DpPjl7c0n4Y1CeYWRiKSJrvfmvk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce678ea3c38d93562a5980fc0e93e397b7349f863509e61646229226bbdf9af9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 17:49:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16035
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 17:49:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C238 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101801&jk=1426433198053649&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012210071758000/ Frame 8AC2 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf0aa24d09af1cf519a71ab5810beada6d9519e92e9203719edae4f47c793630
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 19 Oct 2022 17:31:51 GMT
age
178163
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61557
x-xss-protection
0
server
sffe
etag
"6f919b986f193e5c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 19 Oct 2023 17:31:51 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 8AC2 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 20 Oct 2022 03:07:25 GMT
age
143629
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5208
x-xss-protection
0
server
sffe
etag
"79c6a9d24c248711"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 20 Oct 2023 03:07:25 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 8AC2 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-analytics-0.1.mjs
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Oct 2022 17:09:22 GMT
age
352312
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28805
x-xss-protection
0
server
sffe
etag
"61ef65d2d2d03d2c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 17 Oct 2023 17:09:22 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 8AC2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-fit-text-0.1.mjs
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 19 Oct 2022 19:47:26 GMT
age
170028
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1904
x-xss-protection
0
server
sffe
etag
"cd31ad97eaf70e3d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 19 Oct 2023 19:47:26 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 8AC2 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-form-0.1.mjs
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 19 Oct 2022 13:58:19 GMT
age
190975
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12962
x-xss-protection
0
server
sffe
etag
"81bd7ae64421add4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 19 Oct 2023 13:58:19 GMT
truncated
/ Frame 8AC2 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
991a6a50774ec707a9ad93cf715b8073ac76a0174e37d990d14842796c934e2e

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
8245290170102708207
tpc.googlesyndication.com/simgad/ Frame 8AC2 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8245290170102708207?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkccda2QJ_3SkNe2_dhFpiQ-GljGg
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae52bf86de6269eea3844925611c0926a53d1348cd48737c10d3a35e3864a4d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 06:04:51 GMT
x-content-type-options
nosniff
age
132983
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34769
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 16:15:48 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 20 Oct 2023 06:04:51 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8AC2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 23:46:49 GMT
x-content-type-options
nosniff
server
cafe
age
69265
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 21 Oct 2022 23:46:49 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8AC2 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 03:45:51 GMT
x-content-type-options
nosniff
server
cafe
age
54923
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 22 Oct 2022 03:45:51 GMT
l
www.google.com/ads/measurement/ Frame 8AC2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/ads/measurement/l?ebcid=ALh7CaQrLChIfeFID_QI9YvoLPy1bFhiPtIc0GGNew71F13NmUjuucHctTCC1qFjTUn4D481toQAcaQGzT2gaaBSfVsc4BtYiw
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 8AC2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cez4beuxSY-SUD8WIvPIPhP252A7Fs7SIbaqyupT8DrCQHxABINrXxTlgybajiPCj7BKgAenoo-sDyAEC4AIAqAMByAMIqgSGAk_Q3RO7v8gxc5ZfoRnd95PAFj45jCMRzOH05ulxgLTgCAWvx0CqzTiCYXacc3wJzOMyf0IC0i2JAcG8ytc5A5NaoSGR_gsCbZ1tZfuPCMESIizF47Rbqzhpv36gnGvfbpvgZsBrTTp1MM4qOpQbmXgNQxEPbxOmjZcGT1yJHryOj4Nel8Cy00JrN8bmaAoVW3ZEY_YxWAfQ48t53fcR8Gmx80uu3Is4PBAC6pyWA0R89BK-nimqhcyokvpjLskZ7kUEfVH8EFRfUl0XwyJda0G2d-FCPys2WgUHGPWlafXh6VZS7rZcX4YXZYMj5hhb6fEjumWUuTRy9ggn3KBmMvixFOjuzpvABJPd1Z72A-AEAZIFBAgEGAGSBQQIBRgEoAYCgAf_ltwUqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ880r0ggQCIhhEAEYHTIDioIBOgKAQIAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi0zNjA1MjU3MzYwODUzMTg1GLrIFw&sigh=wWGwhhmiuBA&uach_m=[UACH]&cid=CAQSPgDq26N9NVG-j_nsHvkQaXsh8Vznev8w3TXAHsFEeaPhtPfLvkJbmYAlmHeJktBZkhLfgVjfDfAfdpuLF6VfGAEgDg
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 22 Oct 2022 19:01:14 GMT
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.34.0.049f1a3641f8329ad530a2107f33a59077a0d32e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
048f874e94895a241be04b856561141875dfbaccecb9d17194636e4e76e35d46

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 21 Oct 2022 19:01:14 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
/
onetag-sys.com/usync/ Frame 6935 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
70c9f5b9ffc4e421a2af06e98aedcbba13c4abc468de1de1e34abfd10e44cd1a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://powerball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1448
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
syncframe
gum.criteo.com/ Frame 9E61 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=powerball.com
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b043a79fc3e5aa25fc53b624db4dfc612198a4e62e43780296ab07dafb6f8f83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://powerball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 19:01:14 GMT
server
Kestrel
server-processing-duration-in-ticks
399388
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-161a8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 22 Oct 2022 19:01:15 GMT
generate_204
tpc.googlesyndication.com/ Frame E6AE 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?sgeXSQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:15 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8AC2
Redirect Chain
  • http://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H2
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Redirect headers

Date
Fri, 21 Oct 2022 19:01:15 GMT
X-Content-Type-Options
nosniff
Server
cafe
Content-Type
text/html; charset=UTF-8
Location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Cache-Control
private
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
0
X-XSS-Protection
0
/
onetag-sys.com/match/ Frame 6935
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=d6336352-ec7a-4b00-95f1-1a9804c2db7f&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=d6336352-ec7a-4b00-95f1-1a9804c2db7f&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Fri, 21 Oct 2022 19:01:15 GMT
Server
MT3 4539 98cc2da master ord-pixel-x57 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=d6336352-ec7a-4b00-95f1-1a9804c2db7f&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 21 Oct 2022 19:01:14 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 6935 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.90 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
deb9f124eecce7a554c70ca983265c95
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 6935
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5512368809063269799
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5512368809063269799
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:15 GMT
AN-X-Request-Uuid
4e7ed194-f984-421e-a983-076fae08b22b
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5512368809063269799
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 6935 		42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=_v2_ZAUffyfHuhwCvhUGMPYDn8Pb8Acs_MtqX-6I3Y4
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ad49a0f18e050afeb6359164ab3bd56e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 6935
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg_vrfvtbnv89-pJXiVcHud4t21mi_A2NDg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg_vrfvtbnv89-pJXiVcHud4t21mi_A2NDg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABg_vrfvtbnv89-pJXiVcHud4t21mi_A2NDg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 6935 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.181 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:14 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 6935
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=_v2_ZAUffyfHuhwCvhUGMPYDn8Pb8Acs_MtqX-6I3Y4
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=_v2_ZAUffyfHuhwCvhUGMPYDn8Pb8Acs_MtqX-6I3Y4
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R8NYZNR664R8SNN97RNX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=_v2_ZAUffyfHuhwCvhUGMPYDn8Pb8Acs_MtqX-6I3Y4
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 6935 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:14 GMT
content-length
0
/
onetag-sys.com/match/ Frame 6935
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEEDh7qjRdA5rqxFFbo7ndp0&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEEDh7qjRdA5rqxFFbo7ndp0&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEEDh7qjRdA5rqxFFbo7ndp0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 6935
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=60ff955442c619f1&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAByOcoE5-mnAMZTSYtAAAAAAA&expiration=1666465275&is_secure=true
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAByOcoE5-mnAMZTSYtAAAAAAA&expiration=1666465275&is_secure=true
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:15 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAByOcoE5-mnAMZTSYtAAAAAAA&expiration=1666465275&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame 6935 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 6935
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=96c184ef-d2dc-46f0-8c36-35f68e7519ef&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=96c184ef-d2dc-46f0-8c36-35f68e7519ef&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:15 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=96c184ef-d2dc-46f0-8c36-35f68e7519ef&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
233
sync
x.bidswitch.net/ Frame 6935 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
setuid
s2s.t13.io/ Frame 6935 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=onetag&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=_v2_ZAUffyfHuhwCvhUGMPYDn8Pb8Acs_MtqX-6I3Y4
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:15 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
sid
mug.criteo.com/ Frame 9E61
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=powerball.com&sn=ChromeSyncframe&so=0&topUrl=powerball.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=Ywj9sHxwbWs0eEpJSURjdTZBbVB0NTNiWHRiNlBPZUpSQ0tnSHROUUlOV0NYSlE1UGNySWdLNG1kOVhQRXVQR3MvQnpQOEN6elNjd0pPMXB1VEs2Ui84WDFOeHlZZEFvT2Y5K1BSd0hUWlV3bFZMZmxlT1FqQWJyRVNWME...
425 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Ywj9sHxwbWs0eEpJSURjdTZBbVB0NTNiWHRiNlBPZUpSQ0tnSHROUUlOV0NYSlE1UGNySWdLNG1kOVhQRXVQR3MvQnpQOEN6elNjd0pPMXB1VEs2Ui84WDFOeHlZZEFvT2Y5K1BSd0hUWlV3bFZMZmxlT1FqQWJyRVNWMERzZFBCNkxwR2VrOEtCM1J4RmQ2UURHZlNIcnlOSHIwQU11QnJUUkRiUFBKRjllYUxUL3c5eVNENWwrR1ZPaHVGSDJsWTlLUGhxdnJPWTZTVXFjR1BYcEwxWFVheHNDUnJmWTRsNlVCd1o0ckxkaGhNbnhlekZVK0VoWFhSSEJZS1RFd1BmTUx2dThTaWhRSUhsMnRFY2w3MEcrS2tFUT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
692f818aef596a451ddd3e3e49972c2c9d40a2c4b95818ab68c2404cd48d208d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:14 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4605923
expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:15 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Ywj9sHxwbWs0eEpJSURjdTZBbVB0NTNiWHRiNlBPZUpSQ0tnSHROUUlOV0NYSlE1UGNySWdLNG1kOVhQRXVQR3MvQnpQOEN6elNjd0pPMXB1VEs2Ui84WDFOeHlZZEFvT2Y5K1BSd0hUWlV3bFZMZmxlT1FqQWJyRVNWMERzZFBCNkxwR2VrOEtCM1J4RmQ2UURHZlNIcnlOSHIwQU11QnJUUkRiUFBKRjllYUxUL3c5eVNENWwrR1ZPaHVGSDJsWTlLUGhxdnJPWTZTVXFjR1BYcEwxWFVheHNDUnJmWTRsNlVCd1o0ckxkaGhNbnhlekZVK0VoWFhSSEJZS1RFd1BmTUx2dThTaWhRSUhsMnRFY2w3MEcrS2tFUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
446242
content-length
0
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame AF7C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0CnNj1R77EAoDN_p1xOJ6WtHpW6k6oKJdk7yBbjA21ztTMteIEPAx92L7P9IcScqmWDJI7BmPzHqJU-DqOJ9T6HtwK2I3rKTGNIdRrPVIsJc30ltNVi0NfjbHnbCZZw3cI6rsoZv0c5JjYUlMDFBGTmV5nSwOnimFvMa00Wy_A1cXGg8N4BJMrJx8n5Zi1pRwAt4w4gkRO4Y-wyjt8dxbLY8NmPQOzo1-Rk3fqkXuoXrXoHl8AbZbsk3hOtYfhQyYHHQCADE8VYzuVJx4WrVUi0AtJkbdtWIZyk87KtFBf_rjOYjxgODOLGYkshtvFjpuwrlPo882qstcqDFHcC3393-JHprW1WfZHw&sai=AMfl-YRPd51nKEG6DSgUraP-anA9MtDgKU9trfP_jNhMVeFJUCHDBEz9RyyDuXML96HENzQjL7ENdxxXS2NqaPUYoAEQs0HwdHtxGgaxc7kQuva9Jjvq1eB7Hyr0HWnunZR4qOczbQ&sig=Cg0ArKJSzL8EvppPbaY8EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
outbrain.js
widgets.outbrain.com/ Frame AF7C 		210 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.61.104 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-104.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b226e982ebf082c4a1c171f540a54f626f9204638f6aa865f8df7a128fe3eb70

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:15 GMT
content-encoding
gzip
last-modified
Wed, 19 Oct 2022 11:46:42 GMT
etag
"17-iodPX+MRDMKjVN9qdCLmX0u1SEA"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah-stg
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14400
access-control-allow-credentials
false
x-traceid
8c1e09d72611265bdb4e7dd8b5413e36
timing-allow-origin
*, *
content-length
73787
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AF7C 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Oct 2022 19:01:15 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 685E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmqWAozQQ06t13Q1f_fof3qtMoCHIHjOl_JIzLZspg0GUN1pDKPeDF3ouup4uWXkeLpQJOOVk3aSUmcGEJaDWFS3VkewFB-Et4itR2sbPzREQGIOTlm8wz--WJ4CaqvZxnHfeqVf0jOjDW35xS49fgXDJZ6_L81J2VrQ20vuBpZkYnpR2S2SulNOlu_glvHyd1qOkbGdhScFiPZXqlNuIXLxxvBD1z6tCvl6tGed2jfmRRfThQZSucs3jY_POagXR9kweto5CPgHlH0l4NWdqHNrHwkTy5jxmuUaRV8lTte8oCg3ROk9zn4fglk7wEp8fBLNEKb3UXZK8_OzTxzfapV4KgeuIDObmxiA&sai=AMfl-YT5XhYndLCRBLB2w7dtDsyfL-p-WiO4RyqwsErZ4k381pVy1akXDuXM5KPpoZ0St2ueZvo3UX781Dat3BK-p9S8LeiT4lZNSM_gsL0SOhLow1CuEFTgLNACCodbYHGZ9i7Q_w&sig=Cg0ArKJSzKQzZFCQGB-KEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
outbrain.js
widgets.outbrain.com/ Frame 685E 		210 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.61.104 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-104.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4de6eb13c2c48151c25cb6dc7f50c671c5da62d5b4b74e3fc9bc27166d545a98

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:15 GMT
content-encoding
gzip
last-modified
Wed, 19 Oct 2022 11:46:42 GMT
etag
"17-iodPX+MRDMKjVN9qdCLmX0u1SEA"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14400
access-control-allow-credentials
false
x-traceid
e31260693ad72989c2ee112555d4002c
timing-allow-origin
*, *
content-length
73787
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 685E 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Oct 2022 19:01:15 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012210071758000/ Frame 82E0 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf0aa24d09af1cf519a71ab5810beada6d9519e92e9203719edae4f47c793630
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 19 Oct 2022 17:31:51 GMT
age
178164
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61557
x-xss-protection
0
server
sffe
etag
"6f919b986f193e5c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 19 Oct 2023 17:31:51 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 82E0 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 20 Oct 2022 03:07:25 GMT
age
143630
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5208
x-xss-protection
0
server
sffe
etag
"79c6a9d24c248711"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 20 Oct 2023 03:07:25 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 82E0 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-analytics-0.1.mjs
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Oct 2022 17:09:22 GMT
age
352313
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28805
x-xss-protection
0
server
sffe
etag
"61ef65d2d2d03d2c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 17 Oct 2023 17:09:22 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 82E0 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-fit-text-0.1.mjs
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 19 Oct 2022 19:47:26 GMT
age
170029
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1904
x-xss-protection
0
server
sffe
etag
"cd31ad97eaf70e3d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 19 Oct 2023 19:47:26 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 82E0 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-form-0.1.mjs
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 19 Oct 2022 13:58:19 GMT
age
190976
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12962
x-xss-protection
0
server
sffe
etag
"81bd7ae64421add4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 19 Oct 2023 13:58:19 GMT
css
fonts.googleapis.com/ Frame 82E0 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 21 Oct 2022 19:01:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 21 Oct 2022 18:15:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 Oct 2022 19:01:15 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 82E0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 23:46:49 GMT
x-content-type-options
nosniff
server
cafe
age
69266
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Fri, 21 Oct 2022 23:46:49 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 82E0 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 03:45:51 GMT
x-content-type-options
nosniff
server
cafe
age
54924
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 22 Oct 2022 03:45:51 GMT
container.html
dd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 25DC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://powerball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 21 Oct 2022 19:01:14 GMT
expires
Sat, 21 Oct 2023 19:01:14 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame 82E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/ads/measurement/l?ebcid=ALh7CaTDpMPfH0BPpP99LPXGIj3rFN9H0wq32o6hxTuOiCLqj3j-tPrDy4ujb5nQ6doVLSH3SXfUM-iOugn1iIxzhbgFz9an-Q
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Server
2607:f8b0:4006:81f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 82E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQ_HWeuxSY4bGKMXOxtYPjuWJqAP4vZWGbcagiYHnD5741OgGEAEg2tfFOWDJtqOI8KPsEqAB6f31zwPIAQngAgCoAwHIAwqqBIsCT9A0M1AXvPCih2LC_H9D_1OpxAWJ6Qz5ClsMuZkePvxgO0p3zpQ56sca7ADHoa_ZiCwhP4jn9DKvyn1rp0DHJbdfBgxVPvt09YFjZBi_TVg2Q0xF6_zQRkGQDauZN5LkNGaa0Ri6ZCpWAukZBmVSW-i7mpetO-_pQCPZ_KoL9-J9uCWl7YZKqyKX0SlGec6tvbFbRtpSmlCsueNYZxEr0_oUAankv2p6ZcWJJ2mfbhxk7_LOVcA7-ke2Bvlu8VTFbHTkHq4Gjt51adQ4m3AWlZkkBwR4OwApjqTOecvGNdszY7D0CH-QVpijI-AWduw88DUkSMWf8mU973lB5JiOMt8N-1tf8iFLOvLAwATjx9jskwTgBAGSBQQIBBgBkgUECAUYBKAGLoAH6qnCaKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELeOA9IIEAiIYRABGB0yA4qCAToCgECACgPICwG4E-QD2BMMiBQB0BUBgBcBshceChwIABIUcHViLTM2MDUyNTczNjA4NTMxODUYusgX&sigh=QT2TxDXfyrM&uach_m=[UACH]&cid=CAQSPwDq26N9uo3DlpJqxyXGizzMBDKAD3YNKSBF0ag19CRJLHCEEJXMzDqy_sS8Tb6TRSFOK1Dhv0uENAu1myKq3xgBIA4&template_id=484
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
2076313506083323656
tpc.googlesyndication.com/simgad/1510885100954796723/ Frame 82E0 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1510885100954796723/2076313506083323656
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2cab2a52dde7a7bb3713a97e32cf9535c19bf2d3ad9cf8b3e125851a34694c81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 05:01:01 GMT
x-content-type-options
nosniff
age
136814
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36171
x-xss-protection
0
last-modified
Tue, 24 May 2022 16:08:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 20 Oct 2023 05:01:01 GMT
truncated
/ Frame 82E0 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bbf817ea38cc3e2226180b9f67af1ce192a5d6c4e5687107162042869cd9d64

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 82E0 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c48a52c1e3de9a9a65c655c0f98b2b8011e634b7ca25e07fef0fed996c9348f8

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
setuid
s2s.t13.io/ Frame 8860
Redirect Chain
  • https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%24UID
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D%...
  • https://cs.emxdgt.com/umcheck?apnxid=5512368809063269799&redirect=https://s2s.t13.io/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=$EMXUID&b64_redirect=aHR0cHM6Ly9zMnMudDEzLmlvL...
  • https://s2s.t13.io/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=5512368809063269799brt56781666378875893797b8
0
14 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s2s.t13.io/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=5512368809063269799brt56781666378875893797b8
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://powerball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Fri, 21 Oct 2022 19:01:16 GMT
expires
0
pragma
no-cache
via
1.1 google

Redirect headers

content-length
0
content-type
text/html
date
Fri, 21 Oct 2022 19:01:15 GMT
location
https://s2s.t13.io/setuid?bidder=emx_digital&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=5512368809063269799brt56781666378875893797b8
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 82E0 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://powerball.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 19:31:57 GMT
x-content-type-options
nosniff
age
170958
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:31:57 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 82E0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://powerball.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 19:33:19 GMT
x-content-type-options
nosniff
age
170876
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:33:19 GMT
truncated
/ Frame AF7C 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bca8ca0b606f27bde0deffb6bdec48b21b09589ff34f84855d7fc900da207413

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 685E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4253bcd962219ec33a94049a055ea2fa222639cc84bce54ac8847e98779751bf

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.34.0.049f1a3641f8329ad530a2107f33a59077a0d32e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
048f874e94895a241be04b856561141875dfbaccecb9d17194636e4e76e35d46

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 21 Oct 2022 19:01:15 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 25DC 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: dd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com
URL: https://dd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 19:31:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170975
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 19 Oct 2023 19:31:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 25DC 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: dd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com
URL: https://dd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 21 Oct 2022 19:01:16 GMT
cG93ZXJiYWxsLmNvbQ==
tcheck.outbrainimg.com/tcheck/check/ Frame AF7C 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/cG93ZXJiYWxsLmNvbQ==
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:16 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=15378
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
1ce7d41e229ce1e7e253d760e8a21fe6
Content-Length
16
Expires
Fri, 21 Oct 2022 23:17:34 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ Frame AF7C 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.61.104 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-104.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:16 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Sun, 20 Nov 2022 19:01:16 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ Frame 685E 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.61.104 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-104.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:16 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Sun, 20 Nov 2022 19:01:16 GMT
cG93ZXJiYWxsLmNvbQ==
tcheck.outbrainimg.com/tcheck/check/ Frame 685E 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/cG93ZXJiYWxsLmNvbQ==
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:16 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=15378
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
1ce7d41e229ce1e7e253d760e8a21fe6
Content-Length
16
Expires
Fri, 21 Oct 2022 23:17:34 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101801&jk=1426433198053649&bg=!QEOlQwfNAAaaxvStusY7ACkAdvg8Wnk782rZxDk4eRhaPcxyklCyNUf_-YlLatOVftus_RDFm6zLNQIAAAFwUgAAAARoAQcKAFPYozc2FaUUblowW7INJznxlK5SDBRWQMw6iFG_nzm2DMJo-U39lWE16Zcj0EYWmr0SzkMtJ9SD8etZ-yAn88sinVnbDxAN4n4rcgXVZ8IOyfhB7JkCmSSz1ZQ3f-qM-9eWEmvSKnCWF42lXgS1jePPg5HQDcyvr082o2ny6wxyOKGNvVwXCnvP3QWG-u4RcwS2-N4WTAw53r8BpOIOBIpNlAM3OyXoznMh1mioB2QL1SAi8YtAIRWucL5-O5BtuR-6AiP3n9JJnIO6MsJ8-lKzQ3Y0GFPPZ1o-5wUntdEpsMStinP9cn1zd-7VHqB0ltge2UXR-lC2QPUlH9bm4k4oMUgs4cWELi1OJhL7KNkoL7kbV7H_Exhp0CpKYGOHNIqRwD4hnumzZorUJBfopMpkpkiZ3KuM4OTcFokj3qZ1a7YZLyShKbKQfbsYEhLFC1IznI0FTaKZza9eNbujU_lojkNXrYriAv9nkgP0ijAQblJ8ONnQ6bPcYEptokTtubA0FfYstG--fR917i55He7Xg5_CC-em5kbzFc7amotOxGy167VLD8-mXAnMMbr2WJ0ux3POExSVGPIA48z0HkwBI2yPVEDhAB2tfy3lgF1CI6kS6bjDIJXDtOcAIk5cuY92ZJBC8PBUqtiKNJ8gDnW1Eh5CcRdSTyaGFaIluLFVtwn7LrpXEg_Qa8jdwKvnnN2BAz_lH0l0B-ys35SgjrH29UJQr8iSclO6larxq-XHLMxo0_gmu5y_bTdmOLoICGqJRkS8l0u-Lrx538MRQKAiL3pc8ggYYwbLwY5DuQKZGIACUE1wJzp6jsT01qrqlfrzEnHg0UfbvxqEXzxfDtahIckqSTnNw5lghQyLEqVuiw1Rgpbz089UZbdLPFtsSEl8ZLoGfC-Cq0wB5fOy1Wq-YEPSwLdnbgHQ-5gmlA7q08KIGrnkjuyyO3_UppB9d9VRisvizQixz7dwHL1gGHxvDsCMrwrl7dW1ckuFy4yq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 25DC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5ykqWeqNI2w3vYdsiY7PRVvIAu9zvuLY9j3tZJiNFbBI-bJ1P8-6AgEPLhiLMFygAwRRqLFSEPcq64U0ZeboYj7YCCqvdneGUIjX3cflNtmQzhsdi2i-4GIBX9rbgqAXB_YDBnNEZ3FeUHLhVTIx89aM3PEWnbn-F1b_1sO1BusuPAKaADDeT6UzkARLAZhN8GPj7THJ6n8qYjE3LL5gs16daMSG23-NkdH9UwtEO88BxfjLMXCCnw9oaJWl1HAokEjr593h3_u9qEe27uyDUHHVTLl7zy84HCXXVq_fJ2SVQub7bA9HYcSVRn5q1qJZ-r-jXZT-lyQrptQ8DC_ZYJQ&sai=AMfl-YTs_AvGgTUvs-W5IYXDKUbappvuFKBPn3bWtlzLsrTDUpcTf0Pi6PUMOWWJDtZUO2BkJGwFLOtlLRrM-bA9G4_c3g1Uriu4MRIx8Q8XDnQL7BQh-5ETiAUoYxQFZW2F1smDxA&sig=Cg0ArKJSzOw1ZoDcq5PNEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
ajs.js
cdn2.decide.dev/_js/ Frame 25DC 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.decide.dev/_js/ajs.js
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:4000:3:7df3:55c0:93a1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8c4fdb5d5d285dc8316d90b5f924e13abb66c4ec75d273f2f5b1f5bd91c3d92

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 11:50:29 GMT
content-encoding
gzip
via
1.1 google, 1.1 b85629c88fd144a4bf7989a1ad1ecc54.cloudfront.net (CloudFront)
last-modified
Fri, 21 Oct 2022 00:37:48 GMT
x-amz-cf-pop
JFK50-P7
age
25847
etag
W/"1a40-183f7f98440"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
DDXfLYaIg14i2W0TLn8hoR3D-qkX-D4YPFDJ7OQbYCzPcD9pmcUxbg==
view
securepubads.g.doubleclick.net/pcs/ Frame AF7C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZ-bfbMWxu6yCktchxbL0m8rfT76JpWTuZyQ1pV0Mm427cUAEROpB7P3PGo3cYYBbINQPusxdX0kmrbBXnARCmVd1jQv-50RftyjUDpulG1qZIHHMeFp9_1xaEPXrq2II2Jq8srDK7Gw_jYz6rcKQ3MKNaRZnlpX9Wz5QchZwFOYxw95zvyRMfLsc32BX4qFBvaGAAx4DicQrNVikf-8RfinjvXRQjWwAAIPB0jfoYeA64e-qCN4QUARaZ9XZZmq6FmBqGIatXgHBklyyRBv81VWtSgSKO46Ec58rELaYjXXLOV6RMxF51Rng1QDG6VLQ9ajyZ9Y_ijfKlJVUB_Q&sai=AMfl-YQZ18PO_OOwHc_WMI6w-65MwNdF16HPE4tu6zf-obQbGCAbg8Zw2TlLSV90Hbl-ErgOmzyUqzGmjys75jZFRS7rbF8Ocx_Rgflgtl6wCyN9pTT-gxnUIsdjc0JeT7uviFc4FA&sig=Cg0ArKJSzCZ1o2ufIjioEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 21 Oct 2022 19:01:16 GMT
setuid
s2s.t13.io/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=99&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dbasis%26uid%3D%7BuserId%7D%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26us_priv...
  • https://s2s.t13.io/setuid?bidder=basis&uid=80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553&gdpr=&gdpr_consent=&f=i&us_privacy=
86 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=basis&uid=80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553&gdpr=&gdpr_consent=&f=i&us_privacy=
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:16 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:15 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://s2s.t13.io/setuid?bidder=basis&uid=80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553&gdpr=&gdpr_consent=&f=i&us_privacy=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
truncated
/ Frame 25DC 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84cf7087f77b8bfffb48b53c24f98e0f0cae1457b807dd45c6ea5cfafd7a679f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 685E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8gf9Mis-DXvG_yeTyJkasa1LC2fZP2lA7IxN7dFguTptcHtQsxCD0DBSnTfKyc40aOmwWgYr0NxrdNnNkr1G6TMaK8HEiTioy-IxGwSQQAdeVTcZkk-CH7UFo89gVyr9MYNkW1JTlc9wqFtTLUKp1k--kIvEn1TzHI7lnuLE0Jmyv99fhcIVWPNer9ESbhtkK3Uf3yrz7sgsl5eNGVf6MDqs-Z3MIZsTP9NYnitPYdfb57UZlvUtFeRx23MiCFfP-g1Di5GC_5qi46qAe7WkE-WkfdTPqvfMF58-8rjESrFI2l6L25RxUXwiGH-YnfwIqtuSNi9DEuhOequehVA&sai=AMfl-YQAqTh3_G277kRZzMORVbPMOgw1_6axIxa5c0X2kdnURWyf_DDRiKWdz0I07k4sKv850-QhuSuG0sNF5JoILwTYEatXiYST_PHvor6zzD0tKnOa1f69SZjS4ZujSHRtulSRYg&sig=Cg0ArKJSzL_OevimI2x3EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 21 Oct 2022 19:01:16 GMT
platforms
odb.outbrain.com/utils/ Frame AF7C 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/platforms?contentUrl=http%3A%2F%2Fpowerball.com%2F&idx=0&rand=35664&key=FREES104AH2PELD73BHE4H9I0&widgetJSId=AR_3&va=true&et=true&format=html&adblck=false&abwl=false&px=0&py=0&vpd=0&cw=970&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000913&sig=4WstBwMA&apv=false&false&osLang=en-US&winW=970&winH=250&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&id5=ID5*fgQ8-3lfrv-HTvhxfM7LVjFkoxyouFdQrmKz9o0M7d8n-7uAdUjpnzuQXIyGXyxa&id5type=&ref=http%3A%2F%2Fpowerball.com%2F&ogn=http%3A%2F%2Fpowerball.com%2F
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.38.132 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
973204e682e5f10266a7584b00d9eec938523b0329393ccd8d876c16393087ea

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 21 Oct 2022 19:01:16 GMT
content-encoding
gzip
via
1.1 varnish
traffic-path
SADC1, IAD, USA_CENTRAL
x-cache
MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-traceid
98c7015a02d2b2f2049e60eacc1b3977
content-length
11029
x-served-by
cache-iad-kcgs7200050-IAD
pragma
no-cache
x-timer
S1666378876.400256,VS0,VE298
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
cache-control
no-cache
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
hde.tynt.com/deb/ Frame 3ED5
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privac...
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f...
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd115dfee70c785b8d7a1adc01b1d94b00dbb7cf7f76491c37cdfd2ba7d06740

Request headers

Referer
http://powerball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1638
content-type
text/html
date
Fri, 21 Oct 2022 19:01:16 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Fri, 21 Oct 2022 19:01:15 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.34.0.049f1a3641f8329ad530a2107f33a59077a0d32e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
048f874e94895a241be04b856561141875dfbaccecb9d17194636e4e76e35d46

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 21 Oct 2022 19:01:16 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
activeview
pagead2.googlesyndication.com/pcs/ Frame 8AC2 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1Vqxc6vr0iGTvc-AVbB58G6Mr2spdHGS1o9tnZkzMCJ5xRo5ZGnkrZbhLJxZO5i42ugOW5STM86uRhglGzhaYwoXvW6e8sucnsaV9CQVkCcsEdQQOxbGlXLB-aMo8ZKxGgDCZ&sai=AMfl-YTWWsPye7y8-slhhQbdeAPAGkTE4WGvgMgFvl3m_ugcrO6cAknm6KpO9BLKud9MBF-HiZ-dd0Kgrkc3MpLzllf3VV24Xk1TxdEvco9AEdS3XyYCwnqAOvDyyguRNp0o4g&sig=Cg0ArKJSzJk6vwdpVXGTEAE&cid=CAQSPgDq26N9NVG-j_nsHvkQaXsh8Vznev8w3TXAHsFEeaPhtPfLvkJbmYAlmHeJktBZkhLfgVjfDfAfdpuLF6VfGAEgDg&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1007&mtos=0,0,1007,1007,1007&tos=0,0,1007,0,0&tfs=588&tls=1595&g=100&h=100&tt=1595&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
15369696027285350
decide.dev/lad/ Frame 7612 		26 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://decide.dev/lad/15369696027285350?pubid=ld-6552-7298&pubo=https%3A%2F%2Fdd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com&rid=powerball.com&width=300
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.139.129 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
174335d566d0545ab14e935285f18c94538c1e31a930e02cbbbdb621dff16447

Request headers

Referer
https://dd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-encoding
gzip
content-length
11029
content-type
text/html; charset=utf-8
date
Fri, 21 Oct 2022 19:01:16 GMT
via
1.1 google
platforms
odb.outbrain.com/utils/ Frame 685E 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/platforms?contentUrl=http%3A%2F%2Fpowerball.com%2F&idx=0&rand=2924&key=FREES104AH2PELD73BHE4H9I0&widgetJSId=AR_4&va=true&et=true&format=html&adblck=false&abwl=false&px=0&py=0&vpd=0&cw=728&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000913&sig=xtIiKATf&apv=false&false&osLang=en-US&winW=728&winH=90&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&id5=ID5*fgQ8-3lfrv-HTvhxfM7LVjFkoxyouFdQrmKz9o0M7d8n-7uAdUjpnzuQXIyGXyxa&id5type=&ref=http%3A%2F%2Fpowerball.com%2F&ogn=http%3A%2F%2Fpowerball.com%2F
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.38.132 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8ee4b8bc6afcaf826a6d2579fa90baaac11951298a93a81d0aaaa5f3dce3aff

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 21 Oct 2022 19:01:16 GMT
content-encoding
gzip
via
1.1 varnish
traffic-path
SADC1, IAD, USA_CENTRAL
x-cache
MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-traceid
7d41eddd7952ca85946df3c75d3f63c2
content-length
7670
x-served-by
cache-iad-kcgs7200050-IAD
pragma
no-cache
x-timer
S1666378876.424371,VS0,VE295
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
cache-control
no-cache
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame F3FE 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
test.html
widgets.outbrain.com/nanoWidget/externals/obUserFrame/ Frame 8D78 		2 KB
1004 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=47aa744a-7237-42c0-9bb0-3e8b7bbbca9c
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.61.104 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-104.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330

Request headers

Referer
http://powerball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
686
content-type
text/html
date
Fri, 21 Oct 2022 19:01:16 GMT
etag
"1e015194a0e596827cb8971f884eb43c:1666185224.127649"
expires
Fri, 28 Oct 2022 19:01:16 GMT
last-modified
Wed, 19 Oct 2022 11:43:48 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 3173 		416 B
597 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.61.104 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-104.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

Referer
http://powerball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
282
content-type
text/html
date
Fri, 21 Oct 2022 19:01:16 GMT
etag
"c0311cf15c21ddda054005e92fad3f9e:1666185221.3368"
expires
Fri, 28 Oct 2022 19:01:16 GMT
last-modified
Wed, 19 Oct 2022 11:43:48 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ Frame AF7C 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.61.104 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-104.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:16 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1662969049.940408"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Sun, 20 Nov 2022 19:01:16 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame AF7C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.61.104 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-104.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:16 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Sun, 20 Nov 2022 19:01:16 GMT
l
mcdp-sadc1.outbrain.com/ Frame AF7C 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-sadc1.outbrain.com/l?token=abf2b05c300c4f840c0d5e499b69ee09_203177_1666378876651&tm=773&eT=0&widgetWidth=970&widgetHeight=250&widgetX=0&widgetY=0&wRV=2000913&pVis=1&lsd=47aa744a-7237-42c0-9bb0-3e8b7bbbca9c&eIdx=&cheq=0&rtt=451&oo=false&ab=0&wl=0
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.133.127.63 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Fri, 21 Oct 2022 19:01:17 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
b658193798aba2eed8e10e7f9a062775
Content-Length
28
Content-Type
text/plain; charset=UTF-8
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame E904 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.61.104 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-104.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
270baa991d4c6a92df00e1939f1f7ad1ec718a79ee8e376762baa4764a48de99

Request headers

Referer
http://powerball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
5843
content-type
text/html
date
Fri, 21 Oct 2022 19:01:16 GMT
etag
"2a7643b553402dee213d6f028f4fff0c:1664788511.382734"
expires
Fri, 28 Oct 2022 19:01:16 GMT
last-modified
Mon, 03 Oct 2022 09:10:09 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
eyJpdSI6ImZhN2MwZDUwYjRkMjA2MTMyNzZjMWE4MTY4ZjRmNDcyMDZhY2U4YmJiZDIwZDI5MDIwMDliMzRkMWNkMDQ4NTkiLCJ3Ijo0ODAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame AF7C 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImZhN2MwZDUwYjRkMjA2MTMyNzZjMWE4MTY4ZjRmNDcyMDZhY2U4YmJiZDIwZDI5MDIwMDliMzRkMWNkMDQ4NTkiLCJ3Ijo0ODAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7653017a67bf388018d8bfb0b6bf5f7f08fe527efcbe7192e16e580676386d73

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:16 GMT
last-modified
Mon, 10 Oct 2022 18:40:14 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1523678
access-control-allow-credentials
false
x-traceid
af551c63c2c05c72756717ca3b14aa44
timing-allow-origin
*, *
content-length
42548
eyJpdSI6IjJkOWQxYThkZjUxMjdmNzU4MGYzODFhMTk0NmVkZDU5YjUxMjkwZDkwNzgyMDY2ODA1YmU5YzMxYjM3MzMzZjkiLCJ3Ijo0ODAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame AF7C 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjJkOWQxYThkZjUxMjdmNzU4MGYzODFhMTk0NmVkZDU5YjUxMjkwZDkwNzgyMDY2ODA1YmU5YzMxYjM3MzMzZjkiLCJ3Ijo0ODAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7d3eeda444108bf4b47bab911c8ca56750b53165c7b72b1fa92d82fff246b7b7

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:16 GMT
last-modified
Mon, 26 Sep 2022 09:33:52 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=872985
access-control-allow-credentials
false
x-traceid
e8cb5924c7e1fe8024e95ae4ad37ae1a
timing-allow-origin
*, *
content-length
93414
eyJpdSI6ImFmYWMzOGQ1NTFlNWIwMjE5NmZkNmRkMTMwNjJjNGE1YTQ3MDAzYzc5MTQ5YTFjMTcwOGM3N2IxZjY5N2NhNWYiLCJ3Ijo0ODAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame AF7C 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImFmYWMzOGQ1NTFlNWIwMjE5NmZkNmRkMTMwNjJjNGE1YTQ3MDAzYzc5MTQ5YTFjMTcwOGM3N2IxZjY5N2NhNWYiLCJ3Ijo0ODAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
55a207ef42bd8bcc27b69afc58788b1e8abf75e8e7592fb713e82ba48680a1e6

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:17 GMT
last-modified
Thu, 20 Oct 2022 10:29:16 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2462115
access-control-allow-credentials
false
x-traceid
8943928dc81a770398f8a638975411e9
timing-allow-origin
*, *
content-length
37216
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ Frame AF7C 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=abf2b05c300c4f840c0d5e499b69ee09&pvId=abf2b05c300c4f840c0d5e499b69ee09&sid=9622469&pid=203177&idx=0&wId=110&pad=3&org=0&tm=812&eT=3&wRV=2000913&pVis=1&lsd=47aa744a-7237-42c0-9bb0-3e8b7bbbca9c&eIdx=0&oo=false&ab=0&wl=0
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:17 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
19ab0666019a065785b06efc5261c422
Content-Length
4
Expires
0
test.html
widgets.outbrain.com/nanoWidget/externals/obUserFrame/ Frame 4514 		2 KB
1004 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=2c052103-d3d9-4dea-b711-2cc18de455df
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.61.104 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-104.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330

Request headers

Referer
http://powerball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
686
content-type
text/html
date
Fri, 21 Oct 2022 19:01:16 GMT
etag
"1e015194a0e596827cb8971f884eb43c:1666185224.127649"
expires
Fri, 28 Oct 2022 19:01:16 GMT
last-modified
Wed, 19 Oct 2022 11:43:48 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame FB82 		416 B
597 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.61.104 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-104.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

Referer
http://powerball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
282
content-type
text/html
date
Fri, 21 Oct 2022 19:01:16 GMT
etag
"c0311cf15c21ddda054005e92fad3f9e:1666185221.3368"
expires
Fri, 28 Oct 2022 19:01:16 GMT
last-modified
Wed, 19 Oct 2022 11:43:48 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ Frame 685E 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.61.104 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-104.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:16 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1662969049.940408"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Sun, 20 Nov 2022 19:01:16 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 685E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.61.104 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-104.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:16 GMT
last-modified
Mon, 12 Sep 2022 07:37:47 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1662969032.874716"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Sun, 20 Nov 2022 19:01:16 GMT
l
mcdp-sadc1.outbrain.com/ Frame 685E 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-sadc1.outbrain.com/l?token=f995f8d003ed41b30dd1cf980e9e3960_203177_1666378876682&tm=723&eT=0&widgetWidth=728&widgetHeight=90&widgetX=0&widgetY=0&wRV=2000913&pVis=1&lsd=2c052103-d3d9-4dea-b711-2cc18de455df&eIdx=&cheq=0&rtt=388&oo=false&ab=0&wl=0
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.133.127.63 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Fri, 21 Oct 2022 19:01:17 GMT
access-control-expose-headers
content-range
content-encoding
gzip
X-TraceId
2e356990e9276de1c41d41c3c89cb170
Content-Length
28
Content-Type
text/plain; charset=UTF-8
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame E4D4 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.61.104 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-104.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
270baa991d4c6a92df00e1939f1f7ad1ec718a79ee8e376762baa4764a48de99

Request headers

Referer
http://powerball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
5843
content-type
text/html
date
Fri, 21 Oct 2022 19:01:16 GMT
etag
"2a7643b553402dee213d6f028f4fff0c:1664788511.382734"
expires
Fri, 28 Oct 2022 19:01:16 GMT
last-modified
Mon, 03 Oct 2022 09:10:09 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
eyJpdSI6ImZhN2MwZDUwYjRkMjA2MTMyNzZjMWE4MTY4ZjRmNDcyMDZhY2U4YmJiZDIwZDI5MDIwMDliMzRkMWNkMDQ4NTkiLCJ3IjozMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 685E 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImZhN2MwZDUwYjRkMjA2MTMyNzZjMWE4MTY4ZjRmNDcyMDZhY2U4YmJiZDIwZDI5MDIwMDliMzRkMWNkMDQ4NTkiLCJ3IjozMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8d693f48144bd8215d70c86e0600944a4d7e0eeff086f9bf21437c1ad2ab5a40

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:17 GMT
last-modified
Mon, 10 Oct 2022 18:40:14 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1523715
access-control-allow-credentials
false
x-traceid
889e16c1d6c757c83a72510f0ea59b89
timing-allow-origin
*, *
content-length
13698
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.34.0.049f1a3641f8329ad530a2107f33a59077a0d32e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
048f874e94895a241be04b856561141875dfbaccecb9d17194636e4e76e35d46

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 21 Oct 2022 19:01:16 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
e43142c6a66135333fa7f2b031fc52dcc1061d5d4fd7b261ddbabbec77bb0c65_medium
cdn1.decide.dev/uploads/ Frame 7612 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.decide.dev/uploads/e43142c6a66135333fa7f2b031fc52dcc1061d5d4fd7b261ddbabbec77bb0c65_medium
Requested by
Host: decide.dev
URL: https://decide.dev/lad/15369696027285350?pubid=ld-6552-7298&pubo=https%3A%2F%2Fdd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com&rid=powerball.com&width=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:e200:9:d7ff:bd00:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37cfb2e2949ec6907b5ee3326e1649042fcd78ecec7748bf23a408ea54a81e5a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://decide.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 20:52:42 GMT
x-amz-version-id
H2GWyiSQPeb.lyfv3FtGBcarSmhmStAs
via
1.1 d50d90bbddca57e02d6288d86c88470a.cloudfront.net (CloudFront)
last-modified
Wed, 16 Oct 2019 23:32:39 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
79716
etag
"61ffcd8e6db8cd00023573ce3556ffe6"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
22448
x-amz-cf-id
_l4rVnIrCsvV9MvmYqNcsUtpeHnV0yTBGjyBsM5V4M5T5aaQqqwVzg==
dc.js
stats.g.doubleclick.net/ Frame 7612 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: decide.dev
URL: https://decide.dev/lad/15369696027285350?pubid=ld-6552-7298&pubo=https%3A%2F%2Fdd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com&rid=powerball.com&width=300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://decide.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 21 Oct 2022 18:53:09 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
488
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Fri, 21 Oct 2022 20:53:09 GMT
truncated
/ Frame 7612 		9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c5e2241bef1a79a567a94c1a1ec90ca39ac7420f7bd79b088a33456e7a26b75

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
test.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 3173 		610 B
907 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.61.104 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-104.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

Referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
max-age=604800
content-length
610
content-type
text/html
date
Fri, 21 Oct 2022 19:01:17 GMT
etag
"48053d50141031b1511dbd30f9a31288:1666185222.022749"
expires
Fri, 28 Oct 2022 19:01:17 GMT
last-modified
Wed, 19 Oct 2022 11:43:48 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
test.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame FB82 		610 B
907 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.61.104 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-104.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

Referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
max-age=604800
content-length
610
content-type
text/html
date
Fri, 21 Oct 2022 19:01:17 GMT
etag
"48053d50141031b1511dbd30f9a31288:1666185222.022749"
expires
Fri, 28 Oct 2022 19:01:17 GMT
last-modified
Wed, 19 Oct 2022 11:43:48 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
usync.html
eus.rubiconproject.com/ Frame B17D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 21 Oct 2022 19:01:17 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 21 Oct 2022 19:01:17 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
setuid
s2s.t13.io/ Frame 3ED5
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1666378876983.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3...
  • https://s2s.t13.io/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=117943357376554
0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=117943357376554
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:17 GMT
via
1.1 google
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:16 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://s2s.t13.io/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=&f=b&uid=117943357376554
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 3ED5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=&gdpr_consent=&gdpr_pd=&ssp=the33across
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=X7y23APdTcl7PUkiRZntRWjtwR0&user_group=1&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=420cce5a-5f42-4fc5-b516-8ea244f75d87
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=420cce5a-5f42-4fc5-b516-8ea244f75d87&ts=1666378877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=420cce5a-5f42-4fc5-b516-8ea244f75d87&ts=1666378877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:17 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:16 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=420cce5a-5f42-4fc5-b516-8ea244f75d87&ts=1666378877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 3ED5
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1666378876983.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=d6336352-ec7a-4b00-95f1-1a9804c2db7f
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=d6336352-ec7a-4b00-95f1-1a9804c2db7f
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:17 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Server
MT3 4539 98cc2da master ord-pixel-x55 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=d6336352-ec7a-4b00-95f1-1a9804c2db7f
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 21 Oct 2022 19:01:16 GMT
match
events-ssc.33across.com/ Frame 3ED5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-Nt2XokVE2uFGhTzMiPYvS5zM_dre5HgV~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-Nt2XokVE2uFGhTzMiPYvS5zM_dre5HgV%7EA&ts=1666378877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-Nt2XokVE2uFGhTzMiPYvS5zM_dre5HgV%7EA&ts=1666378877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:17 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:16 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-Nt2XokVE2uFGhTzMiPYvS5zM_dre5HgV%7EA&ts=1666378877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 3ED5
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=49ccb2dbd96204c4&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAABsXR95RgO3QNzumNfAAAAAAA&expiration=1666465277&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAABsXR95RgO3QNzumNfAAAAAAA&ts=1666378877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAABsXR95RgO3QNzumNfAAAAAAA&ts=1666378877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:17 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:16 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAABsXR95RgO3QNzumNfAAAAAAA&ts=1666378877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 3ED5
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=4353502803413113050196
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4353502803413113050196&ts=1666378877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4353502803413113050196&ts=1666378877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:17 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:16 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4353502803413113050196&ts=1666378877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
396846.gif
idsync.rlcdn.com/ Frame E904
Redirect Chain
  • https://idsync.rlcdn.com/420046.gif?partner_uid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f024039c-3bdd-4dc6-b710-4bafa3309089
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f024039c-3bdd-4dc6-b710-4bafa3309089
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:17 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 21 Oct 2022 19:01:17 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f024039c-3bdd-4dc6-b710-4bafa3309089
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie-sync
sync.outbrain.com/ Frame E904
Redirect Chain
  • https://b1sync.zemanta.com/usersync/outbrain/?puid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=zemanta&uid=_LXaAu8R6aSZpIJwQozx&gdpr=0&us_privacy=1---
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=_LXaAu8R6aSZpIJwQozx&gdpr=0&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Cache-Control
no-cache
X-TraceId
2222e8ca28496a20db287647b74d006f
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:17 GMT
Content-Type
text/html; charset=utf-8
Location
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=_LXaAu8R6aSZpIJwQozx&gdpr=0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
130
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame E904
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=5512368809063269799&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=5512368809063269799&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Cache-Control
no-cache
X-TraceId
70ce9d097618c6f32c33b1fc4ac5ab9b
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:17 GMT
AN-X-Request-Uuid
5db3cb17-9e6a-4bb7-beb0-b0155ac4c138
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=5512368809063269799&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame E904
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=133726&dpuuid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_pd=1&gdpr_consent=
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_pd=1&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
54.236.207.110 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v043-0df6f76a7.edge-va6.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
q9NmOGD4Rns=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-2-v043-0baff97b0.edge-va6.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
0q8QFGxmQtg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_pd=1&gdpr_consent=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
set
sync-jp.im-apps.net/imid/ Frame E904 		43 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-jp.im-apps.net/imid/set?cid=1000047&tid=obid&uid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.150.52.25 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 21 Oct 2022 19:01:17 GMT
cache-control
max-age=3000
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
content-length
43
expires
Fri, 21 Oct 2022 19:51:17 GMT
cookie-sync
sync.outbrain.com/ Frame E904
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=96c184ef-d2dc-46f0-8c36-35f68e7519ef&gdpr=0&gdpr_consent=
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=ttd&uid=96c184ef-d2dc-46f0-8c36-35f68e7519ef&gdpr=0&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Cache-Control
no-cache
X-TraceId
5f3702bac8f762c410f655b3440ccc5a
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.outbrain.com/cookie-sync?p=ttd&uid=96c184ef-d2dc-46f0-8c36-35f68e7519ef&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
241
usermatch.gif
beacon.krxd.net/ Frame E904 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=outbrain&partner_uid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.2.39 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
beacon-n011-ash-prod.krxd.net
date
Fri, 21 Oct 2022 19:01:17 GMT
cache-control
private, no-cache, no-store
x-request-time
D=50 t=1666378877
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
g.pixel
aa.agkn.com/adscores/ Frame E904 		43 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212295978&puid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.90 -, , ASN (),
Reverse DNS
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:17 GMT
via
1.1 90a990c5327e86ade86681120dc4a236.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
ud_5ffA6ivXaiBxKvCtll34Bt52GuFF1Ajtwdyv0BXeFdT6jccVgCg==
expires
0
cookie-sync
sync.outbrain.com/ Frame E904
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual
  • https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=91fcb6b9-505e-4bf8-9dda-07d18b30bc80
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=91fcb6b9-505e-4bf8-9dda-07d18b30bc80
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Cache-Control
no-cache
X-TraceId
e3f47e8c13a8ec803c814b3b21888a6c
Content-Length
0

Redirect headers

location
//sync.outbrain.com/cookie-sync?p=mediaforce&uid=91fcb6b9-505e-4bf8-9dda-07d18b30bc80
date
Fri, 21 Oct 2022 19:01:17 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
bidswitch
sync-dmp.mobtrakk.com/match/ Frame E904
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=1---&ssp=outbrain&bsw=420cce5a-5f42-4fc5-b516-8ea244f75d87
0
0
cookie-sync
sync.outbrain.com/ Frame E904
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88...
  • https://sync.outbrain.com/cookie-sync?p=criteo&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---&uid=204fdf0e-3824-447a-9261-6c0340f91cc0
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---&uid=204fdf0e-3824-447a-9261-6c0340f91cc0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Cache-Control
no-cache
X-TraceId
dcc4da6c43d1cd0e65fd68b3be7a182b
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:16 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync.outbrain.com/cookie-sync?p=criteo&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---&uid=204fdf0e-3824-447a-9261-6c0340f91cc0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1275937
content-length
0
expires
Fri, 21 Oct 2022 00:00:00 GMT
sync
sofia.trustx.org/ul_cb/ Frame E904
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESENULrCoErKO-J02LJVz4R3E&google_cver=1
  • https://sofia.trustx.org/sync?tp_id=1&tp_uid=420cce5a-5f42-4fc5-b516-8ea244f75d87&ssp_custom_data=
  • https://sofia.trustx.org/ul_cb/sync?tp_id=1&tp_uid=420cce5a-5f42-4fc5-b516-8ea244f75d87&ssp_custom_data=
43 B
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sofia.trustx.org/ul_cb/sync?tp_id=1&tp_uid=420cce5a-5f42-4fc5-b516-8ea244f75d87&ssp_custom_data=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
35.211.168.6 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Date
Fri, 21 Oct 2022 19:01:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Location
https://sofia.trustx.org/ul_cb/sync?tp_id=1&tp_uid=420cce5a-5f42-4fc5-b516-8ea244f75d87&ssp_custom_data=
Date
Fri, 21 Oct 2022 19:01:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cookie-sync
sync.outbrain.com/ Frame E904
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7157042779475671193&gdpr=0&gdpr_consent=
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7157042779475671193&gdpr=0&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Cache-Control
no-cache
X-TraceId
e72e9e477b28e6593391cd154a219407
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7157042779475671193&gdpr=0&gdpr_consent=
Date
Fri, 21 Oct 2022 19:01:17 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
/
ps.eyeota.net/match/bounce/ Frame E904
Redirect Chain
  • https://ps.eyeota.net/match?bid=1mpn7m0&uid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual
  • https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
3.230.62.22 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Date
Fri, 21 Oct 2022 19:01:17 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/match/bounce/?bid=1mpn7m0&uid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual
Date
Fri, 21 Oct 2022 19:01:17 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual
id.geistm.com/m/OB/ Frame E904 		0
0
cookie-sync
sync.outbrain.com/ Frame E904
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=outbrain&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=OsCM9pDCGnwYKVIJmreF&pi=outbrain&gdpr=0&gdpr_consent=&us_privacy=1---
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=OsCM9pDCGnwYKVIJmreF&pi=outbrain&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Cache-Control
no-cache
X-TraceId
1573de7b9f489cceec17744d846e421e
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=OsCM9pDCGnwYKVIJmreF&pi=outbrain&gdpr=0&gdpr_consent=&us_privacy=1---
pragma
no-cache
date
Fri, 21 Oct 2022 19:01:17 GMT, Fri, 21 Oct 2022 19:01:17 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame E904
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L9IUYG1V-5-9AM8&gdpr=0&us_privacy=1---
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L9IUYG1V-5-9AM8&gdpr=0&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Cache-Control
no-cache
X-TraceId
afdb1a3779e18f613d056438624c3df6
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L9IUYG1V-5-9AM8&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
bd0f62a3fbacfef6a33ae6abaf6daf37
Expires
0
tpid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual
sync.crwdcntrl.net/map/c=14516/tp=OBRN/ Frame E904 		49 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.110.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-110-25.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:17 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.37.81
content-length
49
expires
0
/
loadus.exelator.com/load/ Frame E904
Redirect Chain
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&xl8blockcheck=1
  • https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual{%22attributes%22:%20{},%20%22agreedId%22:%20%22%22}
0
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual{%22attributes%22:%20{},%20%22agreedId%22:%20%22%22}
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Server
34.229.3.43 -, , ASN (),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Fri, 21 Oct 2022 19:01:17 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual{"attributes": {}, "agreedId": ""}
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
cookie-sync
sync.outbrain.com/ Frame E904
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UM...
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=Y1LseuPF_zXfayqsXM1MzAAAAJgAAAIB&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=Y1LseuPF_zXfayqsXM1MzAAAAJgAAAIB&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Cache-Control
no-cache
X-TraceId
bea71e1bfdedafe0c261c731ca88c0f5
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=Y1LseuPF_zXfayqsXM1MzAAAAJgAAAIB&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-cache
cf-ray
75dc3dae1c61c508-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
29453969-1F29-420B-ACD7-6C53B45221DB
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame E904
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/29453969-1F29-420B-ACD7-6C53B45221DB?gdpr=0&gdpr_consent=PM_CONSENT
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/29453969-1F29-420B-ACD7-6C53B45221DB?gdpr=0&gdpr_consent=PM_CONSENT
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Server
2600:1f18:4e9:5a07:dc3:ed1a:ad6b:ca3d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/pubmatic/29453969-1F29-420B-ACD7-6C53B45221DB?gdpr=0&gdpr_consent=PM_CONSENT
date
Fri, 21 Oct 2022 19:01:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
136
content-type
text/html; charset=utf-8
cookie-sync
sync.outbrain.com/ Frame E904
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26obUid%3DgFtybhkCw...
  • https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&uid=15f355fd-8974-465a-8b06-99f12210367a
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&uid=15f355fd-8974-465a-8b06-99f12210367a
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Cache-Control
no-cache
X-TraceId
e8d85da77da949b23d1646f497962510
Content-Length
0

Redirect headers

date
Fri, 21 Oct 2022 19:01:17 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.outbrain.com/cookie-sync?p=openx&gdpr=0&gdpr_consent=&us_privacy=1---&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&uid=15f355fd-8974-465a-8b06-99f12210367a
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie-sync
sync.outbrain.com/ Frame E904
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&us_privacy=1---&redir=true
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=y-sAB1jmhE2uFYJy1KbIqQXo5LvXF9PAbh_RS.ipI-~A&gdpr=0&gdpr_consent=
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=oath&uid=y-sAB1jmhE2uFYJy1KbIqQXo5LvXF9PAbh_RS.ipI-~A&gdpr=0&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Cache-Control
no-cache
X-TraceId
dbfaa6d6386e6383d02acb3cb626eb9d
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=oath&uid=y-sAB1jmhE2uFYJy1KbIqQXo5LvXF9PAbh_RS.ipI-~A&gdpr=0&gdpr_consent=
date
Fri, 21 Oct 2022 19:01:17 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie-sync
sync.outbrain.com/ Frame E904
Redirect Chain
  • https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDR...
  • https://sync.outbrain.com/cookie-sync?p=emx&uid=5512368809063269799brt56781666378875893797b8&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=emx&uid=5512368809063269799brt56781666378875893797b8&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Cache-Control
no-cache
X-TraceId
403f9a24c3b23fe9aabe37b34102268e
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=emx&uid=5512368809063269799brt56781666378875893797b8&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
date
Fri, 21 Oct 2022 19:01:16 GMT
content-length
0
content-type
text/html
cookie-sync
sync.outbrain.com/ Frame E904
Redirect Chain
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8...
  • https://ice.360yield.com/ul_cb/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYX...
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=97be25de-41d9-4a7c-a66d-656d13118b0e&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_priva...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=97be25de-41d9-4a7c-a66d-656d13118b0e&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Cache-Control
no-cache
X-TraceId
b9ce21383512355d3c790201bbde22cc
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=97be25de-41d9-4a7c-a66d-656d13118b0e&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
access-control-allow-origin
*
date
Fri, 21 Oct 2022 19:01:17 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cookie-sync
sync.outbrain.com/ Frame E904
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual%26gd...
  • https://sync.outbrain.com/cookie-sync?p=smaato&uid=6b331f9b&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=smaato&uid=6b331f9b&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Cache-Control
no-cache
X-TraceId
5fd25c38b6a776a918903787a247819f
Content-Length
0

Redirect headers

date
Fri, 21 Oct 2022 19:01:17 GMT
via
1.1 ae9634deb2e9d6f8d396fc6f1e0586fa.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.outbrain.com/cookie-sync?p=smaato&uid=6b331f9b&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
DcBt9WOSWZh8UTmyAHlHqLb0-RXw0igGG7Abr2O6vdxaTQh4W5VZZg==
cookie-sync
sync.outbrain.com/ Frame E904
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DgFtybhkCwr35M2...
  • https://sync.outbrain.com/cookie-sync?p=smart&uid=1576690719601751309&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=smart&uid=1576690719601751309&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Cache-Control
no-cache
X-TraceId
52bda8a9dcf42e5b80df11dc3f040e41
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=smart&uid=1576690719601751309&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
date
Fri, 21 Oct 2022 19:01:16 GMT
content-length
0
c.gif
c.bing.com/ Frame E904 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?red3=MSOB_pd&uid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:17 GMT
last-modified
Thu, 13 Oct 2022 20:08:57 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BAD93228E0CD4C498D6B246C9D1B8439 Ref B: CHGEDGE1813 Ref C: 2022-10-21T19:01:17Z
etag
"e47587a03fdfd81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
cookie-sync
sync.outbrain.com/ Frame E904
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVq...
  • https://sync.outbrain.com/cookie-sync?p=synacor&uid=64E176394381480A8C240ACC2295C633&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&us_privacy=1---
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=synacor&uid=64E176394381480A8C240ACC2295C633&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Cache-Control
no-cache
X-TraceId
8b413f9f795929a0b4f531343bb78bd8
Content-Length
0

Redirect headers

date
Fri, 21 Oct 2022 19:01:17 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
251352775
location
https://sync.outbrain.com/cookie-sync?p=synacor&uid=64E176394381480A8C240ACC2295C633&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&us_privacy=1---
access-control-allow-origin
https://widgets.outbrain.com/
access-control-allow-credentials
true
content-length
0
cookie-sync
sync.outbrain.com/ Frame E904
Redirect Chain
  • https://id.rlcdn.com/711945.gif?cparams=obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual
  • https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Cache-Control
no-cache
X-TraceId
01da1d32f124f80781d10d3bc5673e76
Content-Length
0

Redirect headers

date
Fri, 21 Oct 2022 19:01:17 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie-sync
sync.outbrain.com/ Frame E904
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DgFtybhkCw...
  • https://sync.outbrain.com/cookie-sync?p=centro&uid=80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=centro&uid=80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Cache-Control
no-cache
X-TraceId
020d080e9b93739f339e6865d2cef216
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:17 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.outbrain.com/cookie-sync?p=centro&uid=80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
cookie-sync
sync.outbrain.com/ Frame E904
Redirect Chain
  • https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&uid=p8PLAvSTyQm8lZgJ8snTBKDEyAO8xJgIqZJ4L5oq
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&uid=p8PLAvSTyQm8lZgJ8snTBKDEyAO8xJgIqZJ4L5oq
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Cache-Control
no-cache
X-TraceId
60ee6414c2f0eb346dba651399653b6d
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://sync.outbrain.com/cookie-sync?p=quantcast&gdpr=0&uid=p8PLAvSTyQm8lZgJ8snTBKDEyAO8xJgIqZJ4L5oq
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame E904
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562709&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpulsepoint%26uid%3D%7BuserId%7D%26obUid%3DgFtybhkCwr35M2vQn6X0IN...
  • https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid={userId}&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---&ev=1&us_privacy=${us_priv...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid={userId}&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---&ev=1&us_privacy=${us_privacy}&pid=562709
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Cache-Control
no-cache
X-TraceId
6b948cb893cda9fb516daf534b480c21
Content-Length
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://sync.outbrain.com/cookie-sync?p=pulsepoint&uid={userId}&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---&ev=1&us_privacy=${us_privacy}&pid=562709
content-language
en-US
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6bdd85b5c9-xc22t
expires
-1
cookie-sync
sync.outbrain.com/ Frame E904
Redirect Chain
  • https://trace.mediago.io/cs/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbaidu%26uid%3D%7Buserid%7D%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual%26g...
  • https://sync.outbrain.com/cookie-sync?p=baidu&uid={userid}&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=baidu&uid={userid}&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Cache-Control
no-cache
X-TraceId
1789cc945f88e4c699c4e2a33a166208
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=baidu&uid={userid}&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=0&gdpr_consent=&us_privacy=1---
date
Fri, 21 Oct 2022 19:01:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
209
content-type
text/html; charset=utf-8
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fpowerball.com%2F&domain=powerball.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://powerball.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
http://powerball.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 21 Oct 2022 19:01:17 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
486334
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fpowerball.com%2F&domain=powerball.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=dNZPJHx1VWxRQkFJZ296Y2dlNzQxZnRtRkxkVzBYMmYzMjEvamRYNXFIcStTNkl5bk05Zllwc292Qndwc0Zpc0wwcW1US2YvQ2trczg2SnY4NTRzL1lGNEYxbXM0WC9FbVRsN3lMQ0syZWtDdmYwY2FoR0lIcllXemJ6Uz...
410 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=dNZPJHx1VWxRQkFJZ296Y2dlNzQxZnRtRkxkVzBYMmYzMjEvamRYNXFIcStTNkl5bk05Zllwc292Qndwc0Zpc0wwcW1US2YvQ2trczg2SnY4NTRzL1lGNEYxbXM0WC9FbVRsN3lMQ0syZWtDdmYwY2FoR0lIcllXemJ6UzZjRXNTRUJRRGRUQ3Y5d1hJN2oyK0pEWk56alZFbmJvZnYvaGwwcnRnN01Fd1NkOW1HMHBMV0x3VGxPdmNGdVYyR2RFcVkzaXk5WHhVR1ZPTVkyOGFPTWduQ0lsNFJ6VmF2WnA3MDA3UGtTT3lsUWFuOU1pMVJGaGRNTUJRVElISXV0Q1pla1NpcmRMeldxNVUrc2F0VUY5anFZeDBxUT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
1018cb4a03fbcdc99bf7204783541116df11ce9e3e47d70d9ae898e087509c8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:16 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1589222
expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=dNZPJHx1VWxRQkFJZ296Y2dlNzQxZnRtRkxkVzBYMmYzMjEvamRYNXFIcStTNkl5bk05Zllwc292Qndwc0Zpc0wwcW1US2YvQ2trczg2SnY4NTRzL1lGNEYxbXM0WC9FbVRsN3lMQ0syZWtDdmYwY2FoR0lIcllXemJ6UzZjRXNTRUJRRGRUQ3Y5d1hJN2oyK0pEWk56alZFbmJvZnYvaGwwcnRnN01Fd1NkOW1HMHBMV0x3VGxPdmNGdVYyR2RFcVkzaXk5WHhVR1ZPTVkyOGFPTWduQ0lsNFJ6VmF2WnA3MDA3UGtTT3lsUWFuOU1pMVJGaGRNTUJRVElISXV0Q1pla1NpcmRMeldxNVUrc2F0VUY5anFZeDBxUT09fA&cppv=2
access-control-allow-origin
http://powerball.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
499851
content-length
0
expires
0
envelope
api.rlcdn.com/api/identity/ 		0
0
rid
match.adsrvr.org/track/ 		108 B
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-6.19.13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
9949b4969bc48051d7a1bec509a025e634a62119e1dca979b687393f8b73c5ee

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 21 Oct 2022 19:01:17 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://powerball.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sun, 20 Nov 2022 19:01:17 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 9528 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
http://powerball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
324
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
75dc3dae88946315-ORD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Oct 2022 19:01:17 GMT
expires
Fri, 21 Oct 2022 23:01:17 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame DC4D
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=OsCM9pDCGnwYKVIJmreF&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=OsCM9pDCGnwYKVIJmreF&pi=gumgum
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.127.173 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
http://powerball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 21 Oct 2022 19:01:17 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 21 Oct 2022 19:01:17 GMT Fri, 21 Oct 2022 19:01:17 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=OsCM9pDCGnwYKVIJmreF&pi=gumgum
pragma
no-cache
ixmatch.html
js-sec.indexww.com/um/ Frame 1425 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
http://powerball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
324
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
75dc3dae88956315-ORD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Oct 2022 19:01:17 GMT
expires
Fri, 21 Oct 2022 23:01:17 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4FDE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.60.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
http://powerball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=144317
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 21 Oct 2022 19:01:17 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 23 Oct 2022 11:06:34 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame 1455 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
http://powerball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
4193
CF-Cache-Status
HIT
CF-RAY
75dc3daeddae639e-ORD
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 21 Oct 2022 19:01:17 GMT
Expires
Fri, 21 Oct 2022 20:01:17 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
3cG2zhKTzMazE1Orhfn+MY1fq4TLHsAeMVT2qc5QVgBk2cBeN/XSRkntxRC46xTfmJSS9LB/4RM=
x-amz-request-id
KPYW2K0267XCYTBR
check.html
biddr.brealtime.com/ Frame C1AE 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
http://powerball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
3770
CF-Cache-Status
HIT
CF-RAY
75dc3daedc7686ce-ORD
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 21 Oct 2022 19:01:17 GMT
Expires
Fri, 21 Oct 2022 20:01:17 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
HRf+6gyR72fGihU72FpOLnSQWnx8E4N5oQN0aWf8s4IVvgW3S1iOxwa086l66eCxp0t22qeOflg=
x-amz-request-id
34YD0AZ7YNHAN2AA
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 472F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.60.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
http://powerball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=144317
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 21 Oct 2022 19:01:17 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 23 Oct 2022 11:06:34 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame AF7C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIS_aUMyMlvbdEuFAXS-ZGnHNdvNjak4kc6qQZQLvrAj5OQ8UTHWxPFDWznjXY2g8T6QClZqU7NDMFuXmigRt7C9GsiIQPpXv88PvWqzUxuBe5Xu2O&sig=Cg0ArKJSzC5TYP88Jth3EAE&id=lidar2&mcvt=1052&p=960,315,1210,1285&mtos=0,1052,1052,1052,1052&tos=0,1052,0,0,0&v=20221019&bin=7&avms=nio&bs=1600,1200&mc=0.96&vu=1&app=0&itpl=19&adk=497389240&rs=4&la=1&cr=0&vs=4&r=v&rst=1666378875496&rpt=655&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 4FDE 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=16058138&p=156696&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4689ea9e2f33ba65fa13615d5c21c3aee8b7d815e31619c97a075283e3e1f3a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 21 Oct 2022 19:01:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatch
ssum-sec.casalemedia.com/ Frame 05EF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fpowerball.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca3e02448de31f76fba879898ca788cd01477d1858a9849f5dee77d9b99b9d23

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75dc3daf6d67c508-ORD
content-encoding
br
content-type
text/html
date
Fri, 21 Oct 2022 19:01:17 GMT
expires
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=dNZPJHx1VWxRQkFJZ296Y2dlNzQxZnRtRkxkVzBYMmYzMjEvamRYNXFIcStTNkl5bk05Zllwc292Qndwc0Zpc0wwcW1US2YvQ2trczg2SnY4NTRzL1lGNEYxbXM0WC9FbVRsN3lMQ0syZWtDdmYwY2FoR0lIcllXemJ6UzZjRXNTRUJRRGRUQ3Y5d1hJN2oyK0pEWk56alZFbmJvZnYvaGwwcnRnN01Fd1NkOW1HMHBMV0x3VGxPdmNGdVYyR2RFcVkzaXk5WHhVR1ZPTVkyOGFPTWduQ0lsNFJ6VmF2WnA3MDA3UGtTT3lsUWFuOU1pMVJGaGRNTUJRVElISXV0Q1pla1NpcmRMeldxNVUrc2F0VUY5anFZeDBxUT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 21 Oct 2022 19:01:17 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
246752
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 39FB 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: http://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
http://powerball.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 21 Oct 2022 19:01:17 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 3DEE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fpowerball.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af83bcc376e33cbade6885a4661002c0d2f3b61f3be9129e3409fd8bba77cd61

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75dc3daf8d86c508-ORD
content-encoding
br
content-type
text/html
date
Fri, 21 Oct 2022 19:01:17 GMT
expires
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
setuid
s2s.t13.io/
Redirect Chain
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsonobi%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%5BUID%5D
  • https://s2s.t13.io/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6b40a359-8aa7-44cc-bb0a-c66f1c0b5637
86 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2s.t13.io/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6b40a359-8aa7-44cc-bb0a-c66f1c0b5637
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
http://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:17 GMT
content-encoding
gzip
via
1.1 google
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:17 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-137
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://s2s.t13.io/setuid?bidder=sonobi&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6b40a359-8aa7-44cc-bb0a-c66f1c0b5637
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame B17D 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
adb8fffa179674d8acb13f029a8085453f8e35301a733468f83c13e27d797870

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70114
Connection
keep-alive
Content-Length
9455
Expires
Sat, 22 Oct 2022 14:29:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 25DC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLYo_cm721kjfTLK8sMeLo4XZEGhq7gcCOAG4DqvzSmw_RcRJ-uXyUNf65YXS6wsQrM1jQq5exnQt_b3I3cxQl9ixP-r4ZCxuYjFNJKbPqg7K8D3H9Dhpk1SDAaBLyCJbvLGGPfFsxfxPSF11YPIUwW4P7V9sVp3HQ1yMJ1mmnAdSSfepHccu6bY4xPrJzipmHh2qtL5f3V64J_-Ka2QdGABGMCIcaj7lIRnON-rFyMXp1dQOYnqGlY4glIvmXohkoNflyTlAhxO6-WtPmwBQsGP3_mYMiEGruJ0j8lrJZ8XJvBBU5SvKF9U9a-iBcOSCMG3S_bg&sai=AMfl-YQtE4edX8sxHvYaT6K55qBCKYfZhZggu9Dm19a-lgP-NHnzAEGHgxAGFOQho9kw-XXdOTDMABTuvtdTuOZXcJeWsCNM4x27mTTX43ylqZ-5j2QDZw-SP_4t9Gnp3c3-Wk05VA&sig=Cg0ArKJSzNoIv7iz0XSGEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: http://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://dd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 21 Oct 2022 19:01:17 GMT
dcm
s.amazon-adsystem.com/ Frame 6E1F 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=29453969-1F29-420B-ACD7-6C53B45221DB&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 21 Oct 2022 19:01:17 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
VYEKY2BGD00MX187T6YA
Pug
simage2.pubmatic.com/AdServer/ Frame CD92
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:d6336352-ec7a-4b00-95f1-1a9804c2db7f&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:dbe5eecb-7634-4a3f-97a1-12b9e55af4bf&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
568 B
623 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:dbe5eecb-7634-4a3f-97a1-12b9e55af4bf&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Fri, 21 Oct 2022 19:01:16 GMT
server
nginx

Redirect headers

Connection
Keep-Alive
Content-Length
0
Date
Fri, 21 Oct 2022 19:01:18 GMT
Keep-Alive
timeout=5, max=3000
Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:dbe5eecb-7634-4a3f-97a1-12b9e55af4bf&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Server
Apache
rtset
bh.contextweb.com/bh/ Frame 76EC
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDVkxFN0dwZGtBQUJfcXZfckY2UQ&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAD2Kk7GpdkAACB3Vhizbg&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partn...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAD2Kk7GpdkAACB3Vhizbg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1576690719601751309
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAD2Kk7GpdkAACB3Vhizbg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1576690719601751309%26bee_sync_partners%3Dpm%26bee_sync...
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 741D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5512368809063269799&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c856e8a6-ce21-45ca-bd1c-403476e63237&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c856e8a6-ce21-45ca-bd1c-403476e63237&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:01:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
Keep-Alive
Content-Length
0
Date
Fri, 21 Oct 2022 19:01:18 GMT
Keep-Alive
timeout=5, max=3000
Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c856e8a6-ce21-45ca-bd1c-403476e63237&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Server
Apache
cookie-sync
sync.outbrain.com/ Frame 4B26
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=be1f778e-5172-11ed-8dcb-071661708aaa
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual%2...
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=29453969-...
0
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=29453969-1F29-420B-ACD7-6C53B45221DB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
0
Date
Fri, 21 Oct 2022 19:01:17 GMT
X-TraceId
a06127e43399f8fdc7f41b4e33dbd07b

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 21 Oct 2022 19:01:17 GMT
location
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=29453969-1F29-420B-ACD7-6C53B45221DB
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 45AF
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=cQ1WQSJdVEpqWwVKJAdOR3YKVUBqCgVLf1xX28ds
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3ac09c56-8107-446c-b8e4-29cab53362c7&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3ac09c56-8107-446c-b8e4-29cab53362c7&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:01:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
Keep-Alive
Content-Length
0
Date
Fri, 21 Oct 2022 19:01:18 GMT
Keep-Alive
timeout=5, max=3000
Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3ac09c56-8107-446c-b8e4-29cab53362c7&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Server
Apache
Pug
simage2.pubmatic.com/AdServer/ Frame 81F7
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_94fd6fd63b9a46a287a50
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:0dd6535c-8780-4282-a238-4c6a0558d68d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:0dd6535c-8780-4282-a238-4c6a0558d68d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:01:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
Keep-Alive
Content-Length
0
Date
Fri, 21 Oct 2022 19:01:18 GMT
Keep-Alive
timeout=5, max=3000
Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:0dd6535c-8780-4282-a238-4c6a0558d68d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Server
Apache
Pug
simage2.pubmatic.com/AdServer/ Frame 27F2
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c3663ea6-8017-4542-92e4-a8d8467291aa&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c3663ea6-8017-4542-92e4-a8d8467291aa&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:01:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
Keep-Alive
Content-Length
0
Date
Fri, 21 Oct 2022 19:01:18 GMT
Keep-Alive
timeout=5, max=3000
Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c3663ea6-8017-4542-92e4-a8d8467291aa&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Server
Apache
Pug
simage2.pubmatic.com/AdServer/ Frame A1AD
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=X7y23APdTcl7PUkiRZntRWjtwR0
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:afe5fd4c-d4d9-4c19-bd5c-290826529b6c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
568 B
642 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:afe5fd4c-d4d9-4c19-bd5c-290826529b6c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Fri, 21 Oct 2022 19:01:16 GMT
server
nginx

Redirect headers

Connection
Keep-Alive
Content-Length
0
Date
Fri, 21 Oct 2022 19:01:18 GMT
Keep-Alive
timeout=5, max=3000
Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:afe5fd4c-d4d9-4c19-bd5c-290826529b6c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Server
Apache
d1ba4609
rtb.gumgum.com/getuid/ Frame D0FA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:5BrdqLtE1OLXgF5&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
35 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.147.16 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Fri, 21 Oct 2022 19:01:18 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

content-length
216
content-type
text/html; charset=utf-8
date
Fri, 21 Oct 2022 19:01:17 GMT
location
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cookie-sync
sync.outbrain.com/ Frame 9DC5
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=701037794323
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual%2...
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=29453969-...
0
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=29453969-1F29-420B-ACD7-6C53B45221DB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
0
Date
Fri, 21 Oct 2022 19:01:17 GMT
X-TraceId
380436943b1a0cadb7b3cb38f550132c

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 21 Oct 2022 19:01:17 GMT
location
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=29453969-1F29-420B-ACD7-6C53B45221DB
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
cookie-sync
sync.outbrain.com/ Frame 0514
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=dXwkKBrtM
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual%2...
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=29453969-...
0
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=29453969-1F29-420B-ACD7-6C53B45221DB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
0
Date
Fri, 21 Oct 2022 19:01:17 GMT
X-TraceId
d187352396d1b385265e5d63f801d1ea

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 21 Oct 2022 19:01:17 GMT
location
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=29453969-1F29-420B-ACD7-6C53B45221DB
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame E2D8
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1666378877634
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=101846299
  • https://sync.1rx.io/usersync/tradedesk/96c184ef-d2dc-46f0-8c36-35f68e7519ef
  • https://sync.targeting.unrulymedia.com/csync/RX-dc34dd7b-ae73-4f32-be8d-171e0f5aa0d2-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-dc34dd7b-ae73-4f32-be8d-171e0f5aa0d2-005
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 21 Oct 2022 19:01:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 21 Oct 2022 19:01:17 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
i.match
s.tribalfusion.com/z/ Frame 5A08
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
75dc3db1be3086da-ORD
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:01:17 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
75dc3db11c0f86da-ORD
content-type
text/html
date
Fri, 21 Oct 2022 19:01:17 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
6395
/
csync.loopme.me/ Frame 2560 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.174.31 -, , ASN (),
Reverse DNS
Software
_ /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

date
Fri, 21 Oct 2022 19:01:17 GMT
server
_
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame BF77
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=72f98a3a-1019-4811-ab61-e0936b746b27&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=29453969-1F29-420B-ACD7-6C53B45221DB
42 B
489 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=29453969-1F29-420B-ACD7-6C53B45221DB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.178.102 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Fri, 21 Oct 2022 19:01:17 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 21 Oct 2022 19:01:16 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=29453969-1F29-420B-ACD7-6C53B45221DB
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 1770
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7196652771508028313&uid=Q719665277150802...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7196652771508028313
42 B
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7196652771508028313
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 21 Oct 2022 19:01:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=24057
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Fri, 21 Oct 2022 19:01:17 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7196652771508028313
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
pub
matching.truffle.bid/sync/ Frame 3F1D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 -, , ASN (),
Reverse DNS
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 21 Oct 2022 19:01:17 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
ImgSync
image8.pubmatic.com/AdServer/ Frame BECE
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=m3auE3thDsG67vypfuxSYw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 21 Oct 2022 19:01:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 21 Oct 2022 19:01:18 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
cookiesync
core.iprom.net/ Frame 3C43 		43 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 21 Oct 2022 19:01:18 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-6db1a8dd60ef@version_1.529v3
X-core-time
1ms
X-server-arch
v2
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 9FB4
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=b286b491-0301-4710-842c-b614974c9fc4-tucta4c71fa&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
152 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=b286b491-0301-4710-842c-b614974c9fc4-tucta4c71fa&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Fri, 21 Oct 2022 19:01:17 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-chi-kigq8000094-CHI
x-timer
S1666378878.806023,VS0,VE1

Redirect headers

accept-ranges
bytes
content-length
0
date
Fri, 21 Oct 2022 19:01:17 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=b286b491-0301-4710-842c-b614974c9fc4-tucta4c71fa&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-chi-klot8100059-CHI
x-timer
S1666378878.617610,VS0,VE22
x-vcl-time-ms
22
/
pixel.onaudience.com/ Frame 4FDE
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=29453969-1F29-420B-ACD7-6C53B45221DB
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b01bca40b8da56d9/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=f4386ae6ca672241d67422c70b045874&gdpr=0
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
0
0
Artemis
aud.pubmatic.com/AdServer/ Frame 4FDE
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=29453969-1F29-420B-ACD7-6C53B45221DB&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=29453969-1F29-420B-ACD7-6C53B45221DB&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=29453969-1F29-420B-ACD7-6C53B45221DB&addseg=10,33,39
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=29453969-1F29-420B-ACD7-6C53B45221DB&addseg=10,33,39
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
8.28.7.109 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Redirect headers

date
Fri, 21 Oct 2022 19:01:17 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=29453969-1F29-420B-ACD7-6C53B45221DB&addseg=10,33,39
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 4FDE
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=29453969-1F29-420B-ACD7-6C53B45221DB&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=29453969-1F29-420B-ACD7-6C53B45221DB&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=29453969-1F29-420B-ACD7-6C53B45221DB&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Server
50.57.31.206 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:17 GMT
Frontend-ID
1
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:17 GMT
Frontend-ID
7
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=29453969-1F29-420B-ACD7-6C53B45221DB&sInitiator=external&gdpr=0&gdpr_consent=
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame 4FDE 		43 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=29453969-1F29-420B-ACD7-6C53B45221DB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.90 -, , ASN (),
Reverse DNS
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:17 GMT
via
1.1 90a990c5327e86ade86681120dc4a236.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
nW6kWQRbpquDgjGGd2qq7jiZecpx1pzLk5vRzV5DNt8Wh_PsSaUi7A==
expires
0
SPug
image4.pubmatic.com/AdServer/ Frame 4FDE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=29453969-1F29-420B-ACD7-6C53B45221DB&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-sPDlAgRE2uXXxpIbnJzTK3NjzXWMeHg-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-sPDlAgRE2uXXxpIbnJzTK3NjzXWMeHg-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-sPDlAgRE2uXXxpIbnJzTK3NjzXWMeHg-~A&gdpr=0&gdpr_consent=
date
Fri, 21 Oct 2022 19:01:17 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie-sync
sync.outbrain.com/ Frame 4FDE
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=e500da1f-3493-4aee-9c3e-be2533ebd360&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DgFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual%2...
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=29453969-...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=29453969-1F29-420B-ACD7-6C53B45221DB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Server
64.202.112.223 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Cache-Control
no-cache
X-TraceId
ca785fba7654a5aa73adf93a28507edb
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&uid=29453969-1F29-420B-ACD7-6C53B45221DB
date
Fri, 21 Oct 2022 19:01:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 4FDE
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=29453969-1F29-420B-ACD7-6C53B45221DB&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=4ace32fe122e19f1&is_secure=true&networkId=17100&version=1&nuid=29453969-1F29-420B-ACD7-6C53B45221DB&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAABuaBUWVx_2QNq3TepAAAAAAA&expiration=1666465277&nuid=29453969-1F29-420B-ACD7-6C53B45221DB&...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAABuaBUWVx_2QNq3TepAAAAAAA&expiration=1666465277&nuid=29453969-1F29-420B-ACD7-6C53B45221DB&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:17 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAABuaBUWVx_2QNq3TepAAAAAAA&expiration=1666465277&nuid=29453969-1F29-420B-ACD7-6C53B45221DB&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4FDE
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:19a427dc-0863-4418-b2ef-cf04a1e56966&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:19a427dc-0863-4418-b2ef-cf04a1e56966&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:19a427dc-0863-4418-b2ef-cf04a1e56966&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 21 Oct 2022 19:01:18 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 4FDE 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.85.80 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:17 GMT
sn.ashx
pmp.mxptint.net/ Frame 4FDE
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D530_F81D8241_6D8F73DD&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
HTTP/1.1
Server
38.67.14.233 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-349365677; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:16 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-349365677; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Fri, 21 Oct 2022 19:01:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 4FDE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=420cce5a-5f42-4fc5-b516-8ea244f75d87
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=420cce5a-5f42-4fc5-b516-8ea244f75d87&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=656b145a-0197-4fca-8092-c2e4b70ca936%252Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=96c184ef-d2dc-46f0-8c36-35f68e7519ef&ttd_puid=656b145a-0197-4fca-8092-c2e4b70ca936%2Chttps%3A%2F%2Fx.bidswitch.net%2Fsync...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=pubmatic&bsw_param=420cce5a-5f42-4fc5-b516-8ea244f75d87
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=420cce5a-5f42-4fc5-b516-8ea244f75d87&gdpr=&gdpr_consent=&gdpr_pd=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:18 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Fri, 21 Oct 2022 19:01:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 4FDE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7320634552515149901
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:40ae4f11-ec92-4ae2-9813-1c94744fc9ae&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:17 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Fri, 21 Oct 2022 19:01:18 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
d1ba4609
rtb.gumgum.com/getuid/ Frame 4FDE
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5512368809063269799
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Protocol
H2
Server
52.200.147.16 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:18 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
date
Fri, 21 Oct 2022 19:01:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
216
content-type
text/html; charset=utf-8
usync.js
eus.rubiconproject.com/ Frame 39FB 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
adb8fffa179674d8acb13f029a8085453f8e35301a733468f83c13e27d797870

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 21 Oct 2022 19:01:17 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=70114
Connection
keep-alive
Content-Length
9455
Expires
Sat, 22 Oct 2022 14:29:51 GMT
crum
dsum-sec.casalemedia.com/ Frame 05EF
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5512368809063269799
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5512368809063269799
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fpowerball.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:17 GMT
AN-X-Request-Uuid
deba586e-8288-4750-9a82-40f67b99e463
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5512368809063269799
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y1LseuPF_zXfayqsXM1MzAAAAJgAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 05EF 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y1LseuPF_zXfayqsXM1MzAAAAJgAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fpowerball.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:dc3:ed1a:ad6b:ca3d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 05EF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1LsegAAAYTY7AAr
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1LsegAAAYTY7AAr
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fpowerball.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-chi-klot8100154-CHI
pragma
no-cache
date
Fri, 21 Oct 2022 19:01:17 GMT
via
1.1 varnish
server
Varnish
x-timer
S1666378878.613698,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1LsegAAAYTY7AAr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 05EF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAD2Kk7GpdkAACB3Vhizbg&expiration=1667588477
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAD2Kk7GpdkAACB3Vhizbg&expiration=1667588477
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fpowerball.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAD2Kk7GpdkAACB3Vhizbg&expiration=1667588477
Date
Fri, 21 Oct 2022 19:01:17 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 05EF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1LseuPF_zXfayqsXM1MzAAAAJgAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED2wDnoGU-nHL2X0zWrLDOQ&google_cver=1
43 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED2wDnoGU-nHL2X0zWrLDOQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fpowerball.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:17 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75dc3db14f11c508-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESED2wDnoGU-nHL2X0zWrLDOQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 05EF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=_LXaAu8R6aSZpIJwQozx&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2X2MLBQUC...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=_LXaAu8R6aSZpIJwQozx
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=_LXaAu8R6aSZpIJwQozx
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fpowerball.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:17 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=_LXaAu8R6aSZpIJwQozx
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 05EF
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=46e9e7ea-a419-489d-a165201a
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=46e9e7ea-a419-489d-a165201a
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fpowerball.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Fri, 21 Oct 2022 19:01:17 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=46e9e7ea-a419-489d-a165201a
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
htw-pixel.gif
cdn.indexww.com/ht/ Frame 05EF 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y1LseuPF-zXfayqsXM1MzAAA%26152
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fpowerball.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:17 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
73842
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
75dc3db1a8b02a69-ORD
content-length
43
expires
Sat, 22 Oct 2022 19:01:17 GMT
Y1LseuPF_zXfayqsXM1MzAAAAJgAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 3DEE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y1LseuPF_zXfayqsXM1MzAAAAJgAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y1LseuPF_zXfayqsXM1MzAAAAJgAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y1LseuPF_zXfayqsXM1MzAAAAJgAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fpowerball.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a07:dc3:ed1a:ad6b:ca3d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y1LseuPF_zXfayqsXM1MzAAAAJgAAAIB
date
Fri, 21 Oct 2022 19:01:17 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 3DEE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3981096095250849001
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3981096095250849001
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fpowerball.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3981096095250849001
pragma
no-cache
date
Fri, 21 Oct 2022 19:01:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum.casalemedia.com/ Frame 3DEE
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=68e300f662219f1&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAJN2GRwTOabwM6YZKYAAAAAAA&expiration=1666465277&is_secure=true
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAJN2GRwTOabwM6YZKYAAAAAAA&expiration=1666465277&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fpowerball.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:17 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAJN2GRwTOabwM6YZKYAAAAAAA&expiration=1666465277&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 3DEE
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=MFU2Z2MFNGwrA2VsZV8uYTdSNWYrUmVtPgSWuj7f
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=MFU2Z2MFNGwrA2VsZV8uYTdSNWYrUmVtPgSWuj7f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fpowerball.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=MFU2Z2MFNGwrA2VsZV8uYTdSNWYrUmVtPgSWuj7f
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3DEE
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5512368809063269799
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5512368809063269799
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fpowerball.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:17 GMT
AN-X-Request-Uuid
e7580861-8c13-4a2b-9917-f3139b513042
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5512368809063269799
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3DEE
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0847220407ea58de089ef6ee&expiration=[EXPIRATION]
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0847220407ea58de089ef6ee&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fpowerball.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0847220407ea58de089ef6ee&expiration=[EXPIRATION]
Date
Fri, 21 Oct 2022 19:01:17 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Powered-By
Express
Content-Length
0
Vary
Origin
Y1LseuPF_zXfayqsXM1MzAAAAJgAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 3DEE 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y1LseuPF_zXfayqsXM1MzAAAAJgAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fpowerball.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:dc3:ed1a:ad6b:ca3d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum.casalemedia.com/ Frame 3DEE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5512368809063269799
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5512368809063269799
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fpowerball.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:17 GMT
AN-X-Request-Uuid
64ce7be9-6a5d-447f-a972-6e69de3c939a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5512368809063269799
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 3DEE 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y1LseuPF-zXfayqsXM1MzAAA%26152
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fpowerball.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:17 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
73842
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
75dc3db1a8b32a69-ORD
content-length
43
expires
Sat, 22 Oct 2022 19:01:17 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 05D0
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=http%3A%2F%2Fpowerball.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.100.122 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
37556f21ece83e6d52942ce75c5286e29ebd631b71cbd253c2260aa99c357cac

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Fri, 21 Oct 2022 19:01:17 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Fri, 21 Oct 2022 19:01:17 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Fri, 21 Oct 2022 19:01:17 GMT
location
/um/cs&eq_cc=1
match
events-ssc.33across.com/ Frame B17D
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=L9IUYG1V-5-9AM8
  • https://ssc-cms.33across.com/ps/?xi=1&xu=L9IUYG1V-5-9AM8
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L9IUYG1V-5-9AM8&ts=1666378877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L9IUYG1V-5-9AM8&ts=1666378877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
34.117.239.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:01:17 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 21 Oct 2022 19:01:17 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L9IUYG1V-5-9AM8&ts=1666378877&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
setuid
s2s.t13.io/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3551%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95314fe1-b2c2-40a5-994e-c72a0bc3d6...
  • https://prebid.a-mo.net/cchain/1/3551?gdpr=&gdpr_consent=&us_privacy=&A=95314fe1-b2c2-40a5-994e-c72a0bc3d619&bidder=adform&cbx=aHR0cHM6Ly9zMnMudDEzLmlvL3NldHVpZD9iaWRkZXI9YW14JmdkcHI9JmdkcHJfY29uc2...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F3551%3Fgdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26A%3D95314fe1...
  • https://prebid.a-mo.net/cchain/2/3551?gdpr=&gdpr_consent=&us_privacy=&A=95314fe1-b2c2-40a5-994e-c72a0bc3d619&bidder=index_rtb&cbx=aHR0cHM6Ly9zMnMudDEzLmlvL3NldHVpZD9iaWRkZXI9YW14JmdkcHI9JmdkcHJfY29...
  • https://s2s.t13.io/setuid?bidder=amx&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=95314fe1-b2c2-40a5-994e-c72a0bc3d619&gdpr=&gdpr_consent=&us_privacy=
0
0
c
c.pub.network/ 		36 B
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.messaging.2.34.0.049f1a3641f8329ad530a2107f33a59077a0d32e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.110.160.34.bc.googleusercontent.com
Software
/
Resource Hash
048f874e94895a241be04b856561141875dfbaccecb9d17194636e4e76e35d46

Request headers

Referer
http://powerball.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 21 Oct 2022 19:01:17 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=utf-8
access-control-allow-origin
http://powerball.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
crum
dsum-sec.casalemedia.com/ Frame 05D0 		43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=367d3c25-a4d2-4678-9256-56d3ac515be8&expiration=1674327677
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 Oct 2022 19:01:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s3.amazonaws.com
URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Regular/ProximaNova-Regular.woff
Domain
s3.amazonaws.com
URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Bold/ProximaNova-Bold.woff
Domain
s3.amazonaws.com
URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Light/ProximaNova-Light.woff
Domain
s3.amazonaws.com
URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Semibold/ProximaNova-Semibold.woff
Domain
s3.amazonaws.com
URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Extrabld/ProximaNova-Extrabld.woff
Domain
s3.amazonaws.com
URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-RegularIt/ProximaNova-RegularIt.woff
Domain
s3.amazonaws.com
URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Regular/ProximaNova-Regular.woff2
Domain
s3.amazonaws.com
URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Bold/ProximaNova-Bold.woff2
Domain
s3.amazonaws.com
URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Semibold/ProximaNova-Semibold.woff2
Domain
s3.amazonaws.com
URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Light/ProximaNova-Light.woff2
Domain
s3.amazonaws.com
URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-RegularIt/ProximaNova-RegularIt.woff2
Domain
s3.amazonaws.com
URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Extrabld/ProximaNova-Extrabld.woff2
Domain
s3.amazonaws.com
URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Regular/ProximaNova-Regular.ttf
Domain
s3.amazonaws.com
URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Bold/ProximaNova-Bold.ttf
Domain
s3.amazonaws.com
URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Light/ProximaNova-Light.ttf
Domain
s3.amazonaws.com
URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Semibold/ProximaNova-Semibold.ttf
Domain
s3.amazonaws.com
URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Extrabld/ProximaNova-Extrabld.ttf
Domain
s3.amazonaws.com
URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-RegularIt/ProximaNova-RegularIt.ttf
Domain
sync-dmp.mobtrakk.com
URL
https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=1---&ssp=outbrain&bsw=420cce5a-5f42-4fc5-b516-8ea244f75d87
Domain
id.geistm.com
URL
https://id.geistm.com/m/OB/gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=106
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.html
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAD2Kk7GpdkAACB3Vhizbg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1576690719601751309%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4
Domain
pixel.onaudience.com
URL
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
Domain
s2s.t13.io
URL
https://s2s.t13.io/setuid?bidder=amx&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=95314fe1-b2c2-40a5-994e-c72a0bc3d619&gdpr=&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| freestar object| fsMapping object| bigAdIds object| smallAdIds object| marqueeAdIds object| mobHeaderIds undefined| $ function| jQuery object| drupalSettings object| Drupal function| includes function| updateTotalWinnerChart function| setupTotalWinners function| setupMegahits function| setMegaHitsJackpot function| slidePrizeAmount function| setupRecentNumbers function| dateSearch function| setupMenuRecentNumbers function| setupWinningNumbers function| setupaboutMusl function| setupPrizeEstimates function| setupPressContacts function| setupMuslMenu function| setupMuslMenuMobile function| setupHeroCarousel function| lsitDropdown function| setupHeartbeat function| setuptapmenu function| setupHowTall function| winnnerCarousel function| setupNewsCarousel function| faqAccordion function| dailogVideo function| imageResponsive function| setupWhereToPlay function| filterWinnerStory function| modal function| showTooltip function| playProContentToggle function| gameSubscription function| openPDFnewWindow function| priceTableNavSlider function| winnerStoryFromHome function| mediaCenterDownloads function| customSelectBox function| getDrawSummary number| powerballConfig_desktop number| powerballConfig_tablet number| powerballConfig_mobile object| gaplugins object| gaGlobal object| gaData function| admiral object| googletag object| regeneratorRuntime function| moment object| newAds function| setIdAndLoadAds object| $block2b2 object| $blockla string| gameName object| fsdata object| _comscore object| fsprebid function| 4dm1r11545242527 function| load_script object| confiant object| COMSCORE function| udm_ object| ns_p object| headertag object| fsprebidChunk object| _pbjsGlobals object| mnet object| ggeac object| google_js_reporting_queue object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl boolean| __bt_already_invoked undefined| google_measure_js_timing object| apstag object| _qevents object| Criteo boolean| apstagLOADED function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| creativeVendorLibraryLoaded function| setImmediate function| clearImmediate object| ID5 object| PublisherCommonId object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

115 Cookies

Domain/Path Name / Value
.powerball.com/ Name: _ga
Value: GA1.2.389171685.1666378872
.powerball.com/ Name: _gid
Value: GA1.2.1182684046.1666378872
.powerball.com/ Name: _gat_gtag_UA_29233419_1
Value: 1
.scorecardresearch.com/ Name: UID
Value: 1D441d816b8479f0391110d1666378872
.powerball.com/ Name: _awl
Value: 2.1666378872.0.5-157b91465a68e3f495623d66da618319-6763652d75732d63656e7472616c31-0
powerball.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.powerball.com/ Name: cookie
Value: b5da02d5-a2be-436e-8efb-7902efab5f5a
.pub.network/ Name: _fsuid
Value: 973da62a-19a2-4c90-acde-bc45bb9ea0e8
.lijit.com/ Name: ljt_reader
Value: FhP1fBZHVyN1G82URc2Fpw8G
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: jgFQ1i7taklKhSNj6gDbrbqFSt4QxLjXG7p9KKAPHtxQWYJLc_HaQC31ELvpNCxjcad8cZe6j_UE-WFuDYVnHQyC0BuBHeKAzf-GWSqrVkFyrpDalL1a_rdRipBZ-W2aOpXm6BJDyv0qa9jqS-Y2Xw
.gumgum.com/ Name: vst
Value: u_527b3624-7231-44eb-935e-893a115f4a48
.yahoo.com/ Name: A3
Value: d=AQABBHnsUmMCEDHkkG4rQtGz5BtH2ID5qzUFEgEBAQE9VGNcYwAAAAAA_eMAAA&S=AQAAAkzKcsgDJg55BFqjKFEksiM
.rubiconproject.com/ Name: khaos
Value: L9IUYG1V-5-9AM8
.quantserve.com/ Name: mc
Value: 6352ec79-ef9c9-41463-4f88b
.powerball.com/ Name: __qca
Value: P0-1457144286-1666378873929
.amazon-adsystem.com/ Name: ad-id
Value: AwfMdxxZnkYKhj3uIOtdhHA
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrIwULIyNDMzN7WwMDE30VGyMEPjm6PyjSDyZiZGRgYgvqURsnwtAKZEEJ0%3D
.simpli.fi/ Name: suid
Value: 4E225F31A4974A0FA1E0AB6F4C01C6E0
.contextweb.com/ Name: V
Value: ctSAAwgQjiMf
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: c13fbafe62e0b6b2
.3lift.com/ Name: tluid
Value: 4353502803413113050196
.yieldmo.com/ Name: yieldmo_id
Value: ge8cbe2297dfc682f891%7C1666378874407%7C0%7C
.casalemedia.com/ Name: CMID
Value: Y1LseuPF-zXfayqsXM1MzAAA
.casalemedia.com/ Name: CMPS
Value: 152
.casalemedia.com/ Name: CMPRO
Value: 152
.zemanta.com/ Name: zuid
Value: _LXaAu8R6aSZpIJwQozx
.adnxs.com/ Name: uuid2
Value: 5512368809063269799
.ads.pubmatic.com/ Name: KCCH
Value: YES
.postrelease.com/ Name: visitor
Value: 53056d15-da76-4709-b3a9-027bcd37ddaa
.postrelease.com/ Name: status
Value: 1
.bidswitch.net/ Name: tuuid
Value: 420cce5a-5f42-4fc5-b516-8ea244f75d87
.bidswitch.net/ Name: c
Value: 1666378874
.bidswitch.net/ Name: tuuid_lu
Value: 1666378874
.mfadsrvr.com/ Name: c
Value: 1666378874
.mfadsrvr.com/ Name: tuuid_lu
Value: 1666378874
.mfadsrvr.com/ Name: tuuid
Value: 91fcb6b9-505e-4bf8-9dda-07d18b30bc80
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.ads.yieldmo.com/ Name: ptran
Value: 5512368809063269799
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 29453969-1F29-420B-ACD7-6C53B45221DB
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156011:2
.pubmatic.com/ Name: DPSync3
Value: 1667520000%3A197_201%7C1666915200%3A164%7C1666396800%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1667520000%3A22_220_21_13_54%7C1666915200%3A2
.lijit.com/ Name: _ljtrtb_80
Value: L9IUYG1V-5-9AM8
.sitescout.com/ Name: ssi
Value: 80869250-60ca-401f-90b5-074e50f64c17#1666378874631
.mfadsrvr.com/ Name: ssh
Value: !sovrn,1666378874
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-5fbcb6dc-03dd-4dc9-7b3d-49224599ed45.UexR1m3ZasyL3iNmgy1joJUw%2Fog7jZAIe8WFXxt9i6M
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AX7y23APdTcl7PUkiRZntRWjtwR0.EAdK%2Fsf6IRyzkUtg98Xx52wG7CBH3JtRXI4LxHNHE9g
.creativecdn.com/ Name: u
Value: OsCM9pDCGnwYKVIJmreF
.creativecdn.com/ Name: ts
Value: 1666378874
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
.lijit.com/ Name: _ljtrtb_92
Value: 5512368809063269799
.lijit.com/ Name: _ljtrtb_87
Value: 91fcb6b9-505e-4bf8-9dda-07d18b30bc80
.deepintent.com/ Name: CDIUSER
Value: di_94fd6fd63b9a46a287a50
.adsrvr.org/ Name: TDID
Value: 96c184ef-d2dc-46f0-8c36-35f68e7519ef
.taboola.com/ Name: t_gid
Value: b286b491-0301-4710-842c-b614974c9fc4-tucta4c71fa
.ads.yieldmo.com/ Name: ptrmf
Value: 91fcb6b9-505e-4bf8-9dda-07d18b30bc80
.ads.yieldmo.com/ Name: ptrstk
Value: X7y23APdTcl7PUkiRZntRWjtwR0
.rlcdn.com/ Name: rlas3
Value: 8aZJ6v3aK7Y7FZRYQTG30ixdt8HPH1C+axlHX9lGzXY=
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y1LsegAAAYTY7AAr
.mathtag.com/ Name: uuid
Value: d6336352-ec7a-4b00-95f1-1a9804c2db7f
.id5-sync.com/ Name: id5
Value: 1a94c195-bade-4ed4-ae4e-45aa9c9871c4#1666378874639#2
.adform.net/ Name: C
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkbz1xcZe27NFt24FSzgSEZpeoXE_E-9djmFXffpC8xEsUUOs8KQDNrvnsguqI
.lijit.com/ Name: _ljtrtb_86
Value: OsCM9pDCGnwYKVIJmreF
.adform.net/ Name: uid
Value: 7320634552515149901
.creative-serving.com/ Name: tuuid
Value: b4db78d5-f4ea-4eff-9c57-ee480daefd12
.creative-serving.com/ Name: c
Value: 1666378874
.creative-serving.com/ Name: tuuid_lu
Value: 1666378874
.rlcdn.com/ Name: pxrc
Value: CPrYy5oGEgUI6AcQABIFCOhHEAA=
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEPBKwmP8c0Si8MmNwcgfG4I&KRTB&16514-CAESEPBKwmP8c0Si8MmNwcgfG4I&KRTB&23025-CAESEPBKwmP8c0Si8MmNwcgfG4I&KRTB&23386-CAESEPBKwmP8c0Si8MmNwcgfG4I
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:4E225F31A4974A0FA1E0AB6F4C01C6E0
.turn.com/ Name: uid
Value: 3981096095250849001
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.casalemedia.com/ Name: CMTS
Value: 3529
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-96c184ef-d2dc-46f0-8c36-35f68e7519ef&KRTB&22918-96c184ef-d2dc-46f0-8c36-35f68e7519ef&KRTB&23031-96c184ef-d2dc-46f0-8c36-35f68e7519ef
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3981096095250849001&KRTB&23150-3981096095250849001
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y1LsegAAAYTY7AAr&KRTB&22978-Y1LsegAAAYTY7AAr&KRTB&23194-Y1LsegAAAYTY7AAr&KRTB&23209-Y1LsegAAAYTY7AAr
.pubmatic.com/ Name: PugT
Value: 1666378874
.pubmatic.com/ Name: SPugT
Value: 1666378874
.pippio.com/ Name: did
Value: eTiFuade8NFAKzxP
.pippio.com/ Name: didts
Value: 1666378875
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CPvYy5oGEgYIgr0rEAA=
.onetag-sys.com/ Name: OTP
Value: _v2_ZAUffyfHuhwCvhUGMPYDn8Pb8Acs_MtqX-6I3Y4
.lijit.com/ Name: ljtrtb
Value: eJwVzbEOwjAMRdF%2FyYwlJyGOHxsqoipQMVGpI2naDYRgYED8O2a9Z7gfp%2Bw27oTuMrZ%2BoETY9upWDsFySj5EUWWwxCDIgJGK0fnV9Hjsmvb%2BHo9Dd7g95%2F3fshn8MhUpoMRppnVZlFDrlThXryVymWz6%2FQEL1R6Z
.lijit.com/ Name: _ljtrtb_26
Value: 420cce5a-5f42-4fc5-b516-8ea244f75d87
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&fcde7c60-d266-4985-8f76-8e3d63f6e229"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2776:u=1:x=1:i=1666378875:t=1666465275:v=2:sig=AQG7KNqp8obGHesiMjHxU15eEjXABDAP"
.criteo.com/ Name: uid
Value: 204fdf0e-3824-447a-9261-6c0340f91cc0
.tapad.com/ Name: TapAd_TS
Value: 1666378875148
.tapad.com/ Name: TapAd_DID
Value: 656b145a-0197-4fca-8092-c2e4b70ca936
.linkedin.com/ Name: li_sugr
Value: b1944eb5-1110-4d91-beeb-447e691a7d35
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bFnY4UgX3GEkFYvo2XO8wv+vGi7zdmzImYX1xaEiSaGZ0+xQqPz7ElZs9jyP9lIUlxYSvRGbkvCfiYbB5SW5XQ3vmfwXzo2MXima+WVcS1g3g==
.dotomi.com/ Name: DotomiTest
Value: 60ff955442c619f1
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsI_rOVj5XomTsQBRgBIAEoAjILCIah57-r6Jk7EAU4AVoHdnc2aXlybmAC
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1gse|2N.0.AAABuaBUWVx_WwMwZjtzAAAAAAA|3oy.0.80869250-60ca-401f-90b5-074e50f64c17-6352ec7a-5553|4is.0.CAESEHCSDiGchHVegqoTueFSy8Y|7TY.0
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.powerball.com/ Name: __gads
Value: ID=f37ffef6d5acf132-225bc041bdd70042:T=1666378874:S=ALNI_MbC3dH-8_fEXoi3pxdyzeTdBPg8rA
.powerball.com/ Name: __gpi
Value: UID=0000088f6b08bd7e:T=1666378874:RT=1666378874:S=ALNI_MZbWhP8eDHEf2Io9Pf-MhaeTFN2qw
.powerball.com/ Name: cto_bundle
Value: S1C_w19pbW5jekl2aFNkRHZDeko4NVYwc0pWaUlXTkEwaTUlMkJid2xMQk5kZUZhWGpwSTBhQ0lYTDNEQ1RKQjZxSmhJclVwNjVlMSUyQkJadGxXaDJXY0VDNlp1cVNobHJwbUphU1NIWDUzVE1YYmluU0ZCWG5ramxLbGhiVzhTSEhoT0p3ZW1YMjhCa243V0oybEJpMDNKUFF6djhRJTNEJTNE
.emxdgt.com/ Name: uid
Value: 56781666378875893797b8
.emxdgt.com/ Name: apn_id
Value: 5512368809063269799
.sitescout.com/ Name: _ssuma
Value: eyIyNyI6MTY2NjM3ODg3NDcyOCwiMzkiOjE2NjYzNzg4NzQ3MjgsIjciOjE2NjYzNzg4NzQ3MjgsIjUxIjoxNjY2Mzc4ODc2MjE3fQ
s2s.t13.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiaW5tb2JpIjp7InVpZCI6IklENS1aSE1PM1hPbWFia29ob1p3cUQyMFpld1RCdjQ4WTJCUndwdWx5YUF1SGciLCJleHBpcmVzIjoiMjAyMi0xMS0wNFQxOTowMToxNC44NzU4ODI3NDlaIn0sIm9uZXRhZyI6eyJ1aWQiOiJfdjJfWkFVZmZ5Zkh1aHdDdmhVR01QWURuOFBiOEFjc19NdHFYLTZJM1k0IiwiZXhwaXJlcyI6IjIwMjItMTEtMDRUMTk6MDE6MTUuMjEzODk2OTk5WiJ9LCJiYXNpcyI6eyJ1aWQiOiI4MDg2OTI1MC02MGNhLTQwMWYtOTBiNS0wNzRlNTBmNjRjMTctNjM1MmVjN2EtNTU1MyIsImV4cGlyZXMiOiIyMDIyLTExLTA0VDE5OjAxOjE2LjI2OTEwMjEzMloifSwiZW14X2RpZ2l0YWwiOnsidWlkIjoiNTUxMjM2ODgwOTA2MzI2OTc5OWJydDU2NzgxNjY2Mzc4ODc1ODkzNzk3YjgiLCJleHBpcmVzIjoiMjAyMi0xMS0wNFQxOTowMToxNi4wNzI5OTk1OTVaIn19LCJiZGF5IjoiMjAyMi0xMC0yMVQxOTowMToxNC44NzU3NjUyMDFaIn0=

48 Console Messages

Source Level URL
Text
javascript error URL: http://powerball.com/
Message:
Access to font at 'https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Regular/ProximaNova-Regular.woff' from origin 'http://powerball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Regular/ProximaNova-Regular.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://powerball.com/(Line 2484)
Message:
Access to font at 'https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Bold/ProximaNova-Bold.woff' from origin 'http://powerball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Bold/ProximaNova-Bold.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://powerball.com/(Line 2484)
Message:
Access to font at 'https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Semibold/ProximaNova-Semibold.woff' from origin 'http://powerball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Semibold/ProximaNova-Semibold.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://powerball.com/(Line 2523)
Message:
Access to font at 'https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Light/ProximaNova-Light.woff' from origin 'http://powerball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Light/ProximaNova-Light.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://powerball.com/(Line 2523)
Message:
Access to font at 'https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-RegularIt/ProximaNova-RegularIt.woff' from origin 'http://powerball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-RegularIt/ProximaNova-RegularIt.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://powerball.com/(Line 2523)
Message:
Access to font at 'https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Extrabld/ProximaNova-Extrabld.woff' from origin 'http://powerball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Extrabld/ProximaNova-Extrabld.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://powerball.com/(Line 2523)
Message:
Access to font at 'https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Regular/ProximaNova-Regular.woff2' from origin 'http://powerball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Regular/ProximaNova-Regular.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://powerball.com/
Message:
Access to font at 'https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Bold/ProximaNova-Bold.woff2' from origin 'http://powerball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Bold/ProximaNova-Bold.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://powerball.com/
Message:
Access to font at 'https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Light/ProximaNova-Light.woff2' from origin 'http://powerball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Light/ProximaNova-Light.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://powerball.com/
Message:
Access to font at 'https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Semibold/ProximaNova-Semibold.woff2' from origin 'http://powerball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Semibold/ProximaNova-Semibold.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://powerball.com/
Message:
Access to font at 'https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Extrabld/ProximaNova-Extrabld.woff2' from origin 'http://powerball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Extrabld/ProximaNova-Extrabld.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://powerball.com/
Message:
Access to font at 'https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Regular/ProximaNova-Regular.ttf' from origin 'http://powerball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Regular/ProximaNova-Regular.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://powerball.com/
Message:
Access to font at 'https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-RegularIt/ProximaNova-RegularIt.woff2' from origin 'http://powerball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-RegularIt/ProximaNova-RegularIt.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://powerball.com/
Message:
Access to font at 'https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Bold/ProximaNova-Bold.ttf' from origin 'http://powerball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Bold/ProximaNova-Bold.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://powerball.com/
Message:
Access to font at 'https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Light/ProximaNova-Light.ttf' from origin 'http://powerball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Light/ProximaNova-Light.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://powerball.com/
Message:
Access to font at 'https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Semibold/ProximaNova-Semibold.ttf' from origin 'http://powerball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Semibold/ProximaNova-Semibold.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://powerball.com/
Message:
Access to font at 'https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Extrabld/ProximaNova-Extrabld.ttf' from origin 'http://powerball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Extrabld/ProximaNova-Extrabld.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://powerball.com/
Message:
Access to font at 'https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-RegularIt/ProximaNova-RegularIt.ttf' from origin 'http://powerball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-RegularIt/ProximaNova-RegularIt.ttf
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: http://powerball.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=106' from origin 'http://powerball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=106
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://powerball.com/
Message:
Access to XMLHttpRequest at 'https://eus.rubiconproject.com/usync.html' from origin 'http://powerball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://eus.rubiconproject.com/usync.html
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://id.geistm.com/m/OB/gFtybhkCwr35M2vQn6X0INpuPi_5AYXEiw9D8X0376UMVqnuf0JEc88VvPjDRual
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAABuaBUWVx_2QNq3TepAAAAAAA&expiration=1666465277&nuid=29453969-1F29-420B-ACD7-6C53B45221DB&is_secure=true&gdpr_consent=&gdpr=0
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:afe5fd4c-d4d9-4c19-bd5c-290826529b6c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:dbe5eecb-7634-4a3f-97a1-12b9e55af4bf&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:19a427dc-0863-4418-b2ef-cf04a1e56966&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Message:
Failed to load resource: the server responded with a status of 502 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
a.pub.network
a.tribalfusion.com
aa.agkn.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
amazon-tam-match.dotomi.com
ap.lijit.com
api.btloader.com
api.floors.dev
api.rlcdn.com
as-sec.casalemedia.com
aud.pubmatic.com
b1sync.zemanta.com
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
biddr.brealtime.com
btloader.com
c.amazon-adsystem.com
c.bing.com
c.pub.network
c1.adform.net
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cdn.ampproject.org
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn.indexww.com
cdn1.decide.dev
cdn2.decide.dev
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.ionicframework.com
colossusssp.com
core.iprom.net
creativecdn.com
cs.emxdgt.com
csync.loopme.me
cumbersomecarpenter.com
d.pub.network
d2si3hiz85fm4q.cloudfront.net
dd3794dd9eb212f7f455e85a2ac4edd5.safeframe.googlesyndication.com
de.tynt.com
decide.dev
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
events-ssc.33across.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freestar-io.videoplayerhub.com
g2.gumgum.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
hde.tynt.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
ice.360yield.com
id.geistm.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.outbrainimg.com
jadserve.postrelease.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
loadus.exelator.com
log.outbrainimg.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
mcdp-sadc1.outbrain.com
mug.criteo.com
muslapi.musl.com
nep.advangelists.com
odb.outbrain.com
onetag-sys.com
pagead2.googlesyndication.com
pippio.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
powerball.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
ps.eyeota.net
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
r.bidswitch.net
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s2s.t13.io
s3.amazonaws.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sofia.trustx.org
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-amz.ads.yieldmo.com
sync-dmp.mobtrakk.com
sync-jp.im-apps.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tcheck.outbrainimg.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
visitor.fiftyt.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
api.rlcdn.com
bh.contextweb.com
eus.rubiconproject.com
id.geistm.com
pixel.onaudience.com
s2s.t13.io
s3.amazonaws.com
sync-dmp.mobtrakk.com
104.127.172.242
104.17.120.107
104.18.13.76
104.18.18.126
104.18.19.126
104.219.254.16
104.36.115.111
104.36.115.113
104.36.115.114
107.178.246.49
107.178.254.65
108.138.124.226
108.139.47.108
13.225.214.90
130.211.23.194
132.226.41.106
141.226.224.48
141.95.98.70
142.250.81.230
142.251.32.98
143.204.150.76
146.75.38.132
151.101.194.49
151.101.65.44
159.65.196.12
162.19.138.118
172.105.221.29
173.223.57.84
173.231.178.116
18.213.85.80
18.214.193.123
18.214.75.232
184.73.201.8
185.167.164.42
185.184.8.90
192.40.39.223
195.5.165.20
198.148.27.140
199.127.204.171
199.187.193.181
199.187.193.197
20.127.253.7
2001:41d0:701:1000::31ee
207.198.113.88
213.19.162.90
216.200.232.249
23.20.109.84
23.211.130.59
23.217.153.125
23.217.18.198
23.52.164.28
23.64.60.212
23.64.61.104
23.92.190.74
2600:1901:0:328a::1
2600:1f18:4e9:5a07:dc3:ed1a:ad6b:ca3d
2600:9000:21dd:1600:6:44e3:f8c0:93a1
2600:9000:2209:9000:1b:5138:8a40:93a1
2600:9000:23ca:e200:9:d7ff:bd00:93a1
2600:9000:2510:7e00:8:48e:53c0:93a1
2600:9000:2511:ba00:15:3f44:b280:21
2600:9000:2512:4000:3:7df3:55c0:93a1
2602:803:c002:200::62
2606:4700:10::6816:3556
2606:4700:20::681a:246
2606:4700:20::681a:68b
2606:4700:20::681a:7ad
2606:4700:20::681a:832
2606:4700:20::681a:8b
2606:4700::6812:106b
2606:4700::6812:18ad
2606:ae80:1471:11::410
2607:f8b0:4004:c09::9a
2607:f8b0:4006:809::200a
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80f::2001
2607:f8b0:4006:817::2001
2607:f8b0:4006:817::2008
2607:f8b0:4006:817::200e
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81f::2004
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::2002
2607:f8b0:4006:823::2002
2620:100:a001::17
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:a021:b886:81cc:55cf
2620:1ec:21::14
2620:1ec:c11::200
2a04:4e42:600::300
3.12.170.58
3.225.197.224
3.228.253.110
3.229.253.47
3.230.217.116
3.230.62.22
3.233.2.39
34.102.163.6
34.102.253.54
34.107.140.113
34.111.151.213
34.117.239.71
34.149.139.129
34.160.110.8
34.229.3.43
34.236.83.94
34.238.100.183
34.95.69.49
34.98.64.218
35.190.60.146
35.201.96.126
35.207.24.140
35.208.249.213
35.211.118.13
35.211.168.6
35.211.178.172
35.214.174.31
35.227.238.208
35.236.220.17
35.71.131.137
35.71.139.29
37.157.3.30
38.133.127.63
38.67.14.233
38.91.45.7
44.194.110.25
5.161.47.120
50.16.178.102
50.17.150.80
50.57.31.206
51.222.39.186
52.0.100.122
52.200.147.16
52.204.169.52
52.204.235.144
52.45.195.30
52.46.128.147
52.94.222.140
54.150.52.25
54.175.87.114
54.231.229.224
54.236.207.110
54.84.14.122
54.87.127.173
63.251.114.182
64.202.112.223
64.202.112.63
67.202.105.24
67.202.105.34
68.67.160.117
68.67.161.182
69.166.1.12
69.90.254.78
74.119.119.139
8.28.7.109
8.28.7.82
8.28.7.83
8.43.72.97
8.43.72.98
80.77.87.216
85.114.159.118
018bc192232b968b662399f1cb800c44ee22b64285a6334366c667f7ebfea058
03bdd68a1e549bf59bc419d1842bec52628885efc75ed8a58a7d1f7671d6c4d7
048f874e94895a241be04b856561141875dfbaccecb9d17194636e4e76e35d46
0505d9d35f5b800e3c33e871391e07105e854107f8d328ef2948e55c592998cf
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06ef905faafedcc71b11e25d395607fb6fef70fdbdaceb87c744255c67624799
09f018dc99aaf0aae3f2948465eebe07197ad50df88dbb4d7128054d6937753b
0ac01ab832b811cdc2dfddaf28ba2f1ee3ef3bb6486cbaeb424226fde71ee625
0b61e01fa0fa02eba3c6a074427ddf2a6cf98c01727b2796309b2b5b005fac70
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7
0ee76f53e11119ca42f018656e6213727e14b4f9fccbb461085a4228e6a5e9c3
1018cb4a03fbcdc99bf7204783541116df11ce9e3e47d70d9ae898e087509c8f
132298c08776faea963092e83b7c30712bde095c62530bd3a613322987c4663e
144c2b996574a2f16003848858de86dc5ad3486fb4fe14a5d5a79d134086e763
174335d566d0545ab14e935285f18c94538c1e31a930e02cbbbdb621dff16447
17e0c05d02b2a10b46a8db89a4b6a55fb26f1326b0d8c08411d5bbec982bf47e
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b1d51840695cebf90274b527443cd64945cd9dfc5d2b785b0a772996ec588fc
1bf1bbcad8540f71ce9a52650312bed2a7115f5983c4aa51611ccd95a26209a9
1decf50a161fc7830e2f819b3ddf4657f8e95b1a931bbb8758b245e5771136d2
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f841e4bcea8d729fc4c3dfe99cfbb9d19d953ec3849ef63884a9b7f750e30d2
224a60d3b9ee474d9ff79d0b5eea6899a1226f5ac1be28b8b94cc8ccda928cc9
23512f106a2d642d35db190fecc14b74fc2941fd95927c74071883b4664bd6cd
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
270baa991d4c6a92df00e1939f1f7ad1ec718a79ee8e376762baa4764a48de99
299064cf3027c5efab4ab6df345de1302dfa562db83eca51965371938480f56c
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ae2901f146e2e0eb83648fdfc19c78aca16e1674313e164bc93c3739bba5d36
2b22f720d97e4d1274da1bc49f9ba0d8e025c089c972a785cac368a4232cca30
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2cab2a52dde7a7bb3713a97e32cf9535c19bf2d3ad9cf8b3e125851a34694c81
2ee880d5083bce6d9c758b3b6312a71beaa88f435ecbb39db798df990eb33a7d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
325cee8a45b452b68fe28fb92173f63a7f19967dbe3bf794bf4e3211772150c9
34938611aa593d7357f75d444a5027fe71a2850f752af7692b17a49dd2cd1f3e
34da4db7f62a34c14acd523bc1631f8a1bd106c4e254031417cf6e4ca0f03221
354c7c31ccc820ab64e828cb4da4b90a48c3366254788fe5f87d40384b229980
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37556f21ece83e6d52942ce75c5286e29ebd631b71cbd253c2260aa99c357cac
37cfb2e2949ec6907b5ee3326e1649042fcd78ecec7748bf23a408ea54a81e5a
380074668f33d068dad846213f5cc473f4b62ba3b17541c5eeee2360a14158f0
3c5e2241bef1a79a567a94c1a1ec90ca39ac7420f7bd79b088a33456e7a26b75
3c8a8f4d7fc689c26598752a7d8413962509ec55d6f906f49380c653c3a90e54
3cde3dc0691b364cf1af3f233269802b8b4d566b962c107fc49966e839222f1e
3cf9c77e85214d4a786d5f7ee18436b972eee1c1261a2cd36ef30c5c149139f8
3de8ef07decf856b076ee333a2180adc73024fdcf82fdbc6d581b8f7179a79d1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
406cfd1d5aae2dc492c9d97c40eb166a57d0b34fd0b53bad45ab13c2c45251b1
41683e0bdfed00e74de14d86441e289271ca70b2a94c721653b9a49dc32fb24e
4253bcd962219ec33a94049a055ea2fa222639cc84bce54ac8847e98779751bf
45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330
4689ea9e2f33ba65fa13615d5c21c3aee8b7d815e31619c97a075283e3e1f3a3
47a3d1d29044a5086d50d45f66600b612cdd16df4893eaf01571c8d2d714f42c
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a4fa2a793d87c88f1509f370dbc40b6deec2188b6a918f92365f873b7bc566d
4ad27a4542f34559df5e881322bde8997fc509e133757ce3b917dfe711608cce
4c23e01584296ea8916b9c42cbd9a3e32a762f83a8cb7562971f7d3d1f68595f
4d25c6738bb1d464eae82c0a631ffa7aeb5d1dc0e08d64ccfeb8ac2a11dcc7b9
4d9de30f44d155113b05e267edeb3f534339c20b02135b37b954e2be32f1f061
4de6eb13c2c48151c25cb6dc7f50c671c5da62d5b4b74e3fc9bc27166d545a98
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5111b3af3c37b8466db90632f3cdb79670a1af92835aa85a510260b52f045a71
51f45c89e5baf365e97a33c12bcd2a8bd365f5e156a519eb3c6db4a270ef0d1a
5251ec9a6d7f9cc54b205363d70eb38bf67517f8e02b3ae04e85c9cf5f908228
52fe2f0394335dab93ffb9cac2bea65d4460b5d24cbc3861e62392194b11bfff
545db9cce08fa6f5f7fca8de17444a357af03c31469c3d3efb3b3d878b89594f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a207ef42bd8bcc27b69afc58788b1e8abf75e8e7592fb713e82ba48680a1e6
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
57be6802e8fc0410b7fbef1465874b00ca5e5578ab6909289abe07e323bad786
596b91ce744edc7970d83e2e14558a0f34cc4f4e3b6e79eb3895bce2ccb2132e
5b065bc8931869f245786b8f36265a2869c05699108fdbf94f86834f9c13fa8e
5b5f77fe91a7939b0a82ff00bafcdaaef36650383cba80aab208b8366f846540
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2
5ead07524b2eb9ccfd50707f2fc5d31b85f73aba7b84b4c49e59541055a90b35
5f8f69ec521f7998af455985a8ede6d8dcf3527b43795fe3d26f1f1b57a5a554
60b9427bcf69f5666b537cc06b5b8784e8542dc84f9c30d366e9707148c7f2cd
60d9368fc1deb5a275b3786195a53ef1272fc24b05a313aa52b1bfcc0a0356a3
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61a283a16ba69a9245d9b575311dd13bc28c7be3db4fd5c7c4e351ae80723a32
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a6c980b8be129cceb54b1c6e63cbf6be73035a0580640635096fb0df2d51ec
638c472f00bf1f407e3d892fca1abd5555290a5eb32205c9e4f63c90bb02dc2e
63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe
653cfc4a507730d9c93ab88da1f305a2cc77001415c00131dc0c544e1d815ef9
6549efdc127fdec0228e078557254246588d0f7b7c5c660c2b01024af55a747f
667e0e6bd866b428060a706b41c7f1510b8dc1d3f1ffbea0af92b60f97c6aedb
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
692f818aef596a451ddd3e3e49972c2c9d40a2c4b95818ab68c2404cd48d208d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f0160c0d198d260e42d1394b516e5495ee57c204e41cd2147e4026110843d54
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
70c9f5b9ffc4e421a2af06e98aedcbba13c4abc468de1de1e34abfd10e44cd1a
70fbc2bab5280ce8aa1b20c58a0df76cfaff01701e7f99f5216a986714955f5d
71289f1cafb92a34fbeda3807b6b4c106b580d0b80c537b76f20ea904aff9776
735b6816a65ac7579d2e7da8452d39d4d63ef595dc11f22870f78b516de48fea
74b65219834e5e3a434a4bf4402d33c3128386e7832fa055bbe6a44e74f599f8
750e66789618a2e5a917b34aa2e29abd2713041f80259ce54ef1b4f0fdffcbdb
7653017a67bf388018d8bfb0b6bf5f7f08fe527efcbe7192e16e580676386d73
77e253f505244807bb3b20519289552308191f98fee3bf62a5ed216ef0027bbf
78d9edd3753ba2f4433bce6cb49b1f1d5c5330d2d840c9771f642a1bb4739566
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
79aec2becba3498299ce3679f16df2629fd562f0a6e14d8d488eb1b36fd750a3
7b01b36d9b978726eeb935eb9cf4ca4b7ac06e7191264f079068f6b0f3a51e90
7bbf817ea38cc3e2226180b9f67af1ce192a5d6c4e5687107162042869cd9d64
7d3eeda444108bf4b47bab911c8ca56750b53165c7b72b1fa92d82fff246b7b7
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
804261af2337d18a1348987292f1f626ed774ea72261c2d088c65160559df8ce
8188bad0f77aaf0e06c5d199b36c85263048a4ac6361bed201939fdab3dd196f
81cbc08ac7fc52caf69215b6998d9719d009481faeb00fee2e9d80a7cf7ad32f
821e02b7009ed37828e3acf4c71ae2f7949acd106935854e5e668d75c07e8d37
82becb6e375bdaef48f36b6971641fecb4ad52adba6c9d76ec39ef3d7c8cb6d8
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83efa753e2890486c7d52feb45bb4e02bfc2d3aa06d85a8bbf3357ea757edeb7
8419b271c9ca43ea4d3a59e65087d8b8720d43daf573ea7a733d7e54078629b0
844723d288a84c14a3f75ff2db1463fca5b4c4c710e3cc3a111624ed959665d9
84cf7087f77b8bfffb48b53c24f98e0f0cae1457b807dd45c6ea5cfafd7a679f
85f49301782a830a3b476d4526f19707b52797255114ea2e23f809112e93af6f
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8779eaf847d7d0857fbfbc273cadb066aa99c65062017e650cfa4e292b544fb5
8a043940b0ded0e4aa9e1fa489e9cdac5b181917ca7110e318fcb20588142aee
8d693f48144bd8215d70c86e0600944a4d7e0eeff086f9bf21437c1ad2ab5a40
8df256f1e82cd2392fbd98d544713ed4556cef20f4698aaeec5b964bb128003d
8fae468ab01bf03f479221385456970eed7d1b5cafaa2ad0bc29a7737118255f
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
92931ceb6a0ad1c9b3e8fc6f335b9dfd6f0c7c8ee36f089bb10241c142a78faa
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
942c3481483f1cf96a592bc13806abc150750324beab13371ee8bbe06132b6c4
946a4a92ed1abe0bc69dabb3125912b3214b7545ef0b69abb8d531047dd326ac
973204e682e5f10266a7584b00d9eec938523b0329393ccd8d876c16393087ea
97fe5992208187911c3daff7fe8556ee254ca0a340ab9af0e3ba04ce7e40e2e3
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
990fda61c1303a87f6317b47fef824552d611209f0537bd4faaa9648d3de1363
991a6a50774ec707a9ad93cf715b8073ac76a0174e37d990d14842796c934e2e
9949b4969bc48051d7a1bec509a025e634a62119e1dca979b687393f8b73c5ee
999ac772ecd6c89636c66006dbf5b68a66abfa304d6e096aa035c906a2b3b714
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b0e415f742585b82139fb7076506657dde225088247e2ac0fba6f88a3d19588
9cd0c52130a2ac95e21959817ca0ad8a7f85c72995e9ecd98e069ff5e01e2135
9cd1fd04fdd09c941b6474e438cdbb026eacc653bc8eed3bbff9c10f3c588eca
a0645960ade152760a6cefc0b03736a9565c09a46c94b2dd39e54da585bde30d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2ef194ebea955025ec930aaa5c9adfb4bb5169751962ef42720c95982827d76
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f110759ac248b71ba8191ecd216b71b867942764fca5986b64cbd1de1e9a3d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a9d5ba4b6b9b759abf83dbe2564735e9d20732b9e5dca62bd01cfce069abaf6e
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
adb8fffa179674d8acb13f029a8085453f8e35301a733468f83c13e27d797870
ae52bf86de6269eea3844925611c0926a53d1348cd48737c10d3a35e3864a4d2
ae7456b1e50878bce33ecbf2ccf6265bed367d29a57654c6d45d9eab52adf551
af83bcc376e33cbade6885a4661002c0d2f3b61f3be9129e3409fd8bba77cd61
b043a79fc3e5aa25fc53b624db4dfc612198a4e62e43780296ab07dafb6f8f83
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b226e982ebf082c4a1c171f540a54f626f9204638f6aa865f8df7a128fe3eb70
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5000148f2a5f03cdef7efaf5a1521e76cba8d7cd457b7901f53cd6c0d88ea15
b5abf5b778d2b365d80d73fe19360dc9d79b037de4533335716e3a10cb02a19e
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
b758f60ab7ad38a56bdff71e6464b146312ea575f56ab7f6b05ed7f157f5bc48
b78572d6e55b45054a090026984daf46b05a13ce30e447ce9a5b7c69770cb632
b9b9103c60ef2c61de42660d6cd67a82d9816426f2b0f0c0a8fa3a1deae3538c
bca8ca0b606f27bde0deffb6bdec48b21b09589ff34f84855d7fc900da207413
bd115dfee70c785b8d7a1adc01b1d94b00dbb7cf7f76491c37cdfd2ba7d06740
bd4c78cb4cd5c2c87a907794076f7a7f7392f9df50958389afbec8c40eb5da8a
bdc2be5cffa8dfcb206f5e79231707fabd9a995620e6238096745ad2dc8e19ca
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
becfbf498f3cc9647d8fc8a70816cb1f3f73803a9fa293735cb9059c77854409
bef230d7ab5194f6f35031932a058ec825d97e86e1add71f2e754092a0ced37a
bf0aa24d09af1cf519a71ab5810beada6d9519e92e9203719edae4f47c793630
c0f02a3ba3b3498d9ff3243cd2185bbf9f9c961f1373b2b463dfa025c2d57c5b
c0f1757f04344d5fffe43240c75d9dce255aeb776e5c7dc6ae2bde53dfa0fc4d
c18a60649d496b8a21eb882f80b4a926b91ca7745a88cf700e6332a8c1beacbe
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c252f945137c12bdc19b58c9147a3fd9642f4fec2ca5f470abc97c3801de4de5
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c48a52c1e3de9a9a65c655c0f98b2b8011e634b7ca25e07fef0fed996c9348f8
c5730d19f43f160faa47af29f7e1dc2bafc393be75aa71d21dc93c775a1833c0
c799ec87fb8a6e52bd93a883abdc71eef0dec77d2365ce4c2f46178a3e0909fd
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca3e02448de31f76fba879898ca788cd01477d1858a9849f5dee77d9b99b9d23
cb0e164268c37fa34afe2281e68c023cd3645ffc16012152990caecda0b7b3b9
cbc8abcf771fbe0106242a5f0fb5c6abcee8f5e2eb295bd5099999bafe14f446
cd9c139673051af705b80d8eb599aa53d534b8d51674f0f8d4dea65a449e51e2
ce678ea3c38d93562a5980fc0e93e397b7349f863509e61646229226bbdf9af9
ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec
ce9eed4b8dac372b933c5a0a051228b93e2040d4084e5aae151a93e97ff81ee4
cea374ba66cfe4d3ca1b67915e800837cddc6f5a7d86f12c244ce7224b53ffb3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0cbf5391519ce7413f34e26d7d4c927aec0cd2536a2358c11d9049bc9d99b7a
d106f9ce97021e6ce9a05e593a70ec7e4956667eab83726c9eb1b473b709fb8e
d134107061dcfaad34af3db635f5ca3b3e368bdeeada543ac4b2b6e183c6ecb8
d38bd44d707d8a64420252663c07bb980c451859b39ad507563b259731a8f926
d4242e5e7d54895bd925f99f5d8b592bca47ff3e8847f6d9b1b9f7a5124ae09d
d66250c74079fb7e8aff09813d778341b2c96be17e7d2a9189b5cab026eb1996
d67eaa6e32c34eea44a3f90b36561f63181ed3d0407665e4e7dc48d54e5b266d
d74c2d14fc5dd9057abed6a1f6ec2a2530c0a7141b756445958a9e371bd7aadd
d7c55765cc1650658a6d4caf887746e13cca55fd22a0a08903d94f5a19ff4715
d80b9ba4d9ed354519644fd9d90aa446ec818d52a9b98395c80a43159dc0e887
d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da6360a75aac69be7076b4a5a4a2d0bfbd3bc4a674bba2e7a9cb698035719159
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df10f8355f2bd4ef1c2d1847baf4480b6dc71a9bf0d45468766b3a5d3d3b146e
e095f4fbb86c7318a76ae06340cfd812a5247ea02b416ed57933365d67648df7
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3365a64785b649248d18cf746d614be77a5c0cd1f99e738c097c1f80cf14c7a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e6e6959ed6b378838af42321e6c741085ba8b771e56d6d50e5ad9ac88caefc
e6e69ae9133bcc7f46c03b0b6608b525ed2cf440c9a218649f9525368093836a
e72ad8643744ad46cfa5296fe4aebcc5cd891bcdfa5a20ef3fb6ba9fc7c52059
e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1
e8ee4b8bc6afcaf826a6d2579fa90baaac11951298a93a81d0aaaa5f3dce3aff
e9342030137f1ca8d0dddbe9a332db2ac4f4bb9cb50b9703b8f61583dd0457dc
ea93b496de3db17a877a4d1fa67327cf419615ba5ad264e0db578e6740494fd9
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03f96a43afa5287be5e99d8514f5c077637593979539175596f0e5727e7134c
f1eea94c1d7f9c6747515e1d7af60618498e8197905f290bc3851da41fbd5588
f305db2d4af7b28e5a52e4d3bb69b5cf0d232ac3c741743941621f6bccccce31
f31746cbb75773acc9358471805e24d2f80184a9686f2e4dfbf57530c3a583c0
f38bc63db8bce430068cac5f70c8195204b8d361092d72cf8508f4e34d4025f6
f38c40b621905a9fd71641dbf0bea45bcbaa990166a170ef77df28c9970aeae8
f59ff797b78853b110b03a4f27bac47a6d31faa53e47d55a56e3725d013f0d83
f5ac9ecf677f9a456c8faf304f9cd9a6deb61b2f7cad70bac84c63428bc7dbe3
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f72dc2e0ed7ee181429860bb157bca7f87f4ccd7c48eb1aa51f67ac6e8863eb5
f72e5334c39de763824e6718c0f9e786a38b476e8f0def8f2c1d158d7a916e5c
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8c4fdb5d5d285dc8316d90b5f924e13abb66c4ec75d273f2f5b1f5bd91c3d92
fc7d668ce601fb1c3906fd950bad204e25d63e3cee77c4b687e75f5bf540f505
ff368f88e73b71f11be0b361856b43add65153e2be6594b7dfef52216f74e201
ff5e5f296b0ef16c2c0d6fbc4f47680335eac8b0a452f413e032531e9788238a
ffd2b669b1e9644f9c9173f577c545125cd4424a599f3c6068f57299cc2f5368