powerball.com Open in urlscan Pro
34.234.199.175 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://powerball.com/
Submission Tags: falconsandbox
Submission: On November 14 via api (November 14th 2020, 6:09:47 pm UTC) from US

Summary HTTP 216 Redirects Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 25 domains to perform 216 HTTP transactions. The main IP is 34.234.199.175, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is powerball.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 9th 2018. Valid for: 3 years.

This is the only time powerball.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 25	34.234.199.175 34.234.199.175	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:205... 2600:9000:2057:5400:15:3f44:b280:21	16509 (AMAZON-02) (AMAZON-02)
25	52.217.67.14 52.217.67.14	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:7ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	3.210.81.118 3.210.81.118	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:20a... 2600:9000:20ae:c200:6:266a:9940:21	16509 (AMAZON-02) (AMAZON-02)
2	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:400c:c03::9b	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.219.254.16 104.219.254.16	63214 (MUSL-RANGE1) (MUSL-RANGE1)
1	143.204.215.44 143.204.215.44	16509 (AMAZON-02) (AMAZON-02)
3 22	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
6	54.230.228.95 54.230.228.95	16509 (AMAZON-02) (AMAZON-02)
6	34.98.126.214 34.98.126.214	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
6	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	104.111.215.135 104.111.215.135	16625 (AKAMAI-AS) (AKAMAI-AS)
8 12	152.199.21.35 152.199.21.35	15133 (EDGECAST) (EDGECAST)
7 7	2606:2800:233... 2606:2800:233:97b6:26be:138a:cba8:bb01	15133 (EDGECAST) (EDGECAST)
4	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
42	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
24	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
6	2600:9000:20a... 2600:9000:20ae:9600:e:ff8:b40:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2	52.37.186.198 52.37.186.198	16509 (AMAZON-02) (AMAZON-02)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
216	35

25 34.234.199.175 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-199-175.compute-1.amazonaws.com

powerball.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:5400:15:3f44:b280:21 (United States)

ASN16509 (AMAZON-02, US)

d2si3hiz85fm4q.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 52.217.67.14 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:7ad (United States)

ASN13335 (CLOUDFLARENET, US)

code.ionicframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.81.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-81-118.compute-1.amazonaws.com

s.gweini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20ae:c200:6:266a:9940:21 (United States)

ASN16509 (AMAZON-02, US)

dw7nrwnn2bkh1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.219.254.16 (United States)

ASN63214 (MUSL-RANGE1, US)
PTR: muslapi.musl.com

muslapi.musl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.44 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-44.fra53.r.cloudfront.net

fs.gweini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 34.98.64.218 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

lanista-bidder-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.230.228.95 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-95.waw50.r.cloudfront.net

d2tbmvllb55wxq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.126.214 (United States)

ASN15169 (GOOGLE, US)
PTR: 214.126.98.34.bc.googleusercontent.com

api.lanistaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.215.135 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-135.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 152.199.21.35 (United States) 8 redirects

ASN15133 (EDGECAST, US)

adserver.adtechus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:233:97b6:26be:138a:cba8:bb01 (United States) 7 redirects

ASN15133 (EDGECAST, US)

adserver.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 172.217.22.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f66.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

15bb87f7bf5870eb9d5da55ba7cc4510.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dc5fec73264351bda8446a12f9fde2f0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b0ee07527caf8d4ae1f0c56fa2b21124.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
49066fdf39dbf690a5949570c8bb81b8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6662fcd9070aae1b93a1d98e6f932518.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ab42dcc19ec28a362ef1ac5cb392cc1e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:20ae:9600:e:ff8:b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

deio3v2go54x9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.37.186.198 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-186-198.us-west-2.compute.amazonaws.com

wowyowapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	googlesyndication.com 15bb87f7bf5870eb9d5da55ba7cc4510.safeframe.googlesyndication.com b0ee07527caf8d4ae1f0c56fa2b21124.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com 49066fdf39dbf690a5949570c8bb81b8.safeframe.googlesyndication.com dc5fec73264351bda8446a12f9fde2f0.safeframe.googlesyndication.com 6662fcd9070aae1b93a1d98e6f932518.safeframe.googlesyndication.com ab42dcc19ec28a362ef1ac5cb392cc1e.safeframe.googlesyndication.com	76 KB
25	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	753 KB
25	amazonaws.com s3.amazonaws.com	2 MB
25	powerball.com 3 redirects powerball.com	177 KB
24	openx.net 4 redirects lanista-bidder-d.openx.net eu-u.openx.net	346 KB
18	googletagservices.com www.googletagservices.com	444 KB
15	cloudfront.net d2si3hiz85fm4q.cloudfront.net dw7nrwnn2bkh1.cloudfront.net d2tbmvllb55wxq.cloudfront.net deio3v2go54x9.cloudfront.net	2 MB
12	adtechus.com 8 redirects adserver.adtechus.com	3 KB
7	advertising.com 7 redirects adserver.adtech.advertising.com	2 KB
6	google.com adservice.google.com	2 KB
6	google.de adservice.google.de	2 KB
6	districtm.io dmx.districtm.io	734 B
6	lanistaads.com api.lanistaads.com	859 B
4	rubiconproject.com fastlane.rubiconproject.com	7 KB
4	casalemedia.com as-sec.casalemedia.com	2 KB
4	pubmatic.com hbopenbid.pubmatic.com	288 B
3	criteo.com bidder.criteo.com gum.criteo.com	286 B
3	criteo.net static.criteo.net	36 KB
2	wowyowapi.com wowyowapi.com
2	clean.gg i.clean.gg	104 B
2	google-analytics.com www.google-analytics.com	19 KB
2	gweini.com s.gweini.com fs.gweini.com	24 KB
2	ionicframework.com code.ionicframework.com	110 KB
1	musl.com muslapi.musl.com	966 B
1	googleapis.com fonts.googleapis.com	2 KB
216	25

	Domain	Requested by
25	s3.amazonaws.com	powerball.com s3.amazonaws.com
25	powerball.com	3 redirects powerball.com
24	securepubads.g.doubleclick.net	powerball.com securepubads.g.doubleclick.net
18	www.googletagservices.com	powerball.com d2si3hiz85fm4q.cloudfront.net
15	pagead2.googlesyndication.com	securepubads.g.doubleclick.net powerball.com
13	lanista-bidder-d.openx.net	3 redirects powerball.com lanista-bidder-d.openx.net
12	tpc.googlesyndication.com	powerball.com
12	adserver.adtechus.com	8 redirects powerball.com
11	eu-u.openx.net	1 redirects powerball.com
7	adserver.adtech.advertising.com	7 redirects
6	deio3v2go54x9.cloudfront.net	d2si3hiz85fm4q.cloudfront.net
6	adservice.google.com	powerball.com
6	adservice.google.de	powerball.com
6	dmx.districtm.io	d2tbmvllb55wxq.cloudfront.net
6	api.lanistaads.com	powerball.com
6	d2tbmvllb55wxq.cloudfront.net	d2si3hiz85fm4q.cloudfront.net
4	fastlane.rubiconproject.com	d2tbmvllb55wxq.cloudfront.net
4	as-sec.casalemedia.com	d2tbmvllb55wxq.cloudfront.net
4	hbopenbid.pubmatic.com	d2tbmvllb55wxq.cloudfront.net
3	static.criteo.net	powerball.com
2	wowyowapi.com	powerball.com
2	bidder.criteo.com	static.criteo.net
2	i.clean.gg	d2si3hiz85fm4q.cloudfront.net
2	dw7nrwnn2bkh1.cloudfront.net	d2si3hiz85fm4q.cloudfront.net
2	www.google-analytics.com	powerball.com www.google-analytics.com
2	code.ionicframework.com	powerball.com code.ionicframework.com
1	ab42dcc19ec28a362ef1ac5cb392cc1e.safeframe.googlesyndication.com	powerball.com
1	6662fcd9070aae1b93a1d98e6f932518.safeframe.googlesyndication.com	powerball.com
1	dc5fec73264351bda8446a12f9fde2f0.safeframe.googlesyndication.com	powerball.com
1	49066fdf39dbf690a5949570c8bb81b8.safeframe.googlesyndication.com	powerball.com
1	b0ee07527caf8d4ae1f0c56fa2b21124.safeframe.googlesyndication.com	powerball.com
1	15bb87f7bf5870eb9d5da55ba7cc4510.safeframe.googlesyndication.com	powerball.com
1	fs.gweini.com	d2si3hiz85fm4q.cloudfront.net
1	muslapi.musl.com	powerball.com
1	gum.criteo.com	d2si3hiz85fm4q.cloudfront.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	s.gweini.com	powerball.com
1	fonts.googleapis.com	powerball.com
1	d2si3hiz85fm4q.cloudfront.net	powerball.com
216	39

This site contains no links.

Subject Issuer	Validity	Valid
*.powerball.com Go Daddy Secure Certificate Authority - G2	`2018-02-09` - `2021-02-09`	3 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
ionicframework.com Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-09-04` - `2020-12-03`	3 months	crt.sh
gweini.com Amazon	`2019-12-05` - `2021-01-05`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
i.clean.gg GTS CA 1D2	`2020-10-27` - `2021-01-25`	3 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-09-04` - `2020-12-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.musl.com Go Daddy Secure Certificate Authority - G2	`2020-08-07` - `2022-10-06`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
api.lanistaads.com GTS CA 1D2	`2020-09-27` - `2020-12-26`	3 months	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.adtechus.com GeoTrust RSA CA 2018	`2019-08-07` - `2021-08-07`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.google.de GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
wowyowapi.com Amazon	`2020-09-08` - `2021-10-08`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://powerball.com/
Frame ID: A234820677767D7B335E685F7937EA2E
Requests: 70 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=powerball.com
Frame ID: D6021A025C1300D965E21B3A88E6B78E
Requests: 1 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: C6FE68700215F020B9E2690CA8D8207E
Requests: 13 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: 40073DF988AF438DC026063E636ECD28
Requests: 13 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: 1402F6F2A3FD70158D1419FF068053C9
Requests: 18 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: A6B20C3B279ED6E70E4E43A988DF77D3
Requests: 19 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: 2E7A43CA8794307EB5DEA2A624803B0A
Requests: 19 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: 253B5068C3EEF35EECAF42F44B4BB211
Requests: 19 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Frame ID: BBE3905097882B751BCE8DCAF1115049
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Frame ID: F63E5C336E97CA58765B299360C61574
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Frame ID: 93342945434F781A24C35A27AF862025
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Frame ID: D1735AF1114F57F6FB0AD3385CF6EEDC
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: EA72C7DEC71096811D2771215ED52390
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: BF420C59EA688881C7C32B54F1A66470
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkgdHgqJrzYgS7V-gpRsx5DgwBHn_33IHwMiY7k4MojDchRQMuYf2Rld4OxLSxuJeXY6zZrx3M0eUkDGk_VvExOPcLZgx_0HtK1skXILskn0t4EYyG2KONE1MHoIBv9_z8PtiSWA3AmFpyX4dh5Q2af852CBeRQzMSNK6E9TJ-UseXemW1-dVAn52dh3UcVv1AaKAnytHFFdE768L10TrX4BQwWTRKjnPJWHppXGDz5S5TeODAfQQum7T65r9BrtWFt7Sa5Ubp_1qc&sai=AMfl-YRbLNEYkqPfjBUqYAbj_KbGt-LtbMEUiyN0q087ywjgR-MU3dgKWK02r2gM7EBp-9Sz182A0OopCNCOPHoj1c5_jDt-5Nes67Ba8KhaVD9kT49ovmRaat4GuSFahYA&sig=Cg0ArKJSzJLZQd54f7oKEAE&urlfix=1&adurl=
Frame ID: 86E7AE34F3D54EBFD93E5CA4D9999263
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 1EA48E7B7E21E7738A5A9F78D984C16D
Requests: 1 HTTP requests in this frame

Frame: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=powerball.com
Frame ID: 0DBD0D8153D2869DCEA5055FB00763AD
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssipso_d4tqi3n3OkQ_PkUxyyzmPfyLsfBu2jair3RzNy2MPAu-_a3peeVhZ9fPpKr2h2ZSrGO7zzDT6MIv44bkj_4UK-lpc6W7MPEOeJpWO6e6EZMW8uDaKSKHkgFEa8DEGWx68N5DIcuwfaNxFoDMtUrZ9dVm0lRA16f_rggsq7UnNUvdA1awVD84IOIO8bZEAty8XeZfwfRK8DHVL7e-Kjiz05-8TGMX7MDWksyziyyeSPjfw71zZJuvnlc3HSLjR2jhuO9kAksw&sai=AMfl-YTVEZU4TYOZ5-GJkYBgZSajw-7YyfUGIPdPL3gqo2T7GB3nz84TbN1Tl769TcgErX51j6WpclCgwOwwF-gm6r-1rUcdL_iZWH7j6X2gA7R-2QU0lg9zrejNxfbSN7U&sig=Cg0ArKJSzFHkKWqsVfHEEAE&urlfix=1&adurl=
Frame ID: DA5C75EAAEFE63D607455F5C85DEAAE7
Requests: 5 HTTP requests in this frame

Frame: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=powerball.com
Frame ID: F47BF315F97965580B2F5F375200D009
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZ3eRXOV7TW1FD6TorATN7mC0o0grVLa1JM8Mp2XXMAkgl-uRxIFqQd1dLYHYLQZXRtG2dNlUCB-5YQJlnrOkmwPNTGmBK4pFmI5C4cWgTqgwh00HccOvY_kpTe8yQLweGkPARQL9prGEpMaMKMGnpBPhgtWevfS1suL9PORx3SXV5y8etiXs29fD4UCx_m2vbyBPd2i-XeWMQWGaGL3KJAYgfNv-oJH4h4-YoCGTvLHCWcyU8uUb6XMOW6gh-tKoXq59XjSkBW1Wc&sig=Cg0ArKJSzEBpH0w_R01MEAE&urlfix=1&adurl=
Frame ID: D573902CC3F29CCC0F3F89D4AD280884
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 5BBBBF3BB59CC2EEB4558C2079FB96C5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 32E1BEA3AF3C7CC5A4BE47D91966D7A9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvH2tBrCEDJkd8Xc2Nv6DFok-p03BS9o6MyiBJqT8R_Sk8L6vrPCAgcXZzAqUv26b6WaWBMSZ6ynCXlYSt2lyEF4SY2VbJcFkWTKpI5u4VLMLYM6_QV7g7-CQhmA6193NogOmobsN_WWxEAzk_fP0vhs2wT8a2nEzYPAmt3hTCbY6KLapf-ioBilqKEdI9yJ-U_WR7BXKRbmxL9gUwY01nUDpHZLD5fzwX18XmA6Mpqh6PfNylWfdKW01zUP2ARn_tktDevzsCVU5iH&sig=Cg0ArKJSzHtLswVpgL4LEAE&urlfix=1&adurl=
Frame ID: AF364DBDBDAB27FA3E86F98D8ED3B47E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 579F82A48368D0105716DFFC334AD380
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkAT3dRk2DV1SlDX1eYSGcLUF2wc-ji9gBve22qTyisD9T7mo_4FsY4jfagUlJz1GobNRvL8dt_vkow66p18-J6fb08blxA2InZzFRNXuiVr3yGWM1IxphD69T80eZJjRIcBxTkvMW0uCL3D-OydklWShPi1pxOvd_f3EkgJa_HVr0e5eqIuE88nYi_OCjyUKGCbZvLpxf-MszWyyIhblTaE2cuOADqMb3BGFXUC4YuoJ59KwvAweeOQAveat9q5DMSdBrubr-bXE9&sig=Cg0ArKJSzE__DSkrm8BVEAE&urlfix=1&adurl=
Frame ID: C184A055EB7FE636DF1F90DEA826A84A
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssK3Gn0h3HTnm5H9PEXd392sPI-I22ftXpzps-27lsrwl8PeVLLiVplKr6MryUoe7_0X7LEF4-zDdihBR9gngKEKK8EisPQwdN6RpZeqZrV45bX6HcIKMOKltr3ZWqX4DQJnEe7BQaEW3W4FHQEqkg-TX_PkefZnsQRg78qt0wea9ARzrPmu_QENFqgc0K177BIYtG6-Po88BAzmnD7NsCTMzHdCO_1hZnCAxnTCaYjXJzqCJAtsmSzDT-vLkv6UIOgfbGbLcQryI5_&sig=Cg0ArKJSzE8eBEhU6IJoEAE&urlfix=1&adurl=
Frame ID: 4E13633BD6E426CD7D11843A74E98266
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 88BBEB40C07A4F8552C1C2020EE7B4C2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: D2F9F1D2CF4C9EC92D9A69A5AB2CE6A1
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: 2E59790A5B2B6AD28E77EEE611290223
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: 37318963AE0C1182982BBE057FC0E945
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: F4937C7F0159938705570BDF44DB3C3F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Ionicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+ionicons(?:\.min)?\.css/i

Page Statistics

216
Requests

100 %
HTTPS

49 %
IPv6

25
Domains

39
Subdomains

35
IPs

6
Countries

6159 kB
Transfer

9252 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://powerball.com/s3fs-css/css/css_ruj2yQTSH7PNQeoduYYpwooYsPhlQ8wqPR0xKAv7tYk.css?qgcoq6 HTTP 302
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ruj2yQTSH7PNQeoduYYpwooYsPhlQ8wqPR0xKAv7tYk.css?qgcoq6

Request Chain 4

https://powerball.com/s3fs-css/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6 HTTP 302
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6

Request Chain 27

https://powerball.com/s3fs-js/js/js_itlfJSKEE5UDNhIHCMK_Y6cb8UJMDmMTtq9dykAXHtI.js HTTP 302
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_itlfJSKEE5UDNhIHCMK_Y6cb8UJMDmMTtq9dykAXHtI.js

Request Chain 85

https://lanista-bidder-d.openx.net/w/1.0/acj?ai=78df6f0c-44ff-48b8-98bb-955b3f8db1b1&o=299171bd0ecf9f&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ifr=1&tws=1600x1200 HTTP 302
https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=78df6f0c-44ff-48b8-98bb-955b3f8db1b1&o=299171bd0ecf9f&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ifr=1&tws=1600x1200

Request Chain 86

https://lanista-bidder-d.openx.net/w/1.0/acj?ai=7a57c5f5-d85d-4fc9-a8da-c5beb5f46bd2&o=275c1b2d601459&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ifr=1&tws=1600x1200 HTTP 302
https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=7a57c5f5-d85d-4fc9-a8da-c5beb5f46bd2&o=275c1b2d601459&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ifr=1&tws=1600x1200

Request Chain 87

https://lanista-bidder-d.openx.net/w/1.0/acj?ai=8d97be58-746b-48b2-a5b3-355f4900112e&o=2931fdf5694747&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=300x250&ifr=1&tws=1600x1200 HTTP 302
https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=8d97be58-746b-48b2-a5b3-355f4900112e&o=2931fdf5694747&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=300x250&ifr=1&tws=1600x1200

Request Chain 95

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1115d8b0761c553;misc=1605377362378;bidfloor=0.3; HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=1115d8b0761c553;misc=1605377362378;bidfloor=0.3 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=1115d8b0761c553;misc=1605377362378;bidfloor=0.3 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=1115d8b0761c553;misc=1605377362378;bidfloor=0.3 HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A86142b5a-26a4-11eb-ad58-1234a9bcb81c;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=1115d8b0761c553;misc=1605377362378;bidfloor=0.3

Request Chain 99

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=11f7e15024c0d23;misc=1605377362389;bidfloor=0.3; HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11f7e15024c0d23;misc=1605377362389;bidfloor=0.3 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1605377361;v=2;cmd=bid;cors=yes;alias=11f7e15024c0d23;misc=1605377362389;bidfloor=0.3 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11f7e15024c0d23;misc=1605377362389;bidfloor=0.3 HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A86146034-26a4-11eb-a637-12e5e259ea22;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11f7e15024c0d23;misc=1605377362389;bidfloor=0.3

Request Chain 110

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=11c811a8906219;misc=1605377362436;bidfloor=0.3; HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11c811a8906219;misc=1605377362436;bidfloor=0.3 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11c811a8906219;misc=1605377362436;bidfloor=0.3 HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A86146034-26a4-11eb-a637-12e5e259ea22;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11c811a8906219;misc=1605377362436;bidfloor=0.3

Request Chain 117

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=11fbb3ca277fd71;misc=1605377362469;bidfloor=0.3; HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11fbb3ca277fd71;misc=1605377362469;bidfloor=0.3 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11fbb3ca277fd71;misc=1605377362469;bidfloor=0.3 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11fbb3ca277fd71;misc=1605377362469;bidfloor=0.3 HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A86142c54-26a4-11eb-a9f3-120d915f11b6;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11fbb3ca277fd71;misc=1605377362469;bidfloor=0.3

Request Chain 215

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405

216 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
powerball.com/ 95 KB
13 KB 476ms
204ms Document
text/html 34.234.199.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.199.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-199-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

088b616e24711a624d186a6c5f34fa7e57038c9742be01a2b9b0bc54deab3482

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: powerball.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 14 Nov 2020 18:09:19 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-content-type-options: nosniff nosniff
cache-control: max-age=86400, public
x-drupal-dynamic-cache: HIT
link: <http://powerball.com/>; rel="shortlink", <http://powerball.com/>; rel="canonical" <http://powerball.com/games/home>; rel="alternate"; hreflang="en" <http://powerball.com/es/games/home>; rel="alternate"; hreflang="es" </games/home>; rel="revision" </node?node=1>; rel="create"
x-ua-compatible: IE=edge
content-language: en
x-frame-options: SAMEORIGIN
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Sat, 14 Nov 2020 01:52:17 GMT
etag: "1605318737"
vary: Cookie,Accept-Encoding
x-generator: Drupal 8 (https://www.drupal.org)
x-drupal-cache: HIT
content-encoding: gzip

GET
H2 200 script.js Show response
d2si3hiz85fm4q.cloudfront.net/ 104 KB
35 KB 60ms
19ms Script
application/javascript 2600:9000:2057:5400:15:3f44:b280:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:5400:15:3f44:b280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9f9302403f3ff37116c63167633fac42db2cb3315ca86b361d7ece48f7a1185

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:02:14 GMT
content-encoding: gzip
last-modified: Fri, 13 Nov 2020 18:12:04 GMT
server: AmazonS3
age: 427
etag: W/"1ac9580c48d7078df5fe7baa39395f90"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=600,public,must-revalidate
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 99_BhKJA1Vo2cW8jNNfPZZ3ke12QSeDI-ev_ZwwRNx-kXJCPq0-UWg==
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70f.cloudfront.net (CloudFront)

GET
H/1.1

200
OK

css_ruj2yQTSH7PNQeoduYYpwooYsPhlQ8wqPR0xKAv7tYk.css
s3.amazonaws.com/cdn.powerball.com/drupal/files/css/
Redirect Chain

https://powerball.com/s3fs-css/css/css_ruj2yQTSH7PNQeoduYYpwooYsPhlQ8wqPR0xKAv7tYk.css?qgcoq6
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ruj2yQTSH7PNQeoduYYpwooYsPhlQ8wqPR0xKAv7tYk.css?qgcoq6

7 KB
8 KB

581ms
247ms

Stylesheet
text/css

52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ruj2yQTSH7PNQeoduYYpwooYsPhlQ8wqPR0xKAv7tYk.css?qgcoq6
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: aee8f6c904d21fb3cd41ea1db98629c28a18b0f86543cc2a3d1d31280bfbb589

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:21 GMT
Last-Modified: Sun, 30 Aug 2020 07:34:51 GMT
Server: AmazonS3
x-amz-request-id: 91A1898E93E3E362
ETag: "c714f92f60895226a3964640d4100d65"
Content-Type: text/css
Cache-Control: public, max-age=2419200
Accept-Ranges: bytes
Content-Length: 7299
x-amz-id-2: kBx2xYG+WKRCaXIAPJVh0XpNei126WVPC6ZnhCmQcrTNxPZGR65/Z8XCbxR/31HRnZuhKhcJzxQ=

Redirect headers

date: Sat, 14 Nov 2020 18:09:20 GMT
x-content-type-options: nosniff
server: Apache
status: 302
content-type: text/html; charset=iso-8859-1
location: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ruj2yQTSH7PNQeoduYYpwooYsPhlQ8wqPR0xKAv7tYk.css?qgcoq6
cache-control: max-age=1209600
content-length: 302
expires: Sat, 28 Nov 2020 18:09:20 GMT

GET
H2 200 css
fonts.googleapis.com/ 33 KB
2 KB 18ms
16ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,300i,700|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e703a92a166d64eba9b39e066909ad90bfc11299b3ca14ec0c70c4a8e92e68c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 14 Nov 2020 17:53:10 GMT
server: ESF
date: Sat, 14 Nov 2020 18:09:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Nov 2020 18:09:20 GMT

GET
H2 200 ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 50 KB
8 KB 51ms
27ms Stylesheet
text/css 2606:4700:20::681a:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 0ede1bf4a756f34c51c51a863ee6d36bf8ef5282
date: Sat, 14 Nov 2020 18:09:20 GMT
via: 1.1 varnish
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 66899
x-cache: HIT
status: 200
x-cache-hits: 2167
content-encoding: br
x-origin-cache: HIT
cf-request-id: 06698b991b0000dfcf6e101000000001
x-served-by: cache-fra19174-FRA
last-modified: Thu, 01 Oct 2020 21:48:28 GMT
server: cloudflare
x-github-request-id: 5CDC:8E86:2A23A1E:2C24E10:5FA3FCE0
x-timer: S1605310462.839613,VS0,VE0
etag: W/"5f764eac-c854"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VJ%2FKSVh8qMX2Tx6Jsen75ErFuwHt65V9EfwXtcGxCe9y9wtBwBNBFZZGsBMmrmh%2BBjxVlJIBCCSGbHFGfqoKPGDyCuu9m92YUlWQDjAzh6qd0GR1zu0y%2BOqvFG%2BDuzbZSRxrNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 5f22aed4fcc9dfcf-FRA
x-proxy-cache: MISS
expires: Thu, 05 Nov 2020 13:33:44 GMT

GET
H/1.1

200
OK

css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css
s3.amazonaws.com/cdn.powerball.com/drupal/files/css/
Redirect Chain

https://powerball.com/s3fs-css/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6

183 KB
184 KB

479ms
144ms

Stylesheet
text/css

52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: eab42dac98795c50f2268c0cf5b318f0dd6c2115db7570c8ac479e108f526167

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:21 GMT
Last-Modified: Sun, 30 Aug 2020 07:34:52 GMT
Server: AmazonS3
x-amz-request-id: 30D38C7E0D23BD49
ETag: "21c5d521707ad8a01947dc8844e70e6e"
Content-Type: text/css
Cache-Control: public, max-age=2419200
Accept-Ranges: bytes
Content-Length: 187903
x-amz-id-2: 1cL3db+a8RbqcvpWN2P1MLeqsG6ED+tDc3dRGZ4ylQoDtNFLbfKOP9GmCOW2YlOrxbo9G4x2RLM=

Redirect headers

date: Sat, 14 Nov 2020 18:09:20 GMT
x-content-type-options: nosniff
server: Apache
status: 302
content-type: text/html; charset=iso-8859-1
location: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
cache-control: max-age=1209600
content-length: 302
expires: Sat, 28 Nov 2020 18:09:20 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 107 KB
35 KB 82ms
28ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 586f76dc6bb5b23638b5952b115013e6cde86c5d0b18d071fc7a5b2a21787ff7

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:20:45 GMT
server: nginx
etag: W/"5f8eabed-1ada9"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sun, 15 Nov 2020 18:09:21 GMT

GET
H/1.1 200
OK gweiniClientV1.php Show response
s.gweini.com/ 91 KB
8 KB 524ms
133ms Script
text/html 3.210.81.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.gweini.com/gweiniClientV1.php?ClientID=PUB_ID&group=GPPowerball
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.81.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-81-118.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 084fd154266692bdc0410bb5e3a74dbd35c4c544b7e84ce52dd4643a0c49b97e

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:21 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Content-Length: 7941
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK powerball-power-play-logo_0.png
s3.amazonaws.com/cdn.powerball.com/drupal/ 25 KB
26 KB 167ms
163ms Image
image/png 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/powerball-power-play-logo_0.png
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c0f02a3ba3b3498d9ff3243cd2185bbf9f9c961f1373b2b463dfa025c2d57c5b

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:22 GMT
Last-Modified: Tue, 28 Apr 2020 05:17:42 GMT
Server: AmazonS3
x-amz-request-id: 483AD203CB0BF57D
ETag: "954a0848710c5224685722e2621e667e"
Content-Type: image/png
Cache-Control: public, max-age=2419200
Accept-Ranges: bytes
Content-Length: 26090
x-amz-id-2: OMtPc9qnb5n30wLoAF7bG9Aw9AOFkQcwsFJ1Fv9baVC6dZM3KgqYRNUSasmEYwXwghPpYtOYfRM=

GET
H2 200 powerball-logo-alternate.png
powerball.com/themes/rapid/images/shared/ 46 KB
46 KB 133ms
128ms Image
image/png 34.234.199.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerball.com/themes/rapid/images/shared/powerball-logo-alternate.png

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.199.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-199-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

5111b3af3c37b8466db90632f3cdb79670a1af92835aa85a510260b52f045a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 17:56:57 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 46618
expires: Sat, 28 Nov 2020 18:09:21 GMT

GET
H2 200 down-arrow-mobile.png
powerball.com/themes/rapid/images/shared/ 8 KB
8 KB 226ms
221ms Image
image/png 34.234.199.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerball.com/themes/rapid/images/shared/down-arrow-mobile.png

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.199.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-199-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

cbc8abcf771fbe0106242a5f0fb5c6abcee8f5e2eb295bd5099999bafe14f446

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 17:56:57 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 8371
expires: Sat, 28 Nov 2020 18:09:21 GMT

GET
H2 200 down-arrow.png
powerball.com/themes/rapid/images/shared/ 12 KB
12 KB 141ms
137ms Image
image/png 34.234.199.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerball.com/themes/rapid/images/shared/down-arrow.png

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.199.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-199-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

3cde3dc0691b364cf1af3f233269802b8b4d566b962c107fc49966e839222f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 17:56:57 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 12466
expires: Sat, 28 Nov 2020 18:09:21 GMT

GET
H/1.1 200
OK icon%20-%20suitcase.png
s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-11/ 1 KB
2 KB 460ms
119ms Image
image/png 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-11/icon%20-%20suitcase.png
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 62a6c980b8be129cceb54b1c6e63cbf6be73035a0580640635096fb0df2d51ec

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:22 GMT
Last-Modified: Mon, 03 Jun 2019 18:45:42 GMT
Server: AmazonS3
x-amz-request-id: CD327E3A502B919E
ETag: "10fafcb681743db4bdf20e94bd570fe6"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1339
x-amz-id-2: Gg0X06JfjSHYSZydxhtj92qOHYlC5DZH6zwuRtAjrlIKoK1PINM7jN1OUD8FNSv5fLT/0z/iF90=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3213
date: Sat, 14 Nov 2020 17:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sat, 14 Nov 2020 19:15:48 GMT

GET
H2 200 plap-icon-how.png
powerball.com/themes/rapid/images/home/ 9 KB
9 KB 216ms
212ms Image
image/png 34.234.199.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerball.com/themes/rapid/images/home/plap-icon-how.png

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.199.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-199-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

51f45c89e5baf365e97a33c12bcd2a8bd365f5e156a519eb3c6db4a270ef0d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 17:56:57 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 9192
expires: Sat, 28 Nov 2020 18:09:21 GMT

GET
H2 200 plap-icon-where.png
powerball.com/themes/rapid/images/home/ 2 KB
2 KB 217ms
213ms Image
image/png 34.234.199.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerball.com/themes/rapid/images/home/plap-icon-where.png

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.199.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-199-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

946a4a92ed1abe0bc69dabb3125912b3214b7545ef0b69abb8d531047dd326ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 17:56:57 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1976
expires: Sat, 28 Nov 2020 18:09:21 GMT

GET
H2 200 plap-icon-powerplay.png
powerball.com/themes/rapid/images/home/ 3 KB
4 KB 217ms
214ms Image
image/png 34.234.199.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerball.com/themes/rapid/images/home/plap-icon-powerplay.png

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.199.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-199-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

ffd2b669b1e9644f9c9173f577c545125cd4424a599f3c6068f57299cc2f5368

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 17:56:57 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 3385
expires: Sat, 28 Nov 2020 18:09:21 GMT

GET
H2 200 plap-icon-multidraw.png
powerball.com/themes/rapid/images/home/ 5 KB
5 KB 224ms
220ms Image
image/png 34.234.199.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerball.com/themes/rapid/images/home/plap-icon-multidraw.png

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.199.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-199-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

bd4c78cb4cd5c2c87a907794076f7a7f7392f9df50958389afbec8c40eb5da8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 17:56:57 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 4817
expires: Sat, 28 Nov 2020 18:09:21 GMT

GET
H2 200 monument-smithsonian-1.png
powerball.com/themes/rapid/images/home/how-tall/ 273 B
479 B 224ms
221ms Image
image/png 34.234.199.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerball.com/themes/rapid/images/home/how-tall/monument-smithsonian-1.png

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.199.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-199-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b9b9103c60ef2c61de42660d6cd67a82d9816426f2b0f0c0a8fa3a1deae3538c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 17:56:57 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 273
expires: Sat, 28 Nov 2020 18:09:21 GMT

GET
H2 200 monument-liberty2.png
powerball.com/themes/rapid/images/home/how-tall/ 927 B
1 KB 224ms
221ms Image
image/png 34.234.199.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerball.com/themes/rapid/images/home/how-tall/monument-liberty2.png

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.199.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-199-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

2ae2901f146e2e0eb83648fdfc19c78aca16e1674313e164bc93c3739bba5d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 17:56:57 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 927
expires: Sat, 28 Nov 2020 18:09:21 GMT

GET
H2 200 monument-pyramid-3.png
powerball.com/themes/rapid/images/home/how-tall/ 2 KB
3 KB 224ms
221ms Image
image/png 34.234.199.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerball.com/themes/rapid/images/home/how-tall/monument-pyramid-3.png

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.199.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-199-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

52fe2f0394335dab93ffb9cac2bea65d4460b5d24cbc3861e62392194b11bfff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 17:56:57 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 2432
expires: Sat, 28 Nov 2020 18:09:21 GMT

GET
H2 200 monument-bloomberg4.png
powerball.com/themes/rapid/images/home/how-tall/ 326 B
532 B 225ms
222ms Image
image/png 34.234.199.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerball.com/themes/rapid/images/home/how-tall/monument-bloomberg4.png

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.199.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-199-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

d67eaa6e32c34eea44a3f90b36561f63181ed3d0407665e4e7dc48d54e5b266d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 17:56:57 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 326
expires: Sat, 28 Nov 2020 18:09:21 GMT

GET
H2 200 monument-eiffel-5.png
powerball.com/themes/rapid/images/home/how-tall/ 2 KB
3 KB 225ms
222ms Image
image/png 34.234.199.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerball.com/themes/rapid/images/home/how-tall/monument-eiffel-5.png

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.199.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-199-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

becfbf498f3cc9647d8fc8a70816cb1f3f73803a9fa293735cb9059c77854409

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 17:56:57 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 2378
expires: Sat, 28 Nov 2020 18:09:21 GMT

GET
H2 200 monument-tradecenter-6.png
powerball.com/themes/rapid/images/home/how-tall/ 806 B
1012 B 225ms
222ms Image
image/png 34.234.199.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerball.com/themes/rapid/images/home/how-tall/monument-tradecenter-6.png

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.199.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-199-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

a2ef194ebea955025ec930aaa5c9adfb4bb5169751962ef42720c95982827d76

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 17:56:57 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 806
expires: Sat, 28 Nov 2020 18:09:21 GMT

GET
H2 200 monument-burj-7.png
powerball.com/themes/rapid/images/home/how-tall/ 2 KB
2 KB 225ms
223ms Image
image/png 34.234.199.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerball.com/themes/rapid/images/home/how-tall/monument-burj-7.png

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.199.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-199-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

47a3d1d29044a5086d50d45f66600b612cdd16df4893eaf01571c8d2d714f42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 17:56:57 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1545
expires: Sat, 28 Nov 2020 18:09:21 GMT

GET
H2 200 monument-sears-8.png
powerball.com/themes/rapid/images/home/how-tall/ 619 B
825 B 225ms
223ms Image
image/png 34.234.199.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerball.com/themes/rapid/images/home/how-tall/monument-sears-8.png

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.199.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-199-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

06ef905faafedcc71b11e25d395607fb6fef70fdbdaceb87c744255c67624799

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Sep 2020 17:56:57 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 619
expires: Sat, 28 Nov 2020 18:09:21 GMT

GET
H/1.1 200
OK odds.png
s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/ 20 KB
20 KB 467ms
127ms Image
image/png 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/odds.png
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ff5e5f296b0ef16c2c0d6fbc4f47680335eac8b0a452f413e032531e9788238a

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:22 GMT
Last-Modified: Mon, 03 Jun 2019 18:45:58 GMT
Server: AmazonS3
x-amz-request-id: 9E81E3D18F4DF42F
ETag: "31e28e1ff8717ae89c4787ce8930a8bc"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 20304
x-amz-id-2: RSnrAKq1XGsB9Rw1oVNWOXKsWPCAjPtx/AhMhuJo9QMcAX+irfPrzl2u8U/8YgtMadP31zMw5mc=

GET
H/1.1 200
OK payments.png
s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/ 20 KB
20 KB 473ms
128ms Image
image/png 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/payments.png
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1b1d51840695cebf90274b527443cd64945cd9dfc5d2b785b0a772996ec588fc

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:22 GMT
Last-Modified: Mon, 03 Jun 2019 18:45:58 GMT
Server: AmazonS3
x-amz-request-id: F3F11A3BEED3994A
ETag: "7f93eb9bb1be1c208734e209e3ed1f8d"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 20330
x-amz-id-2: rmDdKVK+Pnwc4o97kDv32mnOUzEMpQybI8P3PtqSN1T50trD6Z0Y7Q8O21Qw4DlssoGaZitltuc=

GET
H/1.1

200
OK

js_itlfJSKEE5UDNhIHCMK_Y6cb8UJMDmMTtq9dykAXHtI.js Show response
s3.amazonaws.com/cdn.powerball.com/drupal/files/js/
Redirect Chain

https://powerball.com/s3fs-js/js/js_itlfJSKEE5UDNhIHCMK_Y6cb8UJMDmMTtq9dykAXHtI.js
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_itlfJSKEE5UDNhIHCMK_Y6cb8UJMDmMTtq9dykAXHtI.js

472 KB
472 KB

128ms
128ms

Script
application/javascript

52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_itlfJSKEE5UDNhIHCMK_Y6cb8UJMDmMTtq9dykAXHtI.js
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8ad95f25228413950336120708c2bf63a71bf1424c0e6313b6af5dca40171ed2

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:22 GMT
Last-Modified: Sun, 30 Aug 2020 07:34:52 GMT
Server: AmazonS3
x-amz-request-id: BE6DC1B93841F529
ETag: "ec636d237ce41ed54079b1829eb54c4c"
Content-Type: application/javascript
Cache-Control: public, max-age=2419200
Accept-Ranges: bytes
Content-Length: 483341
x-amz-id-2: rXi7hctD/FwoH6VkiM8PTl3PCTJi1yIOY1js5G8AM+GSiMN0VsEOtkP//7cRQAsNg7otBz0+iFM=

Redirect headers

date: Sat, 14 Nov 2020 18:09:20 GMT
x-content-type-options: nosniff
server: Apache
status: 302
content-type: text/html; charset=iso-8859-1
location: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_itlfJSKEE5UDNhIHCMK_Y6cb8UJMDmMTtq9dykAXHtI.js
cache-control: max-age=1209600
content-length: 292
expires: Sat, 28 Nov 2020 18:09:20 GMT

OPTIONS
H2 200 958153f1b8b96ec4c4eb2147429105d9.json
dw7nrwnn2bkh1.cloudfront.net/ Frame 0
0 219ms
139ms Other 2600:9000:20ae:c200:6:266a:9940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json
Protocol: H2
Server: 2600:9000:20ae:c200:6:266a:9940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://powerball.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
content-length: 0
date: Sat, 14 Nov 2020 18:09:21 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: content-type
access-control-max-age: 600
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 91c31195544333f46c3622df2c6df353.cloudfront.net (CloudFront)
x-amz-cf-pop: WAW50-C1
x-amz-cf-id: fe21YqEXTpJxKIoBxSzJVHId13SXLX_yhhfdgN3lXVlLaRxntOFwHA==

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 193ms
122ms Other
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Server: 34.95.69.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://powerball.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 204
server: nginx/1.17.4
date: Sat, 14 Nov 2020 18:09:20 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age: 1728000
content-type: text/plain; charset=utf-8
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2 200 958153f1b8b96ec4c4eb2147429105d9.json Show response
dw7nrwnn2bkh1.cloudfront.net/ 3 KB
4 KB 55ms
55ms XHR
application/json 2600:9000:20ae:c200:6:266a:9940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:c200:6:266a:9940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7eca0566a433074b3919b13144df2921b0b000f7521a2917910db3cc26e0ec2

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 14 Nov 2020 16:19:36 GMT
via: 1.1 91c31195544333f46c3622df2c6df353.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 6585
x-cache: Hit from cloudfront
status: 200
content-length: 3175
last-modified: Thu, 05 Nov 2020 15:32:38 GMT
server: AmazonS3
etag: "8a667f328c0abe0195e44edca88fe08f"
access-control-max-age: 600
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
x-amz-cf-pop: WAW50-C1
accept-ranges: bytes
x-amz-cf-id: XS-Lcq5zihSvla3425Ldw18xU_WgYVRI_J67YpytLl6Mh69HC_d5tQ==

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 132ms
131ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 14 Nov 2020 18:09:20 GMT
via: 1.1 google
server: nginx/1.17.4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK header-rep.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 4 KB
4 KB 470ms
122ms Image
image/jpeg 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/header-rep.jpg
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cd9c139673051af705b80d8eb599aa53d534b8d51674f0f8d4dea65a449e51e2

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:22 GMT
Last-Modified: Mon, 03 Jun 2019 18:42:36 GMT
Server: AmazonS3
x-amz-request-id: 1013754607093E9A
ETag: "0e973dffc15bf2796e8b24b0a1dead33"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 3922
x-amz-id-2: pQffnjioc0TNt0B+wM6wFr0oC5eT3wLgG3ewCp1oPLoV+BgF76BClnckCwS9H+SjM24EhwigEEQ=

GET
H/1.1 200
OK ProximaNova-Regular.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Regular/ 39 KB
40 KB 470ms
118ms Font
application/font-woff 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Regular/ProximaNova-Regular.woff
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5d1765ca16cb96e4294a5c96b2084b580e200a2743b1ff7805d18bd8348825e9

Request headers

Origin: https://powerball.com
Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:22 GMT
Last-Modified: Tue, 04 Jun 2019 03:53:18 GMT
Server: AmazonS3
x-amz-request-id: F65A50BC9829BCAF
ETag: "78adc015dc4ffc4db6e237fefddcf605"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://powerball.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 40260
x-amz-id-2: fu/OKugx/cdAJtgcS7puc9O2a73bRZOWyWjmM9IMhz8RNWPA9ggV1dwYUH9O/3XLKhpZo3cXRh8=

GET
H/1.1 200
OK beach-couple.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 106 KB
106 KB 310ms
224ms Image
image/jpeg 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/beach-couple.jpg
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 821e02b7009ed37828e3acf4c71ae2f7949acd106935854e5e668d75c07e8d37

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:22 GMT
Last-Modified: Tue, 28 Apr 2020 04:52:42 GMT
Server: AmazonS3
x-amz-request-id: 5DEC4DADD9FFEDEF
ETag: "16fdf0e0990ae659f8dad6eb3183738d"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 108307
x-amz-id-2: 21l9DD9CUBEt4/+5cE3yf5pSDNL6U7T/O7bi05aFKYX+igfoIt94jBVlhadhzEydGjWrxblmiQI=

GET
H/1.1 200
OK chapter-sections-digits.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 134 KB
135 KB 134ms
133ms Image
image/png 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/chapter-sections-digits.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 03bdd68a1e549bf59bc419d1842bec52628885efc75ed8a58a7d1f7671d6c4d7

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:22 GMT
Last-Modified: Mon, 03 Jun 2019 18:42:35 GMT
Server: AmazonS3
x-amz-request-id: 5E40C28791237161
ETag: "463652a321bd08768e5436662ab77a65"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 137704
x-amz-id-2: 5Bs+TXM2QMsRZjEKKabjlrQHkNpGy5AavobgqZA6zes7OtRuIvt8hV88gk2gHTKZ5VezrpbabXE=

GET
H/1.1 200
OK chapter-icon-digits.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 5 KB
5 KB 128ms
128ms Image
image/png 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/chapter-icon-digits.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 325cee8a45b452b68fe28fb92173f63a7f19967dbe3bf794bf4e3211772150c9

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:22 GMT
Last-Modified: Mon, 03 Jun 2019 18:42:34 GMT
Server: AmazonS3
x-amz-request-id: 40C1C56FF95CD839
ETag: "941ef7347e719b3dd272745a601be5ca"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4711
x-amz-id-2: s5DZNNugpbaArDYjQh+nzC2qlnVCCVsb05mzvS9f8el++1uk99dIgzocuaGgUbzyDUWE40bgp2I=

GET
H/1.1 200
OK selected-tab.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 358 B
714 B 123ms
123ms Image
image/png 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/selected-tab.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 60d9368fc1deb5a275b3786195a53ef1272fc24b05a313aa52b1bfcc0a0356a3

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:22 GMT
Last-Modified: Mon, 03 Jun 2019 18:42:37 GMT
Server: AmazonS3
x-amz-request-id: AF02A7A376056E18
ETag: "a534365977f2b2e499d219861587f18f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 358
x-amz-id-2: ZDnkKn1OPaSHPczqJnCB59k7CfDmsrPtFt4FlVeJooYc8+QqD9zqqVBWPLkq8CUzTId94Uf2cjI=

GET
H/1.1 200
OK ball-powerball-red.svg
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/home/ 2 KB
2 KB 123ms
122ms Image
image/svg+xml 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/home/ball-powerball-red.svg
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9b0e415f742585b82139fb7076506657dde225088247e2ac0fba6f88a3d19588

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:22 GMT
Last-Modified: Mon, 03 Jun 2019 18:42:32 GMT
Server: AmazonS3
x-amz-request-id: DDF8A308DBA05C84
ETag: "b51736b050323703cfdd1b2dea37359b"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1539
x-amz-id-2: 423VxcgUkaFdg+cyaMmgorysrmFj+wcrucHkJs7q/xFpGyjWwF8XYqegF9aVYPEs/hRBaBOG1ms=

GET
H/1.1 200
OK chapter-sections-plap.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 127 KB
128 KB 123ms
123ms Image
image/png 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/chapter-sections-plap.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d134107061dcfaad34af3db635f5ca3b3e368bdeeada543ac4b2b6e183c6ecb8

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:22 GMT
Last-Modified: Mon, 03 Jun 2019 18:42:35 GMT
Server: AmazonS3
x-amz-request-id: E49B5CEEC36C728D
ETag: "919037d9f382c51cc1f7a8315a0fba30"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 130339
x-amz-id-2: v75SNNFQANnVX6kBu2IMR8FIBWvrziecK67kouCZIkkSWpbGCEGQl37785BgyLIlM0nxLDyPOso=

GET
H/1.1 200
OK chapter-icon-plap.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 3 KB
3 KB 124ms
124ms Image
image/png 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/chapter-icon-plap.png
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b5abf5b778d2b365d80d73fe19360dc9d79b037de4533335716e3a10cb02a19e

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:22 GMT
Last-Modified: Mon, 03 Jun 2019 18:42:34 GMT
Server: AmazonS3
x-amz-request-id: 035227944BE18E7F
ETag: "dbf5cfdb8c71d88c4763528d7d7746d8"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2674
x-amz-id-2: RUZRkmfNNaTy3VscaUUp9FV9xuf0DGW1ZZOZu3GtelPWc9I6pM3DAZfugI4DtuwiwdOqR9oGCYc=

GET
H/1.1 200
OK how-tall-desktop_0.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/ 10 KB
10 KB 130ms
130ms Image
image/jpeg 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/how-tall-desktop_0.jpg
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 77e253f505244807bb3b20519289552308191f98fee3bf62a5ed216ef0027bbf

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:22 GMT
Last-Modified: Mon, 03 Jun 2019 18:45:54 GMT
Server: AmazonS3
x-amz-request-id: 73C3392C22E511B5
ETag: "d94fd880ae887e896b75c3a3992f6572"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 9768
x-amz-id-2: ZyDA5Bk7Sb2kKWFp6diWeZhkjr0v3lmJKCdwmkplPu/fGZuiijmjtwl4LAuF+l2pPg2PyX1aV/k=

GET
H2 200 ionicons.ttf
code.ionicframework.com/ionicons/2.0.1/fonts/ 184 KB
102 KB 44ms
30ms Font
font/ttf 2606:4700:20::681a:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.ionicframework.com/ionicons/2.0.1/fonts/ionicons.ttf?v=2.0.1
Requested by: Host: code.ionicframework.com
URL: https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2

Request headers

Origin: https://powerball.com
Referer: https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 4d2a558c6a82296418e4dae0b2b161dc4a0ed457
date: Sat, 14 Nov 2020 18:09:21 GMT
via: 1.1 varnish
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 47861
x-cache: HIT
status: 200
x-cache-hits: 2
content-encoding: br
x-origin-cache: HIT
cf-request-id: 06698b9c8c00002bd6db297000000001
x-served-by: cache-fra19147-FRA
last-modified: Thu, 01 Oct 2020 21:48:28 GMT
server: cloudflare
x-github-request-id: 14D0:2350:FAEFAC:10673FF:5FA0992F
x-timer: S1605329500.387542,VS0,VE0
etag: W/"5f764eac-2e05c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r3lpyrLmYgZeNt17%2Bw3S2w0m0WTR42S1PyzoIk97cidaob2PnlA0qaC8qpfmbCP6Z1z4kOA0snhjsd9MJoVasRYfy%2B2ZxvPqfyNozsU%2B33eNvUBjO50Cn%2FXCR6apBR32lLHdow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 5f22aeda7aba2bd6-FRA
x-proxy-cache: HIT
expires: Mon, 02 Nov 2020 23:50:42 GMT

GET
H/1.1 200
OK ProximaNova-Bold.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Bold/ 40 KB
40 KB 477ms
134ms Font
application/font-woff 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Bold/ProximaNova-Bold.woff
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 37cc0451eec571b22864bfac29a3766ccebe2d1e48ac4a552a8e9b8e6f9be02f

Request headers

Origin: https://powerball.com
Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:22 GMT
Last-Modified: Tue, 04 Jun 2019 03:53:14 GMT
Server: AmazonS3
x-amz-request-id: A9E519D2997023BE
ETag: "e05ada7ee5a2d1e5a50c5305ce23de68"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://powerball.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 40836
x-amz-id-2: IpSFc6rd5tf9Leqk7ZxmJO8QjPSSwrzn4NXvTZtaclfocZq2jtlEc+DXF/eupT3lJWx0znZk+Dc=

GET
H/1.1 200
OK ProximaNova-Semibold.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Semibold/ 39 KB
40 KB 466ms
123ms Font
application/font-woff 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Semibold/ProximaNova-Semibold.woff
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 16bc74e3ebb6ef6cc2c56565701502e39ea269aa665dd74da5742d371f3b2939

Request headers

Origin: https://powerball.com
Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:22 GMT
Last-Modified: Tue, 04 Jun 2019 03:53:19 GMT
Server: AmazonS3
x-amz-request-id: 1N6Y4V0SBG7T7VFY
ETag: "cc1a6c632152a90dfa994a7280496cb3"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://powerball.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 40304
x-amz-id-2: GSX1WT2eWzt9/24Yz3WNr9cyw8+qjD9Mvjvq4bhwb+LHXQr9LflsXn0AdxxG2NsNplsUJMe0gD8=

GET
H/1.1 200
OK ProximaNova-Extrabld.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Extrabld/ 40 KB
40 KB 531ms
187ms Font
application/font-woff 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Extrabld/ProximaNova-Extrabld.woff
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6bac28b40c710514ce42fda86320277f18b0c22a4ddb3091748cfe6493359a78

Request headers

Origin: https://powerball.com
Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:22 GMT
Last-Modified: Tue, 04 Jun 2019 03:53:15 GMT
Server: AmazonS3
x-amz-request-id: EE444BC921202140
ETag: "dbce0260a4c434e83703edda344b0329"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://powerball.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 40852
x-amz-id-2: b/z9chY1dMeg9vQrhbqiz+xtEsjV6+GjFkRQltU+5mfNu0CX3HT/8p/FgD3aU4x+sDPa9hoQ/EI=

GET
H/1.1 200
OK ProximaNova-Light.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Light/ 39 KB
40 KB 472ms
124ms Font
application/font-woff 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Light/ProximaNova-Light.woff
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 91822d970ea4cb3dbae6039431aaebfd36c46997c43a53a507518eed6dc230b2

Request headers

Origin: https://powerball.com
Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:22 GMT
Last-Modified: Tue, 04 Jun 2019 03:53:17 GMT
Server: AmazonS3
x-amz-request-id: EE2ACB65AD727325
ETag: "0b903f87bae9c87f54243c90469294ee"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://powerball.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 40260
x-amz-id-2: p3jQf5x8IvMSF+5QA+2LDEQOWoWXQckqBuNBTl8mUbnVKkaJFi6Hf9iH7UNsnxT0kL3mqemXVyc=

GET
H/1.1 200
OK ProximaNova-RegularIt.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-RegularIt/ 39 KB
40 KB 482ms
123ms Font
application/font-woff 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-RegularIt/ProximaNova-RegularIt.woff
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 59ff4e9457a98e72723231e1ad962b8c2a77c67f6c025dc6464843931d061c0f

Request headers

Origin: https://powerball.com
Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_6rQtrJh5XFDyJowM9bMY8N1sIRXbdXDIrEeeEI9SYWc.css?qgcoq6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:22 GMT
Last-Modified: Tue, 04 Jun 2019 03:53:19 GMT
Server: AmazonS3
x-amz-request-id: 0W3Y4K0MEK8HEK8Y
ETag: "24d85649dddd19938b718e8d57ddb2bf"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://powerball.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 40116
x-amz-id-2: 8C90nqEA0bpkF7E9JFrP2l3LJpI1mzqfOW0/1TuyiTWuYZWlLOS2bcRWGYixQjC3ATUQghmH2Qk=

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
68 B 13ms
13ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=1129739752&t=pageview&_s=1&dl=https%3A%2F%2Fpowerball.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Powerball&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=1143586029&gjid=594002248&cid=1220759844.1605377361&tid=UA-29233419-1&_gid=2147194622.1605377361&_r=1&_slc=1&z=1931993227

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 Nov 2020 18:09:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://powerball.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
143 B 129ms
41ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=99&profileId=206&cb=79685021452
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Sat, 14 Nov 2020 18:09:21 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://powerball.com
timing-allow-origin: *
vary: Origin

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
83 B 13ms
13ms XHR
text/plain 2a00:1450:400c:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-29233419-1&cid=1220759844.1605377361&jid=1143586029&gjid=594002248&_gid=2147194622.1605377361&_u=YGBACEAABAAAAC~&z=1588584563

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 14 Nov 2020 18:09:21 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://powerball.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csm
bidder.criteo.com/ 0
143 B 42ms
41ms Other
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm?ptv=99&profileId=206
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Sat, 14 Nov 2020 18:09:21 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://powerball.com
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 27ms
26ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 09 Nov 2021 18:09:21 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 29ms
28ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 09 Nov 2021 18:09:21 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame D602 0
0 50ms
16ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=powerball.com

Requested by

Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=powerball.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://powerball.com/

Response headers

status: 200
cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 474
date: Sat, 14 Nov 2020 18:09:20 GMT
content-length: 0

GET
H2 200 recent Show response
powerball.com/api/v1/numbers/powerball/ 301 B
558 B 141ms
140ms XHR
application/json 34.234.199.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://powerball.com/api/v1/numbers/powerball/recent?_format=json

Requested by

Host: powerball.com
URL: https://powerball.com/s3fs-js/js/js_itlfJSKEE5UDNhIHCMK_Y6cb8UJMDmMTtq9dykAXHtI.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.199.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-199-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

ff60bf71801ba353fc4ee363fcd10e085d9e7bb7b1931c4ca7bbbf58fc5006f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://powerball.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
status: 200
x-drupal-dynamic-cache: MISS
content-length: 144
x-ua-compatible: IE=edge
last-modified: Sat, 14 Nov 2020 03:39:15 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1605325155"
vary: Cookie,Accept-Encoding
content-language: en
x-generator: Drupal 8 (https://www.drupal.org)
cache-control: max-age=86400, public
content-type: application/json
x-drupal-cache: HIT
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 powerball Show response
powerball.com/api/v1/estimates/ 162 B
553 B 140ms
140ms XHR
application/json 34.234.199.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://powerball.com/api/v1/estimates/powerball?_format=json

Requested by

Host: powerball.com
URL: https://powerball.com/s3fs-js/js/js_itlfJSKEE5UDNhIHCMK_Y6cb8UJMDmMTtq9dykAXHtI.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.199.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-199-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

509d3c3c026fd85ee8c4c3f7184f9d2c50bf8a37d084d61c6ef9f0af62fdc510

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://powerball.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
status: 200
x-drupal-dynamic-cache: MISS
content-length: 139
x-ua-compatible: IE=edge
last-modified: Sat, 14 Nov 2020 03:39:15 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1605325155"
vary: Cookie,Accept-Encoding
content-language: en
x-generator: Drupal 8 (https://www.drupal.org)
cache-control: max-age=86400, public
content-type: application/json
x-drupal-cache: HIT
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 recent10 Show response
powerball.com/api/v1/numbers/powerball/ 1001 B
657 B 143ms
143ms XHR
application/json 34.234.199.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://powerball.com/api/v1/numbers/powerball/recent10?_format=json

Requested by

Host: powerball.com
URL: https://powerball.com/s3fs-js/js/js_itlfJSKEE5UDNhIHCMK_Y6cb8UJMDmMTtq9dykAXHtI.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.199.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-199-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

a57c9e62447467753e18a6156de0555439e4da83afa4f03cff1771f48b8f6a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://powerball.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
status: 200
x-drupal-dynamic-cache: MISS
content-length: 243
x-ua-compatible: IE=edge
last-modified: Sat, 14 Nov 2020 03:39:15 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1605325155"
vary: Cookie,Accept-Encoding
content-language: en
x-generator: Drupal 8 (https://www.drupal.org)
cache-control: max-age=86400, public
content-type: application/json
x-drupal-cache: HIT
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H/1.1 200
OK powerball-hero-concept3_desktop_full.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2020-04/ 334 KB
334 KB 120ms
119ms Image
image/jpeg 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2020-04/powerball-hero-concept3_desktop_full.jpg
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e6e69ae9133bcc7f46c03b0b6608b525ed2cf440c9a218649f9525368093836a

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:22 GMT
Last-Modified: Tue, 28 Apr 2020 03:58:01 GMT
Server: AmazonS3
x-amz-request-id: A7C91E4277086E24
ETag: "6bc941bff6153e985cccf26af80a4414"
Content-Type: image/jpeg
Cache-Control: public, max-age=2419200
Accept-Ranges: bytes
Content-Length: 341523
x-amz-id-2: UBgy8WyCH5Lvlre99JRHKyw9ZjN9kXo19zbyGyr8JB7P3mY9eFEgIWgvM7B9E4d5g9Asa/p3gYM=

GET
H2 200 /
powerball.com/ 64 KB
64 KB 143ms
142ms Image
text/html 34.234.199.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://powerball.com/

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.199.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-199-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
status: 200
x-drupal-dynamic-cache: HIT
vary: Cookie,Accept-Encoding
x-ua-compatible: IE=edge
last-modified: Sat, 14 Nov 2020 01:52:17 GMT
server: Apache
etag: "1605318737"
x-frame-options: SAMEORIGIN
content-language: en
x-generator: Drupal 8 (https://www.drupal.org)
cache-control: max-age=86400, public
content-type: text/html; charset=UTF-8
link: <http://powerball.com/>; rel="shortlink", <http://powerball.com/>; rel="canonical", <http://powerball.com/games/home>; rel="alternate"; hreflang="en", <http://powerball.com/es/games/home>; rel="alternate"; hreflang="es", </games/home>; rel="revision", </node?node=1>; rel="create"
x-drupal-cache: HIT
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H/1.1 200
OK hero-home-d_0.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2018-01/ 264 KB
264 KB 151ms
151ms Image
image/jpeg 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2018-01/hero-home-d_0.jpg
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6b3422c0bf088fb098d4cf5a1e63791c8eecdcb4d3ab1dc0c36f19a30b171e36

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:22 GMT
Last-Modified: Mon, 03 Jun 2019 18:46:29 GMT
Server: AmazonS3
x-amz-request-id: 55006573AB80C03D
ETag: "7f3021434efe42ed5c9720ca66cbfdc0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 270033
x-amz-id-2: 0zHSzNybbpLXFSbI23ZkbWB7QSfPBs9aultcufxl+qK98EhjGiWdX3Z773YoOsGwtdtNQy+i8hI=

GET
H/1.1 200
OK divider-img-home-9ways.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2018-01/ 486 KB
486 KB 129ms
128ms Image
image/jpeg 52.217.67.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2018-01/divider-img-home-9ways.jpg
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.67.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b758f60ab7ad38a56bdff71e6464b146312ea575f56ab7f6b05ed7f157f5bc48

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 18:09:22 GMT
Last-Modified: Mon, 03 Jun 2019 18:46:23 GMT
Server: AmazonS3
x-amz-request-id: EAE6FF0832222570
ETag: "02dfd34fecf8640a24d1123ca8a81313"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 497334
x-amz-id-2: Tyge9a3S9kxUqajBo7u8bhc3n2YofAw5JhOOT1IovDfnYwb184MAoTuIgeOpcPDLaJebnWDv49U=

GET
H2 200 powerball Show response
powerball.com/api/v1/estimates/ 162 B
553 B 139ms
139ms XHR
application/json 34.234.199.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://powerball.com/api/v1/estimates/powerball?_format=json

Requested by

Host: powerball.com
URL: https://powerball.com/s3fs-js/js/js_itlfJSKEE5UDNhIHCMK_Y6cb8UJMDmMTtq9dykAXHtI.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.199.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-199-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

509d3c3c026fd85ee8c4c3f7184f9d2c50bf8a37d084d61c6ef9f0af62fdc510

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://powerball.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
status: 200
x-drupal-dynamic-cache: MISS
content-length: 139
x-ua-compatible: IE=edge
last-modified: Sat, 14 Nov 2020 03:39:15 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1605325155"
vary: Cookie,Accept-Encoding
content-language: en
x-generator: Drupal 8 (https://www.drupal.org)
cache-control: max-age=86400, public
content-type: application/json
x-drupal-cache: HIT
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 GetWinners Show response
muslapi.musl.com/GameService.svc/ 742 B
966 B 459ms
144ms XHR
application/json 104.219.254.16
MUSL-RANGE1

General

Check archive.org

Show headers Download Go to

Full URL: https://muslapi.musl.com/GameService.svc/GetWinners?gamename=Powerball
Requested by: Host: powerball.com
URL: https://powerball.com/s3fs-js/js/js_itlfJSKEE5UDNhIHCMK_Y6cb8UJMDmMTtq9dykAXHtI.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.219.254.16 , United States, ASN63214 (MUSL-RANGE1, US),
Reverse DNS: muslapi.musl.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bc3885219e4d0a9175100b9462d3188c0819073518907d378efd2d04e491cd67

Request headers

Accept: */*
Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://powerball.com
cache-control: NO-CACHE
content-length: 742

GET
H2 200 powerball Show response
powerball.com/api/v1/draw-summary/ 179 B
549 B 136ms
136ms XHR
application/json 34.234.199.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://powerball.com/api/v1/draw-summary/powerball?_format=json

Requested by

Host: powerball.com
URL: https://powerball.com/s3fs-js/js/js_itlfJSKEE5UDNhIHCMK_Y6cb8UJMDmMTtq9dykAXHtI.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.199.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-199-175.compute-1.amazonaws.com

Software

Apache /

Resource Hash

96c89ec734c7752e7c75aaf206e8cddcfbb8fef9c103bee66a78748df450cf23

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://powerball.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
status: 200
x-drupal-dynamic-cache: UNCACHEABLE
content-length: 129
x-ua-compatible: IE=edge
last-modified: Sat, 14 Nov 2020 03:39:15 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1605325155"
vary: Cookie,Accept-Encoding
content-language: en
x-generator: Drupal 8 (https://www.drupal.org)
cache-control: max-age=86400, public
content-type: application/json
x-drupal-cache: HIT
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 gweiniV1_6_1.min.js Show response
fs.gweini.com/ 15 KB
16 KB 224ms
84ms Script
application/javascript 143.204.215.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.gweini.com/gweiniV1_6_1.min.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.44 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-44.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c60536e1387fd63f18755c87e9028bc138c1cb11fc77a64a159777aae49a12b5

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 20:41:55 GMT
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jan 2020 19:47:21 GMT
server: AmazonS3
age: 77247
etag: "e7bb56484553f1223fea5d70ca7104f4"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 15682
x-amz-cf-id: xPcGnUzQaOm7d0SEch434GR9sj6KGvbO-rsQD0goSBg8RVKTmHr6rA==

GET
H2 200 jstag Show response
lanista-bidder-d.openx.net/w/1.0/ Frame C6FE 168 KB
57 KB 215ms
105ms Script
text/javascript 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.197.0 /
Resource Hash: 90f8a1b7383a69e746bac8e5b5f60c46f4365156f049cf1d02a1a120c4a6cf1e

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
content-encoding: gzip
server: OXGW/16.197.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 58335
via: 1.1 google
expires: Sat, 14 Nov 2020 19:09:22 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame C6FE 277 KB
277 KB 187ms
50ms Script
application/javascript 54.230.228.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-95.waw50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 04:25:25 GMT
Via: 1.1 66e7ff48bbb7e14aaadccfbad3f73cbe.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 49438
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: WAW50-C1
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: yIn-VxIapgEAmRtE3yI6oXk7Cn_QprRigz5vIujtnchM5sp0hinbzQ==

GET
H2 200 jstag Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 4007 168 KB
57 KB 142ms
61ms Script
text/javascript 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.197.0 /
Resource Hash: af9ef9e4461af3cc15cc952c6e15a1b61e9d71aceb089faa5a376f890f12f6a4

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
content-encoding: gzip
server: OXGW/16.197.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 58341
via: 1.1 google
expires: Sat, 14 Nov 2020 19:09:22 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 4007 277 KB
277 KB 157ms
47ms Script
application/javascript 54.230.228.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-95.waw50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 04:25:25 GMT
Via: 1.1 93ca7f89577bcc406284a7bbde241b21.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 49438
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: WAW50-C1
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: l_-8TGVVm5A0gaWdp1PIIj_DOkA0boT5lqM8yydzBR-FgMBSrMajQQ==

GET
H2 200 jstag Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 1402 168 KB
57 KB 152ms
98ms Script
text/javascript 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.197.0 /
Resource Hash: 00dfd24963305a6a979cc6cbe0c6b09cf91f31def2c6c117bde2df9f3c3a1977

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
content-encoding: gzip
server: OXGW/16.197.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 58342
via: 1.1 google
expires: Sat, 14 Nov 2020 19:09:22 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 1402 277 KB
277 KB 171ms
60ms Script
application/javascript 54.230.228.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-95.waw50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 04:25:25 GMT
Via: 1.1 50004ba6b399efd7e9feb3e04887ccc1.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 49438
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: WAW50-C1
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: zv7xrkahs3w3jNR6ZKlGDNWBApSBaCf_nN4BBNHVuKvjlNK7WoAHSw==

GET
H2 200 jstag Show response
lanista-bidder-d.openx.net/w/1.0/ Frame A6B2 168 KB
57 KB 102ms
74ms Script
text/javascript 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.197.0 /
Resource Hash: d90fe56d5322d03430a767ffbff32757f35e50d09efaf2102bdf3266f3ffe4d3

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
content-encoding: gzip
server: OXGW/16.197.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 58343
via: 1.1 google
expires: Sat, 14 Nov 2020 19:09:22 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame A6B2 277 KB
277 KB 163ms
57ms Script
application/javascript 54.230.228.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-95.waw50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 04:25:25 GMT
Via: 1.1 1f7753fcca5feaf6f5b544926db150c1.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 49438
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: WAW50-C1
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: UzwcEu_kk9u_f7WqB8uzGUSr_KRgJzd65FcatBwEFrmAhkXqxlLwZA==

GET
H2 200 jstag Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 2E7A 168 KB
57 KB 107ms
106ms Script
text/javascript 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.197.0 /
Resource Hash: cc6a35e7dab489b088c071fc775e3cf588c8cc459c2aefc588fd3b5b63c4f04f

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
content-encoding: gzip
server: OXGW/16.197.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 58341
via: 1.1 google
expires: Sat, 14 Nov 2020 19:09:22 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 2E7A 277 KB
277 KB 126ms
59ms Script
application/javascript 54.230.228.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-95.waw50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 04:25:25 GMT
Via: 1.1 66e7ff48bbb7e14aaadccfbad3f73cbe.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 49438
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: WAW50-C1
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: taxM69Aek9J1mDv6-cgzuJOrcwLiTNvaFszpemvAAhk5EFAlrH4t-A==

GET
H2 200 jstag Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 253B 168 KB
57 KB 169ms
168ms Script
text/javascript 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.197.0 /
Resource Hash: 442f5fbc4ca36945554fb357000bca13625954ef68cfe1a78a9a75224771ebd9

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
content-encoding: gzip
server: OXGW/16.197.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 58339
via: 1.1 google
expires: Sat, 14 Nov 2020 19:09:22 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 253B 277 KB
277 KB 93ms
56ms Script
application/javascript 54.230.228.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-95.waw50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 14 Nov 2020 04:25:25 GMT
Via: 1.1 93ca7f89577bcc406284a7bbde241b21.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 49438
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: WAW50-C1
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: yUtqI5DvUIbwDsxo3B5X1q5t8E1mB04ANzZ0WZ73PVzp8vuKKcgQnQ==

GET
H2 200 ServeAd
api.lanistaads.com/ 70 B
205 B 253ms
141ms Image
image/png 34.98.126.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=970x250&SiteID=APST09010385POWB9701&Zone=ATF&g=896
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.126.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.126.98.34.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
via: 1.1 google
alt-svc: clear
server: Apache-Coyote/1.1
status: 200
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: Content-Type

GET
H2 200 ServeAd
api.lanistaads.com/ 70 B
129 B 255ms
146ms Image
image/png 34.98.126.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=970x250&SiteID=APST09010385POWB9702&Zone=ATF&g=453
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.126.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.126.98.34.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
via: 1.1 google
alt-svc: clear
server: Apache-Coyote/1.1
status: 200
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: Content-Type

GET
H2 200 ServeAd
api.lanistaads.com/ 70 B
129 B 252ms
145ms Image
image/png 34.98.126.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3001&Zone=ATF&g=7
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.126.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.126.98.34.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
via: 1.1 google
alt-svc: clear
server: Apache-Coyote/1.1
status: 200
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: Content-Type

GET
H2 200 ServeAd
api.lanistaads.com/ 70 B
129 B 249ms
146ms Image
image/png 34.98.126.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3002&Zone=ATF&g=474
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.126.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.126.98.34.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
via: 1.1 google
alt-svc: clear
server: Apache-Coyote/1.1
status: 200
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: Content-Type

GET
H2 200 ServeAd
api.lanistaads.com/ 70 B
138 B 220ms
142ms Image
image/png 34.98.126.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3003&Zone=ATF&g=505
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.126.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.126.98.34.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
via: 1.1 google
alt-svc: clear
server: Apache-Coyote/1.1
status: 200
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: Content-Type

GET
H2 200 ServeAd
api.lanistaads.com/ 70 B
129 B 222ms
146ms Image
image/png 34.98.126.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3004&Zone=ATF&g=838
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.126.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.126.98.34.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
via: 1.1 google
alt-svc: clear
server: Apache-Coyote/1.1
status: 200
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: Content-Type

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 4007 53 KB
18 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bccb0a308fbb44b2d9bb821ec1f556a7c02b548b364b403d35622144cc08d60b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "693 / 790 of 1000 / last-modified: 1605309618"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18092
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:22 GMT

GET
H2

200

acj Show response
lanista-bidder-d.openx.net/w/1.0/ Frame A6B2
Redirect Chain

https://lanista-bidder-d.openx.net/w/1.0/acj?ai=78df6f0c-44ff-48b8-98bb-955b3f8db1b1&o=299171bd0ecf9f&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lani...
https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=78df6f0c-44ff-48b8-98bb-955b3f8db1b1&o=299171bd0ecf9f&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c...

327 B
421 B

56ms
56ms

XHR
application/json

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=78df6f0c-44ff-48b8-98bb-955b3f8db1b1&o=299171bd0ecf9f&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ifr=1&tws=1600x1200
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.197.0 /
Resource Hash: 3d1d0efcac5d213b89c532db6bd846541b32cbe3190d0d35770dc7280846e71d

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Nov 2020 18:09:22 GMT
content-encoding: gzip
server: OXGW/16.197.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://powerball.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 229
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sat, 14 Nov 2020 18:09:22 GMT
via: 1.1 google
server: OXGW/16.197.0
status: 302
location: https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=78df6f0c-44ff-48b8-98bb-955b3f8db1b1&o=299171bd0ecf9f&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ifr=1&tws=1600x1200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://powerball.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2

200

acj Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 1402
Redirect Chain

https://lanista-bidder-d.openx.net/w/1.0/acj?ai=7a57c5f5-d85d-4fc9-a8da-c5beb5f46bd2&o=275c1b2d601459&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lani...
https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=7a57c5f5-d85d-4fc9-a8da-c5beb5f46bd2&o=275c1b2d601459&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c...

327 B
512 B

52ms
52ms

XHR
application/json

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=7a57c5f5-d85d-4fc9-a8da-c5beb5f46bd2&o=275c1b2d601459&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ifr=1&tws=1600x1200
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.197.0 /
Resource Hash: 441cacde84c3fa07e835536bfa606229aff53036ededace76d87a13769bca70a

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Nov 2020 18:09:22 GMT
content-encoding: gzip
server: OXGW/16.197.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://powerball.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 229
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sat, 14 Nov 2020 18:09:22 GMT
via: 1.1 google
server: OXGW/16.197.0
status: 302
location: https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=7a57c5f5-d85d-4fc9-a8da-c5beb5f46bd2&o=275c1b2d601459&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ifr=1&tws=1600x1200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://powerball.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2

200

acj Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 2E7A
Redirect Chain

https://lanista-bidder-d.openx.net/w/1.0/acj?ai=8d97be58-746b-48b2-a5b3-355f4900112e&o=2931fdf5694747&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lani...
https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=8d97be58-746b-48b2-a5b3-355f4900112e&o=2931fdf5694747&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c...

327 B
421 B

55ms
55ms

XHR
application/json

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=8d97be58-746b-48b2-a5b3-355f4900112e&o=2931fdf5694747&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=300x250&ifr=1&tws=1600x1200
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.197.0 /
Resource Hash: c289fc13d24db3dee7916fb4fdd73dcc8fb0723f2ccdb2fd095cf352a0363a21

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Nov 2020 18:09:22 GMT
content-encoding: gzip
server: OXGW/16.197.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://powerball.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 229
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sat, 14 Nov 2020 18:09:22 GMT
via: 1.1 google
server: OXGW/16.197.0
status: 302
location: https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=8d97be58-746b-48b2-a5b3-355f4900112e&o=2931fdf5694747&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=300x250&ifr=1&tws=1600x1200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://powerball.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame C6FE 53 KB
18 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06a79a26274c60253bdb0a153a7a2f1d60e9b0fec21dd9ceb9a1187c3ba5a3cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "693 / 938 of 1000 / last-modified: 1605309537"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18109
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:22 GMT

GET
H2 200 acj Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 253B 327 B
421 B 51ms
51ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/acj?ai=88698ec9-cb7e-4a85-b223-dda588ce4bde&o=274a246744eaad&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=300x250&ifr=1&tws=1600x1200
Requested by: Host: lanista-bidder-d.openx.net
URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.197.0 /
Resource Hash: 34a5447cfe3025eaed781049a76c1931403c18549b77ed4b649944a13defde68

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 Nov 2020 18:09:22 GMT
content-encoding: gzip
server: OXGW/16.197.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://powerball.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 229
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame C6FE 0
424 B 106ms
43ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://powerball.com
access-control-allow-credentials: true
cf-ray: 5f22aee33bd4c771-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 06698ba2030000c771eeb79000000001

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 4007 0
62 B 99ms
43ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://powerball.com
access-control-allow-credentials: true
cf-ray: 5f22aee33bd8c771-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 06698ba2030000c7718a108000000001

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 1402 0
58 B 120ms
58ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sat, 14 Nov 2020 18:09:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://powerball.com

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 1402 0
62 B 82ms
44ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://powerball.com
access-control-allow-credentials: true
cf-ray: 5f22aee33bdac771-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 06698ba2040000c771c6900000000001

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 1402 24 B
454 B 152ms
67ms XHR
application/json 104.111.215.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=398900&v=7.2&r=%7B%22id%22%3A%225f3ab0496b38e9%22%2C%22imp%22%3A%5B%7B%22id%22%3A%226fbabf7e41970e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22398900%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpowerball.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-135.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4802bcd22ef4944c802bd1bfa1434a199a8f3c3480252ebfbf54e3272c19b7fc

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 14 Nov 2020 18:09:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Is-Traffic-Invalid,Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://powerball.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 44
Expires: Sat, 14 Nov 2020 18:09:22 GMT

GET
H2

200

ADTECH;apid=1A86142b5a-26a4-11eb-ad58-1234a9bcb81c;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=1115d8b0761c553;misc=1605377362378;bidfloor=0.3 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 1402
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1115d8b0761c553;misc=1605377362378;bidfloor=0.3;
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=1115d8b0761c553;misc=1605377362378;bidfloor=0.3
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=1115d8b0761c553;misc=1605377362378;bidflo...
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=1115d8b0761c553;misc=1605377362378;bidflo...
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A86142b5a-26a4-11eb-ad58-1234a9bcb81c;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=1115d8b0761c553;misc=1605377362378;b...

48 B
276 B

694ms
693ms

XHR
application/json

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A86142b5a-26a4-11eb-ad58-1234a9bcb81c;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=1115d8b0761c553;misc=1605377362378;bidfloor=0.3
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 6ec2cf5a4d9b10423ca6e413d5fd8afaea310e3b78f68831dc134b25f14a0f1b

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Nov 2020 18:09:23 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Nov 2020 18:09:23 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A86142b5a-26a4-11eb-ad58-1234a9bcb81c;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=1115d8b0761c553;misc=1605377362378;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 1402 238 B
2 KB 416ms
291ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=https%3A%2F%2Fpowerball.com%2F&tk_flint=pbjs_lite_v2.44.3&x_source.tid=bfe69757-d1f3-4080-98a8-ea184a6d4115&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.4416885890228801
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: a033dfd05c28552ef231e1f03f2fbe2ae1de5d36050cbab306e4eb79379335cd

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 14 Nov 2020 18:09:22 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://powerball.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 238
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame A6B2 238 B
2 KB 199ms
69ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=https%3A%2F%2Fpowerball.com%2F&tk_flint=pbjs_lite_v2.44.3&x_source.tid=4edf8b60-5ca7-425c-b239-a3a3f4dd4e67&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6888952480569766
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: ba3db19758b8e5004cd06839aebaaa8fb63a2e55ec13db34c7d2e9328a941a36

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 14 Nov 2020 18:09:22 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://powerball.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 238
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame A6B2 0
62 B 70ms
44ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://powerball.com
access-control-allow-credentials: true
cf-ray: 5f22aee33bdbc771-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 06698ba2060000c771c6901000000001

GET
H2

200

ADTECH;apid=1A86146034-26a4-11eb-a637-12e5e259ea22;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11f7e15024c0d23;misc=1605377362389;bidfloor=0.3 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame A6B2
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=11f7e15024c0d23;misc=1605377362389;bidfloor=0.3;
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11f7e15024c0d23;misc=1605377362389;bidfloor=0.3
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1605377361;v=2;cmd=bid;cors=yes;alias=11f7e15024c0d23;misc=1605377362389;bidflo...
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11f7e15024c0d23;misc=1605377362389;bidflo...
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A86146034-26a4-11eb-a637-12e5e259ea22;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11f7e15024c0d23;misc=1605377362389;b...

47 B
303 B

233ms
233ms

XHR
application/json

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A86146034-26a4-11eb-a637-12e5e259ea22;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11f7e15024c0d23;misc=1605377362389;bidfloor=0.3
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 12b66ed14ac75ad0379df5860a3a2164fd1d0204221cc88bf72e3956bd44577a

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Nov 2020 18:09:23 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 47
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Nov 2020 18:09:23 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A86146034-26a4-11eb-a637-12e5e259ea22;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11f7e15024c0d23;misc=1605377362389;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame A6B2 24 B
454 B 125ms
52ms XHR
application/json 104.111.215.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=398900&v=7.2&r=%7B%22id%22%3A%227a757dd2511861%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2285ba17eb15bce%22%2C%22ext%22%3A%7B%22siteID%22%3A%22398900%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpowerball.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-135.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7a259155dc178421c9b729db60b3ccb553630e6bcfd596bf56920a025459d7c3

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 14 Nov 2020 18:09:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Is-Traffic-Invalid,Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://powerball.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 44
Expires: Sat, 14 Nov 2020 18:09:22 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame A6B2 0
58 B 106ms
59ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sat, 14 Nov 2020 18:09:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://powerball.com

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame BBE3 0
0 62ms
61ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.197.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=841964bc-c226-0bd1-066b-67123ddc5730|1605377362
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=841964bc-c226-0bd1-066b-67123ddc5730|1605377362; Version=1; Expires=Sun, 14-Nov-2021 18:09:22 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1605377362|mOgegqnskin0vNomiygu; Version=1; Expires=Sun, 29-Nov-2020 18:09:22 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.197.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sat, 14 Nov 2020 18:09:22 GMT
content-type: text/html
content-length: 544
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 1402 53 KB
18 KB 71ms
56ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06a79a26274c60253bdb0a153a7a2f1d60e9b0fec21dd9ceb9a1187c3ba5a3cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "693 / 486 of 1000 / last-modified: 1605309537"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18109
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:22 GMT

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame F63E 0
0 57ms
56ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.197.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=841964bc-c226-0bd1-066b-67123ddc5730|1605377362
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=841964bc-c226-0bd1-066b-67123ddc5730|1605377362; Version=1; Expires=Sun, 14-Nov-2021 18:09:22 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1605377362|mOgegqnskin0vNomiygu; Version=1; Expires=Sun, 29-Nov-2020 18:09:22 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.197.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sat, 14 Nov 2020 18:09:22 GMT
content-type: text/html
content-length: 544
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame A6B2 53 KB
18 KB 66ms
57ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c2e68f39502650756db6641d20ce2ffae77eae88ae0ecb646826ff475f1a0b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "693 / 725 of 1000 / last-modified: 1605309618"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18092
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:22 GMT

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 9334 0
0 46ms
46ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.197.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=841964bc-c226-0bd1-066b-67123ddc5730|1605377362
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=841964bc-c226-0bd1-066b-67123ddc5730|1605377362; Version=1; Expires=Sun, 14-Nov-2021 18:09:22 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1605377362|mOgegqnskin0vNomiygu; Version=1; Expires=Sun, 29-Nov-2020 18:09:22 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.197.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sat, 14 Nov 2020 18:09:22 GMT
content-type: text/html
content-length: 544
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 253B 53 KB
18 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bccb0a308fbb44b2d9bb821ec1f556a7c02b548b364b403d35622144cc08d60b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "693 / 834 of 1000 / last-modified: 1605309618"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18092
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:22 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 2E7A 0
62 B 46ms
46ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://powerball.com
access-control-allow-credentials: true
cf-ray: 5f22aee36c3bc771-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 06698ba2200000c771c8b4d000000001

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 2E7A 0
114 B 40ms
38ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sat, 14 Nov 2020 18:09:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://powerball.com

GET
H2

200

ADTECH;apid=1A86146034-26a4-11eb-a637-12e5e259ea22;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11c811a8906219;misc=1605377362436;bidfloor=0.3 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 2E7A
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=11c811a8906219;misc=1605377362436;bidfloor=0.3;
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11c811a8906219;misc=1605377362436;bidfloor=0.3
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11c811a8906219;misc=1605377362436;bidfloo...
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A86146034-26a4-11eb-a637-12e5e259ea22;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11c811a8906219;misc=1605377362436;bi...

47 B
80 B

240ms
240ms

XHR
application/json

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A86146034-26a4-11eb-a637-12e5e259ea22;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11c811a8906219;misc=1605377362436;bidfloor=0.3
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: ba7b2e4051f31892835b810c80389f065f296c4987fb664441e98078fa202797

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Nov 2020 18:09:23 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 47
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Nov 2020 18:09:23 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A86146034-26a4-11eb-a637-12e5e259ea22;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11c811a8906219;misc=1605377362436;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 2E7A 24 B
454 B 135ms
54ms XHR
application/json 104.111.215.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=398900&v=7.2&r=%7B%22id%22%3A%227ef443c1bd2277%22%2C%22imp%22%3A%5B%7B%22id%22%3A%228130c7ffa0501b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22398900%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpowerball.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-135.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f271ca8720194c2ccc73be15ea8d71992c7660f9aa065b56fda2769b3f818727

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 14 Nov 2020 18:09:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Is-Traffic-Invalid,Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://powerball.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 44
Expires: Sat, 14 Nov 2020 18:09:22 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 2E7A 238 B
2 KB 203ms
75ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=https%3A%2F%2Fpowerball.com%2F&tk_flint=pbjs_lite_v2.44.3&x_source.tid=f4320621-7244-41cf-8719-f2864ccb7e42&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6674346415079424
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 66fc54a98b293328d2b284b173eb7d0473888e55afe3b5e8ba151b12a526b63f

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 14 Nov 2020 18:09:22 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://powerball.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 238
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 253B 0
62 B 47ms
47ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://powerball.com
access-control-allow-credentials: true
cf-ray: 5f22aee39c92c771-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 06698ba23f0000c771eb23e000000001

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 253B 238 B
2 KB 211ms
92ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=https%3A%2F%2Fpowerball.com%2F&tk_flint=pbjs_lite_v2.44.3&x_source.tid=009cba36-0240-4311-8b61-5c94c8047ae9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3422284135945175
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 1d96ab2b7dfed04789709927a4ee0c96dff6a9724f6544d0e3e72163d9ed933b

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 14 Nov 2020 18:09:22 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://powerball.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 238
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 253B 24 B
454 B 102ms
53ms XHR
application/json 104.111.215.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=398900&v=7.2&r=%7B%22id%22%3A%225bb5aa2d447db2%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22615596c71e67fe%22%2C%22ext%22%3A%7B%22siteID%22%3A%22398900%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpowerball.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-135.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3edf24dedbacca771946f5e4200a9cb48a7184787db7010159f558c515f80275

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 14 Nov 2020 18:09:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Is-Traffic-Invalid,Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://powerball.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 44
Expires: Sat, 14 Nov 2020 18:09:22 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 253B 0
58 B 52ms
52ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sat, 14 Nov 2020 18:09:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://powerball.com

GET
H2

200

ADTECH;apid=1A86142c54-26a4-11eb-a9f3-120d915f11b6;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11fbb3ca277fd71;misc=1605377362469;bidfloor=0.3 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 253B
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=11fbb3ca277fd71;misc=1605377362469;bidfloor=0.3;
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11fbb3ca277fd71;misc=1605377362469;bidfloor=0.3
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11fbb3ca277fd71;misc=1605377362469;bidflo...
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11fbb3ca277fd71;misc=1605377362469;bidflo...
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A86142c54-26a4-11eb-a9f3-120d915f11b6;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11fbb3ca277fd71;misc=1605377362469;b...

48 B
276 B

680ms
679ms

XHR
application/json

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A86142c54-26a4-11eb-a9f3-120d915f11b6;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11fbb3ca277fd71;misc=1605377362469;bidfloor=0.3
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 478eed09c2a5870bda05b7b2ad7eba224272cc5225a7226de9e7920e3ec20d70

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Nov 2020 18:09:23 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 14 Nov 2020 18:09:23 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A86142c54-26a4-11eb-a9f3-120d915f11b6;cfp=1;rndc=1605377362;v=2;cmd=bid;cors=yes;alias=11fbb3ca277fd71;misc=1605377362469;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 pubads_impl_2020111101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4007 277 KB
98 KB 352ms
149ms Script
text/javascript 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111101.js?21068747

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

sffe /

Resource Hash

1bdc22fea192ccae8d49af471f22e035d0e0bfc695055a58cf7d5ef3f67e30c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99790
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 09:38:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Nov 2020 18:09:22 GMT

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame D173 0
0 56ms
53ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.197.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=841964bc-c226-0bd1-066b-67123ddc5730|1605377362; pd=v2|1605377362|mOgegqnskin0vNomiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=841964bc-c226-0bd1-066b-67123ddc5730|1605377362; Version=1; Expires=Sun, 14-Nov-2021 18:09:22 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1605377362|j8gmmWkijofcsHqGgqiysLiSmOgevNomgunsn0gi; Version=1; Expires=Sun, 29-Nov-2020 18:09:22 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.197.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sat, 14 Nov 2020 18:09:22 GMT
content-type: text/html
content-length: 477
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 2E7A 53 KB
18 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bccb0a308fbb44b2d9bb821ec1f556a7c02b548b364b403d35622144cc08d60b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "693 / 732 of 1000 / last-modified: 1605309618"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18092
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:22 GMT

GET
H2 200 pubads_impl_2020111001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C6FE 276 KB
98 KB 294ms
126ms Script
text/javascript 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

sffe /

Resource Hash

f1b23a6200bdb4728ad055b6439a7055e73c62e61a97804fa6ac13871164c198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99726
x-xss-protection: 0
last-modified: Tue, 10 Nov 2020 09:44:01 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Nov 2020 18:09:22 GMT

GET
H2 200 pubads_impl_2020111201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame A6B2 277 KB
98 KB 242ms
116ms Script
text/javascript 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js?21068748

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

sffe /

Resource Hash

0f7629d61b75eb6d7c66ef4b50d1834816a73712cff60247ac19f997502ba573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99790
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 09:41:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Nov 2020 18:09:22 GMT

GET
H2 200 pubads_impl_2020111001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1402 276 KB
98 KB 212ms
89ms Script
text/javascript 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

sffe /

Resource Hash

f1b23a6200bdb4728ad055b6439a7055e73c62e61a97804fa6ac13871164c198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99726
x-xss-protection: 0
last-modified: Tue, 10 Nov 2020 09:44:01 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Nov 2020 18:09:22 GMT

GET
H2 200 pubads_impl_2020111101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 253B 277 KB
98 KB 302ms
183ms Script
text/javascript 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111101.js?21068747

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

sffe /

Resource Hash

1bdc22fea192ccae8d49af471f22e035d0e0bfc695055a58cf7d5ef3f67e30c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99790
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 09:38:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Nov 2020 18:09:22 GMT

GET
H2 200 pubads_impl_2020111101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2E7A 277 KB
98 KB 302ms
190ms Script
text/javascript 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111101.js?21068747

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

sffe /

Resource Hash

1bdc22fea192ccae8d49af471f22e035d0e0bfc695055a58cf7d5ef3f67e30c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99790
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 09:38:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Nov 2020 18:09:22 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame C6FE 109 B
803 B 40ms
15ms Script
application/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=powerball.com

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame C6FE 109 B
803 B 36ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=powerball.com

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C6FE 4 KB
3 KB 183ms
135ms XHR
text/plain 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1460349825319840&correlator=4222365840804035&output=ldjh&impl=fifs&eid=21068730%2C21066994%2C21067447%2C21068418&vrg=2020111001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201114&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&prev_scp=hb_name%3DAPST09010385POWB9701__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D970x250_t&eri=1&cookie_enabled=1&cdm=powerball.com&bc=31&abxe=1&lmt=1605377362&dt=1605377362961&dlt=1605377361852&idt=1090&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=3&adxs=315&adys=960&adks=3386903054&ucis=ssy1tiypzsfx&ifi=1&ifk=2413875652&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fpowerball.com%2F&top=https%3A%2F%2Fpowerball.com%2F&dssz=11&icsg=2724&mso=4&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x250&ga_vid=1220759844.1605377361&ga_sid=1605377363&ga_hid=1342234826&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

5444170add44bc07eb260682356b61b0d1dfb51175f302c7e71f9e6ed205a22f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2686
x-xss-protection: 0
google-lineitem-id: 5292730782
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138302678468
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://powerball.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
15bb87f7bf5870eb9d5da55ba7cc4510.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C6FE 0
0 130ms
84ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://15bb87f7bf5870eb9d5da55ba7cc4510.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4007 109 B
781 B 43ms
30ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=powerball.com

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4007 109 B
781 B 96ms
83ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=powerball.com

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4007 211 KB
155 KB 228ms
228ms XHR
text/plain 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=421685180157362&correlator=2192427067877681&output=ldjh&impl=fifs&eid=21068747%2C21067448%2C21068418&vrg=2020111101&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201114&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&prev_scp=hb_name%3DAPST09010385POWB9702__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D970x250_t&eri=1&cookie_enabled=1&cdm=powerball.com&bc=31&abxe=1&lmt=1605377363&dt=1605377363017&dlt=1605377361879&idt=1122&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=3&adxs=315&adys=3139&adks=3392797045&ucis=9chksp8xqhvc&ifi=1&ifk=2413875652&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fpowerball.com%2F&top=https%3A%2F%2Fpowerball.com%2F&dssz=11&icsg=2724&mso=4&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x250&ga_vid=1220759844.1605377361&ga_sid=1605377363&ga_hid=2128783495&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111101.js?21068747

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

5a5f9899f9c1147c3f4ebaf57fa881ccc8b0a35a38dfe0408d2fd0f4c600e4fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158512
x-xss-protection: 0
google-lineitem-id: 5292730782
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138302678468
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://powerball.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
b0ee07527caf8d4ae1f0c56fa2b21124.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 4007 0
0 121ms
38ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b0ee07527caf8d4ae1f0c56fa2b21124.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame EA72 0
0 58ms
58ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.197.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=841964bc-c226-0bd1-066b-67123ddc5730|1605377362; pd=v2|1605377362|j8gmmWkijofcsHqGgqiysLiSmOgevNomgunsn0gi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=841964bc-c226-0bd1-066b-67123ddc5730|1605377362; Version=1; Expires=Sun, 14-Nov-2021 18:09:23 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1605377362.1|j8gmmWkijofcsHqGgqiysLiSmOgevNomgunsn0gi.fogSvStuvWvtmuvQsfrF; Version=1; Expires=Sun, 29-Nov-2020 18:09:23 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.197.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sat, 14 Nov 2020 18:09:23 GMT
content-type: text/html
content-length: 668
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame BF42 0
0 66ms
63ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.197.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=841964bc-c226-0bd1-066b-67123ddc5730|1605377362; pd=v2|1605377362.1|j8gmmWkijofcsHqGgqiysLiSmOgevNomgunsn0gi.fogSvStuvWvtmuvQsfrF
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=841964bc-c226-0bd1-066b-67123ddc5730|1605377362; Version=1; Expires=Sun, 14-Nov-2021 18:09:23 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1605377362.1|j8gmmWkijofcsHqGgqiysLiSmOgevNomgunsn0gi.fogSvStuvWvTvtmuvQsfrF; Version=1; Expires=Sun, 29-Nov-2020 18:09:23 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.197.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sat, 14 Nov 2020 18:09:23 GMT
content-type: text/html
content-length: 120
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 86E7 0
0 82ms
81ms Fetch
image/gif 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkgdHgqJrzYgS7V-gpRsx5DgwBHn_33IHwMiY7k4MojDchRQMuYf2Rld4OxLSxuJeXY6zZrx3M0eUkDGk_VvExOPcLZgx_0HtK1skXILskn0t4EYyG2KONE1MHoIBv9_z8PtiSWA3AmFpyX4dh5Q2af852CBeRQzMSNK6E9TJ-UseXemW1-dVAn52dh3UcVv1AaKAnytHFFdE768L10TrX4BQwWTRKjnPJWHppXGDz5S5TeODAfQQum7T65r9BrtWFt7Sa5Ubp_1qc&sai=AMfl-YRbLNEYkqPfjBUqYAbj_KbGt-LtbMEUiyN0q087ywjgR-MU3dgKWK02r2gM7EBp-9Sz182A0OopCNCOPHoj1c5_jDt-5Nes67Ba8KhaVD9kT49ovmRaat4GuSFahYA&sig=Cg0ArKJSzJLZQd54f7oKEAE&urlfix=1&adurl=

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:23 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:23 GMT

GET
H2 200 wowyowdisplay970x250desktop.js Show response
deio3v2go54x9.cloudfront.net/ Frame 86E7 795 B
1 KB 105ms
30ms Script
application/javascript 2600:9000:20ae:9600:e:ff8:b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deio3v2go54x9.cloudfront.net/wowyowdisplay970x250desktop.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:9600:e:ff8:b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df3317fe7031ec742daeed002d97da566a8648fbacb939fce19093f17a79d5c1

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 21:19:37 GMT
via: 1.1 465e661d27b2b6a1c349a5550c745b0f.cloudfront.net (CloudFront)
last-modified: Fri, 15 May 2020 00:11:29 GMT
server: AmazonS3
age: 74987
etag: "3003337c564f4ca4358edc2761ee81a6"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: WAW50-C1
accept-ranges: bytes
content-length: 795
x-amz-cf-id: vD1B905PT_nQf7NOLvQbitdvrLd3IpOLWgmie-kBtmR6y4NQsmz1sg==

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 86E7 75 KB
29 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59f5fcb6da9d8dd2bc430bc879fc48e0421e3f7c8954578eedb491c5db2b02ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605271279018746"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:23 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6FE 73 KB
28 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

587843e8250773df7ab65fc848b867dafea14bda7e849b9839500ae19893940e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605271279018746"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28206
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:23 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C6FE 8 KB
7 KB 41ms
20ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20cbfdda3b89df3d3c52fd63f0c9ee05ee2bf92494b08b6cab7e0aec3df45474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6468
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C6FE 16 KB
6 KB 36ms
17ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:23 GMT

GET
DATA 200
OK truncated
/ Frame 86E7 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b587b14d52dbe3b7f022df8029480b80f6f8edf6942268c25d2a7c41a84195f8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 1EA4 0
0 33ms
20ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://powerball.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Sat, 14 Nov 2020 17:14:41 GMT
expires: Sun, 14 Nov 2021 17:14:41 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3282
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK wowyowdisplay970x250desktop.php
wowyowapi.com/ Frame 0DBD 0
0 889ms
208ms Document
text/html 52.37.186.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=powerball.com
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.37.186.198 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-186-198.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Host: wowyowapi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://powerball.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://powerball.com/

Response headers

access-control-allow-origin: *
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Sat, 14 Nov 2020 18:09:24 GMT
Server: Apache
Content-Length: 907
Connection: keep-alive

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame A6B2 109 B
127 B 15ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=powerball.com

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame A6B2 109 B
127 B 15ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=powerball.com

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A6B2 4 KB
2 KB 145ms
145ms XHR
text/plain 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3420008244108840&correlator=2760226396925241&output=ldjh&impl=fifs&eid=21068748%2C21067447%2C21068418&vrg=2020111201&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201114&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DAPST04010385POWB3002__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D300x250_0%252Chb-bid-372be075e1b6ff&eri=1&cookie=ID%3D13fbf82ad9f2388c-224de49335b900e9%3AT%3D1605377363%3AS%3DALNI_MaQbfHSJutk9srpT78ppS2Bayl_yQ&cdm=powerball.com&bc=31&abxe=1&lmt=1605377363&dt=1605377363391&dlt=1605377361934&idt=1045&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1986902392&ucis=dvjla7y0lrkg&ifi=1&ifk=1468573323&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fpowerball.com%2F&top=https%3A%2F%2Fpowerball.com%2F&dssz=11&icsg=2724&mso=4&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1220759844.1605377361&ga_sid=1605377363&ga_hid=847051464&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js?21068748

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

36c537918428cfb1573c5e1d75d0891bef788af37455c120a93057ef3374e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2291
x-xss-protection: 0
google-lineitem-id: 5293712860
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138303009295
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://powerball.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
49066fdf39dbf690a5949570c8bb81b8.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame A6B2 0
0 90ms
38ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://49066fdf39dbf690a5949570c8bb81b8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame DA5C 0
0 97ms
97ms Fetch
image/gif 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssipso_d4tqi3n3OkQ_PkUxyyzmPfyLsfBu2jair3RzNy2MPAu-_a3peeVhZ9fPpKr2h2ZSrGO7zzDT6MIv44bkj_4UK-lpc6W7MPEOeJpWO6e6EZMW8uDaKSKHkgFEa8DEGWx68N5DIcuwfaNxFoDMtUrZ9dVm0lRA16f_rggsq7UnNUvdA1awVD84IOIO8bZEAty8XeZfwfRK8DHVL7e-Kjiz05-8TGMX7MDWksyziyyeSPjfw71zZJuvnlc3HSLjR2jhuO9kAksw&sai=AMfl-YTVEZU4TYOZ5-GJkYBgZSajw-7YyfUGIPdPL3gqo2T7GB3nz84TbN1Tl769TcgErX51j6WpclCgwOwwF-gm6r-1rUcdL_iZWH7j6X2gA7R-2QU0lg9zrejNxfbSN7U&sig=Cg0ArKJSzFHkKWqsVfHEEAE&urlfix=1&adurl=

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:23 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 wowyowdisplay970x250desktop.js Show response
deio3v2go54x9.cloudfront.net/ Frame DA5C 795 B
1 KB 32ms
31ms Script
application/javascript 2600:9000:20ae:9600:e:ff8:b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deio3v2go54x9.cloudfront.net/wowyowdisplay970x250desktop.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:9600:e:ff8:b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df3317fe7031ec742daeed002d97da566a8648fbacb939fce19093f17a79d5c1

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 21:19:37 GMT
via: 1.1 465e661d27b2b6a1c349a5550c745b0f.cloudfront.net (CloudFront)
last-modified: Fri, 15 May 2020 00:11:29 GMT
server: AmazonS3
age: 74987
etag: "3003337c564f4ca4358edc2761ee81a6"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: WAW50-C1
accept-ranges: bytes
content-length: 795
x-amz-cf-id: isx_yMCxbS5A-jhjd_vTOb4ts61xwOGqVnrKZb-oafgQ3G7pfBO3IA==

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame DA5C 75 KB
29 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59f5fcb6da9d8dd2bc430bc879fc48e0421e3f7c8954578eedb491c5db2b02ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605271279018746"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:23 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4007 73 KB
28 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

587843e8250773df7ab65fc848b867dafea14bda7e849b9839500ae19893940e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605271279018746"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28206
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:23 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4007 9 KB
7 KB 46ms
33ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111101.js?21068747

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2b2822c6367990fdca0bad9a373e6ae8e9741565641fe1b7519cebb5d0db603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6815
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6FE 0
184 B 15ms
15ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111001&jk=1460349825319840&bg=!2dql2vrNAAUoamvQKFix-xkzBf2QJgIAAACGUgAAABRoAQcKAREXbdYvQUjQwl2FJvbYDSJXGsYca_NwwWjnRkmPCL82T-YbkKOgjrYAWd_wfnWmdWRLC5VaNpPOei1hdFBnV381ek3lCOKxANlwZuS55gVjLVqDVaZw-XJJx-Tl0PtVjMU-C8tKiZN_GcHgh82HZUuMbTYoxlUi4zZMHSiwB6DRmE7DieoZgTTEf1lg2LIf1p9AOG6g4AC_aFTSLT4YcCZsTLirCdWkIfowqLlTbAgtXeCZvFIrLzCv3CBO8w4QQJ2SqCwXvFsa_JqZhTRhDuzoPXpbwpNVwHgpvwGeFuVgh-XIELbWTDieubab9oNlH4AEGi9zO6O8zPLYmtg-ZFbozhOM44xWA9ELC9bafdiwqQSZAc3sbsbuVGVxUtKaqvj9jPwqCxY1Mww4TSvQLfLCal0zRW36H-yShqwfT4aTcMc0B896u2arW7sVvbzSq7vBwCh6NoTXApTkKOvQDyCjfjNGz4qBs8RaTMB9BsQfX-BKOtkvJTfSnC8hVnypm9gFlmGXhFyHN2qYCj2HG4Ec38IvZ4Z3REQU_s_QUAN6E8c0A_E_fuuZVpZX8JSOcPxDLOe1nqvn6ckaYug573AmE8mLmfHE1QZpfefk8mg2YYr7SVLDrwpxVUXbmJDImbg_vgtN4-RtrR23DS_Vn3a7C0AFeeGdkPEJ6ZkaktvN2Fak3mqZjzBI4M-RFEcFcEK06INDE702zQJrIktIAPIFVMRw7usmCGic1WLY-v7FAaFxISm2RlH8td1Erftyie2vK6QYZL8NtdiBmdsHWwGJqwBkW083K8hI8_LjcbJEkUwunnv4_gEheCSr8alM7X32Xnxx3OwfvjaSpSFJSmk3_6NS8Zw6vsxIGVw_4QpdyVfeH2gu-Go8rp9fWtJq36CdCN_F0dWF1LctxBGwruy1LGvl5ETlHHB3FqYEQvTFx2DFKzDTCoQlvA07qBwVPwdRML5l80oaqLyPYadQpnFduA

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Nov 2020 18:09:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
status: 204
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wowyowdisplay970x250desktop.php
wowyowapi.com/ Frame F47B 0
0 878ms
207ms Document
text/html 52.37.186.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=powerball.com
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.37.186.198 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-186-198.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Host: wowyowapi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://powerball.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://powerball.com/

Response headers

access-control-allow-origin: *
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Sat, 14 Nov 2020 18:09:24 GMT
Server: Apache
Content-Length: 907
Connection: keep-alive

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame DA5C 0
22 B 97ms
97ms Image
image/gif 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujVN9E6OTwqvsGp9OrlSSm9MuxZ_5gye-Clyn6hWGg38Fed7bukZP8HGTqaqpD-r-mtHPCfBjrZB4nn32fp9cf62fGgAbADu3Ld3HsiYe1ocZqCCKb9LND9hzdbOOJC4_V_YbJeP98mxjU4PO4nqTX3tvzd9LnMOWUXeR-t9ploU9EXwYBwZHU4X8XUP_E910Oe3y4hHm4510Si4E9p8O5HDEJD5iW9fNKmui2Nb8Jk1d9UFkZvW38V8D_Abu2lRar8ol-o1Ei-e_uLNs&sai=AMfl-YRFpWx_u85oD3Ltv2T9Bb8SBMyxJQ82YpnB3WWX285qCmGU94ko4IVXTwl8JnTbaIm5qEB02NxchHUFmHu3ZrKg3VQdbKUzCMa78AuFzF-LlH8Jln2cfpJi3qWw2X8&sig=Cg0ArKJSzBO-T1sgV8jWEAE&urlfix=1&adurl=

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:23 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DA5C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cec7b7ab2f97e76737b96b13651fd0dd0bd22752713cfca094b15f2bbbc262a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4007 16 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:23 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A6B2 0
0 14ms
14ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=powerball.com&host=powerball.com&success=1

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Nov 2020 18:09:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
status: 204
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame D573 0
0 96ms
95ms Fetch
image/gif 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZ3eRXOV7TW1FD6TorATN7mC0o0grVLa1JM8Mp2XXMAkgl-uRxIFqQd1dLYHYLQZXRtG2dNlUCB-5YQJlnrOkmwPNTGmBK4pFmI5C4cWgTqgwh00HccOvY_kpTe8yQLweGkPARQL9prGEpMaMKMGnpBPhgtWevfS1suL9PORx3SXV5y8etiXs29fD4UCx_m2vbyBPd2i-XeWMQWGaGL3KJAYgfNv-oJH4h4-YoCGTvLHCWcyU8uUb6XMOW6gh-tKoXq59XjSkBW1Wc&sig=Cg0ArKJSzEBpH0w_R01MEAE&urlfix=1&adurl=

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:23 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 wowyowdisplay300x250desktop.js Show response
deio3v2go54x9.cloudfront.net/ Frame D573 1 KB
1 KB 31ms
30ms Script
application/javascript 2600:9000:20ae:9600:e:ff8:b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deio3v2go54x9.cloudfront.net/wowyowdisplay300x250desktop.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:9600:e:ff8:b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 676788eac82d90570b7eb37cbe79b56ddb61b3884014e19515ed5d0b175518d6

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 10:19:41 GMT
via: 1.1 465e661d27b2b6a1c349a5550c745b0f.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jun 2020 23:48:25 GMT
server: AmazonS3
age: 28183
etag: "09141670283bfe88eea14b5bd03b90c3"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: WAW50-C1
accept-ranges: bytes
content-length: 1038
x-amz-cf-id: kE-oUJDXDyU5K6A3cWUju9FKmICxmLHhhwkWdEQcLf9xp7bd6NQhXw==

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame D573 75 KB
29 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59f5fcb6da9d8dd2bc430bc879fc48e0421e3f7c8954578eedb491c5db2b02ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605271279018746"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:23 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame A6B2 73 KB
28 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

587843e8250773df7ab65fc848b867dafea14bda7e849b9839500ae19893940e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605271279018746"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28206
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:23 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A6B2 8 KB
6 KB 19ms
19ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111201.js?21068748

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0d2037bb2a549b1aa2e67834687af55bf4c3e32dece3e79e4c27f1c90c7199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6561
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A6B2 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:23 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 5BBB 0
0 6ms
5ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://powerball.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Sat, 14 Nov 2020 17:14:41 GMT
expires: Sun, 14 Nov 2021 17:14:41 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3282
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame D573 0
22 B 97ms
97ms Image
image/gif 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuaspVUDuo-c3YD3Ztc0uLLPdyjPg3HYXy1X3LvhhtA-npSL7e8uWO8RcS2h0ny4iDaSQjvqumwHta4GEcaueUXMV_cgHr1HrJHU3u77Ru8aDkgWeAXmIjeBvaglbt_hz84Ze0vs9ZlqWIJLWzauknJJGi7J0ftBrixKSG-N7mfidRRQQJqBrmSLL1wefaCerEBjX88ZVFD59qYLMTW04zdxJwnSiZyIunDyFusaNwSWAjl17TbWqq86LcbdTfPQTs-x4mbYb0pgJbu2qE&sig=Cg0ArKJSzGv9O8XZDAEWEAE&urlfix=1&adurl=

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:23 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 2E7A 109 B
127 B 21ms
21ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=powerball.com

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2E7A 109 B
127 B 16ms
16ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=powerball.com

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2E7A 4 KB
2 KB 182ms
182ms XHR
text/plain 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=808986698656336&correlator=3876950238046956&output=ldjh&impl=fifs&eid=21067994%2C21068747%2C21068750%2C21067448%2C21068418&vrg=2020111101&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201114&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DAPST04010385POWB3003__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D300x250_0%252Chb-bid-38ec9116ab8ede&eri=1&cookie=ID%3D13fbf82ad9f2388c%3AT%3D1605377363%3AS%3DALNI_MaWaothgkDJ6gPhfq1BGLPkCvv1hg&cdm=powerball.com&bc=31&abxe=1&lmt=1605377363&dt=1605377363674&dlt=1605377361960&idt=1068&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=440&adys=4111&adks=1992055404&ucis=si1wo614ikro&ifi=1&ifk=672433107&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fpowerball.com%2F&top=https%3A%2F%2Fpowerball.com%2F&dssz=11&icsg=2724&mso=4&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1220759844.1605377361&ga_sid=1605377364&ga_hid=1675333109&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111101.js?21068747

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

4bd898800a3d6e073a377c52e661e066644231f0d1bafaf4604a1fc5ebc025c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2216
x-xss-protection: 0
google-lineitem-id: 5293712860
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138303009295
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://powerball.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
dc5fec73264351bda8446a12f9fde2f0.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 2E7A 0
0 52ms
38ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dc5fec73264351bda8446a12f9fde2f0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 32E1 0
0 7ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://powerball.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Sat, 14 Nov 2020 17:14:41 GMT
expires: Sun, 14 Nov 2021 17:14:41 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3282
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 253B 109 B
127 B 16ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=powerball.com

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 253B 109 B
127 B 16ms
16ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=powerball.com

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 253B 4 KB
2 KB 155ms
153ms XHR
text/plain 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3061864086334724&correlator=2019842763950387&output=ldjh&impl=fifs&eid=21067994%2C21068747%2C21067447%2C21068418%2C21065725&vrg=2020111101&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201114&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DAPST04010385POWB3004__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D300x250_0%252Chb-bid-36fbae98f6b356&eri=1&cookie=ID%3D13fbf82ad9f2388c%3AT%3D1605377363%3AS%3DALNI_MaWaothgkDJ6gPhfq1BGLPkCvv1hg&cdm=powerball.com&bc=31&abxe=1&lmt=1605377363&dt=1605377363824&dlt=1605377361986&idt=1005&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=860&adys=4111&adks=1443960515&ucis=n56uddmgae6v&ifi=1&ifk=672433107&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fpowerball.com%2F&top=https%3A%2F%2Fpowerball.com%2F&dssz=11&icsg=2724&mso=4&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1220759844.1605377361&ga_sid=1605377364&ga_hid=653925801&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111101.js?21068747

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

9bfb3b51af4299412b11882b14b5f00c7d4acd274d9604600fd3735d7393e729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2213
x-xss-protection: 0
google-lineitem-id: 5293712860
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138303009295
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://powerball.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
6662fcd9070aae1b93a1d98e6f932518.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 253B 0
0 91ms
38ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://6662fcd9070aae1b93a1d98e6f932518.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1402 109 B
127 B 25ms
25ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=powerball.com

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1402 109 B
127 B 24ms
23ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=powerball.com

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1402 4 KB
2 KB 151ms
150ms XHR
text/plain 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2518422722110743&correlator=315299629075905&output=ldjh&impl=fifs&eid=21068729%2C21065138%2C21067448%2C21068418&vrg=2020111001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201114&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DAPST04010385POWB3001__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D300x250_0%252Chb-bid-341b216ccf2ffe&eri=1&cookie=ID%3D13fbf82ad9f2388c%3AT%3D1605377363%3AS%3DALNI_MaWaothgkDJ6gPhfq1BGLPkCvv1hg&cdm=powerball.com&bc=31&abxe=1&lmt=1605377363&dt=1605377363840&dlt=1605377361908&idt=1021&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1990784575&ucis=b1pyhwxa8i3o&ifi=1&ifk=1468573323&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fpowerball.com%2F&top=https%3A%2F%2Fpowerball.com%2F&dssz=11&icsg=2724&mso=4&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1220759844.1605377361&ga_sid=1605377364&ga_hid=1105763455&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

1c67ddd1bbf200ba5e5e0a6918d2e27988d20605a84c4054d284f06c5da4725f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2211
x-xss-protection: 0
google-lineitem-id: 5293712860
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138303009295
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://powerball.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
ab42dcc19ec28a362ef1ac5cb392cc1e.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 1402 0
0 116ms
68ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ab42dcc19ec28a362ef1ac5cb392cc1e.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame AF36 0
0 98ms
97ms Fetch
image/gif 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvH2tBrCEDJkd8Xc2Nv6DFok-p03BS9o6MyiBJqT8R_Sk8L6vrPCAgcXZzAqUv26b6WaWBMSZ6ynCXlYSt2lyEF4SY2VbJcFkWTKpI5u4VLMLYM6_QV7g7-CQhmA6193NogOmobsN_WWxEAzk_fP0vhs2wT8a2nEzYPAmt3hTCbY6KLapf-ioBilqKEdI9yJ-U_WR7BXKRbmxL9gUwY01nUDpHZLD5fzwX18XmA6Mpqh6PfNylWfdKW01zUP2ARn_tktDevzsCVU5iH&sig=Cg0ArKJSzHtLswVpgL4LEAE&urlfix=1&adurl=

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:23 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:23 GMT

GET
H2 200 wowyowdisplay300x250desktop.js Show response
deio3v2go54x9.cloudfront.net/ Frame AF36 1 KB
1 KB 32ms
31ms Script
application/javascript 2600:9000:20ae:9600:e:ff8:b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deio3v2go54x9.cloudfront.net/wowyowdisplay300x250desktop.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:9600:e:ff8:b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 676788eac82d90570b7eb37cbe79b56ddb61b3884014e19515ed5d0b175518d6

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 10:19:41 GMT
via: 1.1 465e661d27b2b6a1c349a5550c745b0f.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jun 2020 23:48:25 GMT
server: AmazonS3
age: 28183
etag: "09141670283bfe88eea14b5bd03b90c3"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: WAW50-C1
accept-ranges: bytes
content-length: 1038
x-amz-cf-id: osGyY1mVfjQaR0hHzeJZh3f5_DaZrfU_UaP2xeqZim_J30NNr_4FoQ==

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF36 75 KB
29 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59f5fcb6da9d8dd2bc430bc879fc48e0421e3f7c8954578eedb491c5db2b02ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605271279018746"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:23 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E7A 73 KB
28 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

587843e8250773df7ab65fc848b867dafea14bda7e849b9839500ae19893940e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605271279018746"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28206
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:23 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2E7A 8 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111101.js?21068747

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39403e8432066c7809c34d03b0c4a38b63be6c04a66b5336ffaac508958798a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6315
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2E7A 16 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:23 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 579F 0
0 33ms
32ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://powerball.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Sat, 14 Nov 2020 17:14:41 GMT
expires: Sun, 14 Nov 2021 17:14:41 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3282
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A6B2 0
23 B 19ms
16ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111201&jk=3420008244108840&bg=!bW6lbk7NAAVGySeIRli6PDF1kpP4OQIAAACDUgAAAA5oAQcKAeN6gecLLiENvnnvIju1idSt0zvwO-ylOspt-cRb2PQizkENQSd01KnnbTd2hMz4VUuy3tG9I8Qd5uX3Xg4IgOuHL9Mkp38tIzvSWGmetNNh0KxCAYECofpOblG6Sej29ESIKPvYEizQta8ro6qudBK0jbx-xeeKZyTySvd_DFl6wEr3mi5XNCVEySoTqydUi5UKlvkjQJ0ijgFWxJ073GNFWCpDI2IAVjz6LJh4WJ3fARGJxF70gQ-CuK4seq6B-a3IKgOrwJPrCUECHm_xyXU57tO5deO-TOhEcIcCKFg4NFAfNPnDpxRSUgHRauPCKezXlNSqk4pmIc20fT95mAIQhD2-DHDakBk6vqCGxz0xf12awJp4ZvbH2Yx81lg2RO5ZaTZgMN4aBATAnaaUBdmFzCo8XE_s-studZsM1cWuHCp1QjLKSVGCTRqAm2RWuGpEineUUCyf0sVpHspPTKfeyONH8AUUbebB8TvvYl7MQfmDCJTpyYtSff4lI11lotQozfxTqBzOJIfRAVf1guRdxlY_Ryqf0LqZ9uB_SGvvASF6wXAReappg3y69_eTj4pQkUcjcuTmazy72cpisWQq3w5Sruu4mi-xRYLQ9LAczUJuQ3CKxKKZ5Y5bAdo5VTjUss6ZAc1mEC0KSDLxeoljQBbgi8gozV1-Isw2AmaF2xG4Zujz3e2vgfT3oZwp5aMDL_Ylde010kUXarO31zTdqC_rFEJ1H-wFMY2am3FzYN9d0rc9aWAgyV3aoupguRjcgbziblqiFKmkYTwnywO4oAhKodGGBpuM0WqtlHI5IZ-4kyEPiK_lekvQHJHS29f07UPcwD7L-9yIcd013l5E3gIF9_OXj_vWKSRALjQO_NOMDnhaAZVuJNkkrDwgfw_J-N6STbirNfPZVm3mschRSbNf9iQhukWcXzm4R-pT3ctDXIVeMdUfI8B6U_sgSRAV-hcDyNRF7744Fjpwx2DlsVVDMmukVBDcVNnmZHU4kZjbtadE7unCdakJzJitywasc-9vsBJaRpgpzlYL9IQJ844qC30sIYM-Ue4GhTrJdSVod1JmpgjCyc0_Oc-BeBgoVCVO_Ocw48hGjygxUJXccfEDX4xRTDE8Oy_55wt5qWhxeTtM9KR8dJ_rByCu5O7W7W3sLKHgSxCXCW4jaPXXrzbul3_5kdqAC6087F45lOdekCJgZnURz_6MsriiEQv64Myps58GTSbooqBIUVCHRm7zldLq7w3e3JzBLE1ZgiamTA

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Nov 2020 18:09:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
status: 204
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4007 0
40 B 18ms
15ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111101&jk=421685180157362&bg=!vL-lv5_NAAVGySeIRljjzDd_y2JzzAIAAACyUgAAABRoAQcKASJX14qCb8AupO-q7INjF6FgtNTlH2-pk5ItLt8x_I1JkMZoVMkEnp_p2C6bOxR5RQyELIR-O-exgaYQR88bh7GjgNST7LtJyvl3QQn6c2vQefGEUibKXOVOGtCRNBSrZXQQYMuW4Hb9bOBxewxtgi-4XxgqnnvpPT8L0ulElwVjIheG4SFMcnj7zkRck6Cn7708OQr3sMuHeNQm13s3h1uXHaQGY-6NZVCPjp0kcJyGetU6LF0x4IL2e85zd9jMbTpXLFR74OtvNZkE2rViDRigVzschf52mSlkibhsMXlDCVa_wA9GAQpjNLwkgvf45GP9WcO6HzzgC2MCR0-c5ZjZcUnPbhf3hellSb9yRzJ6ZDst8Ss81r_jeKKnVhhWLX7xj5kB53YVJzcROTANf3jv5gQ1L2oLjDSjjmeLksjLrqrAIQsrCmU1srMHwdK6OyLBtax-8AxgAivGD8Pnf5nXy2xT0O-xkV_Gzhrb0-vYJYsafTYLas1gjjQW5PZf4PoLcfTMshwhwVQSl3RKEDGWHKnxyqiYkXXU0_5NbZisYY_CmOdzoqMEyrV6M_i8xT1vpkt77gsMiXawxpf1PNflc-pZTEwbyd5PwO4ankDIgM97I8o-mwA9kcY4EZGU7JBO5pkCilS5jKnTvHgymXwrcDOYV4vmWtELYLBAbpMyQhYHdf2Ydsz3qCcJkYnYDaZZyZp1CSk4Lfns9OVIOCwPoo3G2LfIl8-RO4uXSJ6ZIxtpidQEMQIbZN16bt_ULhdOZGDDnSg_FRvXG2oQxjwqH8hQX-FayAwwULeevjzK5Y9wTyeoUtITbozZpW1tzlJ4NEus4GHAD2L3zGXSSo1xiL1HRVmGj7Rq1-edWhDiWsYqvqrEAAdST9_SDKmiPGjDA1KlTHHBngjJsFZJJDz49Zc2UXGGvkbcTh_e5n2HTPfSn7eg_m12CD4I3pWSHZEygrbxYXu-yqlbC35qRS6IduJfVAcEXx0gJ4qWWjOkSqvx4lcZuyRDJjmuppemJ4x7vFskTxW9uOqFKjw

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Nov 2020 18:09:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
status: 204
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame AF36 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 353a59d05970b6687c82b9521172bc8adffe0ec7b7b27f34fa7061c75f1d7a04

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame AF36 0
45 B 93ms
93ms Image
image/gif 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_xWoasd70idHRKEM4VtgWDKMD62jYKLFMji24QcA3z6xMKLsCskVuq_v8CgAAnkmPSX5c7JXPGobYpmJxU1oetaNkHD4E9zFyPs-4jCahcMLo3bbTonXvBOvC14Nt6jHAaF4CkRt2Z4jtOsfYHHjBBlc4hZEgoO5cYpO56ibsBQUigdYIohNUIPmSac0mzDQMKokfMCdeGN_e5qR3FEy4AO6UKcSG7abLpegSQQAHDUHO6JWifl70ajxqv-5TbZqekRR1RtFARQCcoCY&sig=Cg0ArKJSzMgmZAiaYJzjEAE&urlfix=1&adurl=

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 253B 0
69 B 16ms
15ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=3061864086334724&r=300x250&w=300&h=250&a=0

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Nov 2020 18:09:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
status: 204
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C184 0
0 95ms
94ms Fetch
image/gif 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkAT3dRk2DV1SlDX1eYSGcLUF2wc-ji9gBve22qTyisD9T7mo_4FsY4jfagUlJz1GobNRvL8dt_vkow66p18-J6fb08blxA2InZzFRNXuiVr3yGWM1IxphD69T80eZJjRIcBxTkvMW0uCL3D-OydklWShPi1pxOvd_f3EkgJa_HVr0e5eqIuE88nYi_OCjyUKGCbZvLpxf-MszWyyIhblTaE2cuOADqMb3BGFXUC4YuoJ59KwvAweeOQAveat9q5DMSdBrubr-bXE9&sig=Cg0ArKJSzE__DSkrm8BVEAE&urlfix=1&adurl=

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 wowyowdisplay300x250desktop.js Show response
deio3v2go54x9.cloudfront.net/ Frame C184 1 KB
1 KB 31ms
30ms Script
application/javascript 2600:9000:20ae:9600:e:ff8:b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deio3v2go54x9.cloudfront.net/wowyowdisplay300x250desktop.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:9600:e:ff8:b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 676788eac82d90570b7eb37cbe79b56ddb61b3884014e19515ed5d0b175518d6

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 10:19:41 GMT
via: 1.1 465e661d27b2b6a1c349a5550c745b0f.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jun 2020 23:48:25 GMT
server: AmazonS3
age: 28184
etag: "09141670283bfe88eea14b5bd03b90c3"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: WAW50-C1
accept-ranges: bytes
content-length: 1038
x-amz-cf-id: dh-53_M4sh6dam-g2N8VgpP7gIDJ0reuPtcM_1u2yyf_X3O-fzwsjg==

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C184 75 KB
29 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59f5fcb6da9d8dd2bc430bc879fc48e0421e3f7c8954578eedb491c5db2b02ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605271279018746"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:24 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 253B 73 KB
28 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

587843e8250773df7ab65fc848b867dafea14bda7e849b9839500ae19893940e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605271279018746"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28206
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:24 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 253B 8 KB
6 KB 29ms
28ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111101.js?21068747

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ab2b90221143759d0cd61d26cd6ca890bf1199710186af4d59a01ba73e789e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4E13 0
0 99ms
98ms Fetch
image/gif 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssK3Gn0h3HTnm5H9PEXd392sPI-I22ftXpzps-27lsrwl8PeVLLiVplKr6MryUoe7_0X7LEF4-zDdihBR9gngKEKK8EisPQwdN6RpZeqZrV45bX6HcIKMOKltr3ZWqX4DQJnEe7BQaEW3W4FHQEqkg-TX_PkefZnsQRg78qt0wea9ARzrPmu_QENFqgc0K177BIYtG6-Po88BAzmnD7NsCTMzHdCO_1hZnCAxnTCaYjXJzqCJAtsmSzDT-vLkv6UIOgfbGbLcQryI5_&sig=Cg0ArKJSzE8eBEhU6IJoEAE&urlfix=1&adurl=

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 wowyowdisplay300x250desktop.js Show response
deio3v2go54x9.cloudfront.net/ Frame 4E13 1 KB
1 KB 31ms
30ms Script
application/javascript 2600:9000:20ae:9600:e:ff8:b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deio3v2go54x9.cloudfront.net/wowyowdisplay300x250desktop.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:9600:e:ff8:b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 676788eac82d90570b7eb37cbe79b56ddb61b3884014e19515ed5d0b175518d6

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 10:19:41 GMT
via: 1.1 465e661d27b2b6a1c349a5550c745b0f.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jun 2020 23:48:25 GMT
server: AmazonS3
age: 28184
etag: "09141670283bfe88eea14b5bd03b90c3"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: WAW50-C1
accept-ranges: bytes
content-length: 1038
x-amz-cf-id: IYdsPWJ09N4ytvjrCax3R04byRx0zEkndUVjk9uJOB6lW2DWV5JbJA==

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E13 75 KB
29 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59f5fcb6da9d8dd2bc430bc879fc48e0421e3f7c8954578eedb491c5db2b02ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605271279018746"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:24 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1402 73 KB
28 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

587843e8250773df7ab65fc848b867dafea14bda7e849b9839500ae19893940e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605271279018746"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28206
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:24 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1402 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111001.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a67f0d874ea37d9bfc919d26a7e1a06d0154513c43e4d4ba1d7e8a6271dba3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6462
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 253B 16 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:24 GMT

GET
DATA 200
OK truncated
/ Frame C184 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9a9cadda2e12dd1c246db8b30adc5a2c2584fb931e1a024b4c29bac261d78fc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1402 16 KB
6 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Sat, 14 Nov 2020 18:09:24 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C184 0
22 B 94ms
93ms Image
image/gif 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUKkHYZHEgY7OnOrWs2UA2M-ebiecOch8Hu5DholcOsnathdQBuCfx1Wy425nTVgYLAU0xbueOEM7D5JLBUOz4yx9l6Hv67TVGmPRlgqy3d_-1nh1UodpqbJOLF6k9Fja85zAW22S3pFr7RhHsbjc8DsaSgmjQm9dyg2U5aqg0xiTD7-kCNwvU39twRCKShqCgK1ztq52QgtJhz7eWi4XRnQLG2A36FIYU46mhKFpMN32itP14NYcAEfreJVhV6ZlFHRV9McA_x4q-zz0&sig=Cg0ArKJSzIvWexoJNNIrEAE&urlfix=1&adurl=

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 88BB 0
0 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://powerball.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Sat, 14 Nov 2020 17:14:41 GMT
expires: Sun, 14 Nov 2021 17:14:41 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3283
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4E13 0
22 B 97ms
96ms Image
image/gif 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8lhOS-aZbHe6141n04teCOP8-1soBZOE7_HQBMWMP9-cv0iv-cZW0BjLvO168h-V9eaicjZ9zJq6TnDmFyx-G4awUi-5EWazalDOhGhhaUqF7p0ZC20PqSMFu9jpKmbSJY4T-klb7STin_d6JQqg1uj7TN2V0I7800_4iptWEk89KNu4rDsoee4LfrvPQfkBHHZondHI792-CRxMHQ1J9AJUZOFfnTnpuRI-RRuReRibWD3WkcQya8V7tbLBg2gBk-OS6SGmzcSBXVpw&sig=Cg0ArKJSzPDUNKrzfhfYEAE&urlfix=1&adurl=

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame D2F9 0
0 6ms
5ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://powerball.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Sat, 14 Nov 2020 17:14:41 GMT
expires: Sun, 14 Nov 2021 17:14:41 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3283
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2E7A 0
23 B 15ms
15ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111101&jk=808986698656336&bg=!x8SlxOTNAAUoamvQKFiV5HVT9repmQIAAAEIUgAAACdoAQcKAVnW6BeOq6lwS8vsUnqCB5J_FOyT3Tql1X7DBFmqC0BoDTkuUtvjzqY16jUSrS9mK9kT8j9QAo9Di9X9M9oRKEJ0O9jDQNysJTS6sIokLlMU4FNUafO9wRb0ZRdRLl_93b1FlUnWk2BYzhMfWzajZ79jr7os3YO6dyDjBnd5wNMYpCxwRe0rBkI4Nx59MBX5gvkR0cwRFUwQOhY8-q4J9nlSnX8qwaNGzIeOusUm1LR7ozTlZ0mNmRqjrXbDhBwUc-VT01CQ1e81sD6xxBXeIdRvIVtvU0yZen7ylu-hI55LvkIQTChu4vMH9SowQhWzfAuny8QN6ETNa3F2u0r0g73DT0KU6tYf8HL0IsE2kneaj1DgtwZZPpcMKZCe8RpLLoi-FUWpv6_C_Vx2eW3AJWrb3OjHlaQzQUV-2a2aGg58xCnPTYWXoNtbzv1BiApfn84XoBKPssIGIhCZAc3xJJ1p51DOiCC00_pCkS56AltDFuGQnwHPVAxtLjoVdtbspXnHEhJxnqvU2ZLeQ3-gnZhiwqkdlBfA8RaQ7_0UMS6EgGyXR2H7FfH3ttd5j00tqKY031OZDynp1tdKpKsPUXFemT0GFP-HQxwkdsgzhQESpho_riNABCXuT9VMHLCnRUsipzoKLyjFKzXXPFmM0YCwh7z332kH2UMa22DiujULc9azaPXIwpulJB0SWVI1na4_Y1yXLE6gUN5dDeHRZp1AqVnSHWZTs3dSKdndA1hecVvpmQecDpyPgUxKj_4jIynn9-tC9gFH1NeE7NyGgxyt-2MxSA0KMn1zU_g4cRONUWewRU3vkXNTGBeQrooaITsgGbawKcGXM3kp4I1klQPk3OWyicFjZ-drmB3KnD8PYM5NNyriNdPnQeRCcfIlyVG-rn67CdUwI8BDDTY2ly7k0cxqcfYFzpAFmfDfAs45PKY6nBNkJ376EuGhPD6TC70ciEwdjEb-VEdqAPhoOWUoYJouGBoV0t3htfms5yEwmRe8PSUGNOlvyBdrjDOhHVMYVdFgdeAdSIHq5rpMNZSKGUoi-686Z-iwVzmAlHYfbP_gSjr5c51U7Q

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Nov 2020 18:09:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
status: 204
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 86E7 0
22 B 91ms
91ms Image
image/gif 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvjFCY1fqv7V6JGIorv6YoHLsNa8QiJgm660lk4JnlYsTqcXxMCJrpcYNb_Oah4kgUtXY5rEbUTzXn2uFPHH7l1EFKjd181IjPdOyJO_nKGlIBlRyO_XTBEd42Ian-TWjII9g9sjNA-ty4WF8vr7ysIRuuL8Qzxlanygu6l2KY4iPCj9SuSxrBwa_x6oR2iJe0XSOj3kU8RlqM5zdTmfe6kBXouhDCtiWfWnrbChsquqvJhr4m2iIdn4rNel8kLFafsI8DaMam3diiTi4&sai=AMfl-YTF5-BCqcZzca4oov4693HCVD1ZF6apKTnjnTkBX0f9YkHS-kZ41c6mR36gkV5BoFyNojwCpCEgZegMiqIicHsAdiMPXemmVazBpfn98s3ROMtxNvZMsIdOzkvF1cw&sig=Cg0ArKJSzAlaFCA_kKhoEAE&urlfix=1&adurl=

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Nov 2020 18:09:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 253B 0
23 B 16ms
15ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111101&jk=3061864086334724&bg=!x8SlxOTNAAUoamvQKFjtCCJ1vrgnEAIAAAFFUgAAACBoAQcKAHG0kK-jG0P9ZJc9V9F9FSky54_W2jiOpeDh4UPSYG8EeEl7yBcVwcluC9IYivruq0fooX8pPUkPO-nFSi3udhBBzZMjwdysNYSMrJBltLHkcT4MCgIUD_oZHS9qVpBJnyXgHV0nsgk16IDdfh7KPNYWhJkBzc6Spk1W4Elyo6hna6jmn_6j_de_IU2FGoPiogrVe2lLlx5_TAnU1sjPV8jowTusrdhBjVLUa0SDYY_WPFFAMjHoHNGOv0JhjcrFQoFlxoVx9KjX099gQ4L3HayxENI-oR1UbB9eR4p9fkuSoBor7uHN_AX6EOXqBwwAy_tdIoqmt4Lb-vj5vEfmdounWSMGKLKbAb9mHXGJO2zNIp_MtbXrLcYfBDXAchtkh32eSxd-dzIl1yNzFrVdI-tNTrJfOARqpnfvqRQds0i01VaiuXRz7-5P_lsJIV0pzgyNAMQBAjM43GhgO0_vJ4KA5C_2eMsWreyRyJ-C10vG-Bs4gyuR6evLT6RyhLG5MDIWZnPYodwRue-Auf4Fub92xzVCxHtmOjwKjr_KR04Hm4ZDmBb8y3aj3DpzEJ7nasMrQiOnz2LKu6L3isP7wD8wm23VL3_7ToTEyEYsZxoPbaZj3T0DZ-F8YPakEXuuVGAmXQRYrUSF0kAuG7CEkGYN1_FdjDT40eVSuFmYkD4cLZph6ls1Rrlqoi9FceRsQNkbGK7RMkJtAQBQZkzxHw62vNLXfpy93BT2M-HDhOpajdi__p2-QEvvhKDtWBYIjAVH

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Nov 2020 18:09:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
status: 204
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1402 0
23 B 17ms
16ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111001&jk=2518422722110743&bg=!5uWl5cXNAAUoamvQKFjzLm5oOCSGMgIAAAEjUgAAAChoAQcKAZBNck4cna57SYuY9lrQcPAwTySk22TeHZAH8wIpFGKj0Rqt2pEDRc1an1tGlZWmTwToZWcvCKkBUXY49BexzEU9i279mH191SWmNJPtiSN-9wtDApdqFjIxmy3sQrC3bidcVjFRyn00T1G_l2J0n44yZONE1lck7NgmpL9RmgLK8jHDpVWPKWaJvLJCObno8oEoP8hBSAsZX30PvVrvTdfCMk6uLRFNlZ3ZALaS3Cu4neSNZDRgRTFqOcfjY0H9PfXMM0kv92nuwVGtJvAil8nFUbYA7cVwB5R0cqeYTFjcvYXp4VPiwBVpX41HGe7swOnGw2OdQrowspppDxSH0qwLr3ToT3KV1F1lNVMTAtY2cNFvOADG_asVvBN9qLxsZ6GmqrfQCpy7P9rKnRju08TRhaDCF5IKacQHqth0jBeahSggq8Vlrcybi-xlTUJGWWoOMnt3UqJurzM1E8cTmoxv0NnthjZB_AOBGFY6ti5T47W0XvgUC6VBgPP2PtwRRQ5qMnkmg_eKOzV1Cy9eKqDVmQHNabwFFjbptuARMsybWPuDrCJfADvq0iv89g8ucFZWoMA2dWuh2sl0QPiEMtj_Al5hUH0IM9aBcNTiOZ7b-hiR6enLHtasQVDCyFriCiZiYdFrGJVoEcVP7mIrIWbGoTi3cTBzWbMHG3XCEhVrV4iTHChoLwaI2wMBu-J2fr_9A_QtQ2rhZufJ4QbJuoa6NPvbqdKhzwtHCpn9yingrr7id2T0eupxH8evuiddcm7hufPQKqDGsBQpstdG5sgqjmGFPRWETi7sc4Vk2_Svob2ql8ZbcTDbDUtrkeZ82fWxng89Tm9nAQP43q22nlc0VHK2zgb4opnI9Cagp3zKejUp_RkLXCqVj0tv3-CIfVGT-xREGgMLMWmECm_lthfhZv45TW3j6nZgeOa0veRQG0l_RbP6RKgWFBoXm5ZipLw__YJeupH31fnJzZtDebtvW9v2Rl4hbecdE4-E3t1oFb6T0FjNXZZkOYqYBaLumnc_8PSR7Cg3ms6M87CPTbwC9Emmr06QPZTWBOeKIoEI4P4oaLjgqCUwjgcdx8BPXOBEN5wcuKef4QOLsasPzj4wVa42D-DDRlUhqJuyJT3NKSdjQiY4OUHUK6OL0D8TKhw

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Nov 2020 18:09:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
status: 204
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 86E7 42 B
94 B 15ms
15ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjn5Dy1eOFruDNYACs_QmC-UCfsnouLbpjogDkdISGNvWHK0I-IFWUBIOZfLxJOtXIG770HrrMhRW5Qeci6hledFMCY-LOKnh70UosrYA&sig=Cg0ArKJSzA83Zadr2EwXEAE&adk=3386903054&tt=-1&bs=1600%2C1200&mtos=0,1011,1011,1011,1011&tos=0,1011,0,0,0&p=0,0,250,970&mcvt=1011&rs=0&ht=0&tfs=1399&tls=2410&mc=0.96&lte=-1&bas=0&bac=0&met=ie&la=1&avms=nio&niot_obs=1297&niot_cbk=1322&md=2&btr=0&cpmav=0&lm=2&rst=1605377363188&dlt&rpt=1349&isd=0&msd&xdi=0&postrxl=1&ps=1600%2C5348&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-6-11-11-0-0-0&tvt=2405&is=970%2C250&iframe_loc=https%3A%2F%2Fpowerball.com%2F&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201113

Requested by

Host: powerball.com
URL: https://powerball.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Nov 2020 18:09:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pd Show response
eu-u.openx.net/w/1.0/ Frame 2E7A
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405

68 B
165 B

62ms
61ms

XHR
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.197.0 /
Resource Hash: 4cde20607a069eefd4289f5f75cbacac271db09ca6fb9fbfaf615876ee6f9257

Request headers

Referer: https://powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:09:26 GMT
content-encoding: gzip
server: OXGW/16.197.0
status: 200
vary: Accept, Accept-Encoding
content-type: text/html
access-control-allow-origin: https://powerball.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 70
via: 1.1 google

Redirect headers

date: Sat, 14 Nov 2020 18:09:26 GMT
via: 1.1 google
server: OXGW/16.197.0
status: 302
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://powerball.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 2E59 0
0 50ms
50ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.197.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=841964bc-c226-0bd1-066b-67123ddc5730|1605377362; pd=v2|1605377362.1|j8gmmWkijofcsHqGgqiysLiSmOgevNomgunsn0gi.fogSvStuvWvTvtmuvQsfrF
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=841964bc-c226-0bd1-066b-67123ddc5730|1605377362; Version=1; Expires=Sun, 14-Nov-2021 18:09:27 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1605377362.1|j8gmmWkijofcsHqGgqiysLiSmOgevNomgunsn0gi.fogSvStuvWvTvtmuvQsfrF; Version=1; Expires=Sun, 29-Nov-2020 18:09:27 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.197.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sat, 14 Nov 2020 18:09:27 GMT
content-type: text/html
content-length: 70
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 3731 0
0 48ms
48ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.197.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=841964bc-c226-0bd1-066b-67123ddc5730|1605377362; pd=v2|1605377362.1|j8gmmWkijofcsHqGgqiysLiSmOgevNomgunsn0gi.fogSvStuvWvTvtmuvQsfrF
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=841964bc-c226-0bd1-066b-67123ddc5730|1605377362; Version=1; Expires=Sun, 14-Nov-2021 18:09:27 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1605377362.1|j8gmmWkijofcsHqGgqiysLiSmOgevNomgunsn0gi.fogSvStuvWvTvtmuvQsfrF; Version=1; Expires=Sun, 29-Nov-2020 18:09:27 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.197.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sat, 14 Nov 2020 18:09:27 GMT
content-type: text/html
content-length: 70
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame F493 0
0 61ms
60ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by: Host: powerball.com
URL: https://powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.197.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=841964bc-c226-0bd1-066b-67123ddc5730|1605377362; pd=v2|1605377362.1|j8gmmWkijofcsHqGgqiysLiSmOgevNomgunsn0gi.fogSvStuvWvTvtmuvQsfrF
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=841964bc-c226-0bd1-066b-67123ddc5730|1605377362; Version=1; Expires=Sun, 14-Nov-2021 18:09:27 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1605377362.1|j8gmmWkijofcsHqGgqiysLiSmOgevNomgunsn0gi.fogSvStuvWvTvtmuvQsfrF; Version=1; Expires=Sun, 29-Nov-2020 18:09:27 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.197.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sat, 14 Nov 2020 18:09:27 GMT
content-type: text/html
content-length: 70
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.openx.net/	1970-01-19 14:17:53	Name: pd Value: v2\|1605377362.1\|j8gmmWkijofcsHqGgqiysLiSmOgevNomgunsn0gi.fogSvStuvWvTvtmuvQsfrF
.openx.net/	1970-01-19 22:41:53	Name: i Value: 841964bc-c226-0bd1-066b-67123ddc5730\|1605377362
.powerball.com/	1970-01-20 07:27:29	Name: _ga Value: GA1.2.1220759844.1605377361
.powerball.com/	1970-01-19 23:17:53	Name: __gads Value: ID=13fbf82ad9f2388c:T=1605377363:S=ALNI_MaWaothgkDJ6gPhfq1BGLPkCvv1hg
.powerball.com/	1970-01-19 13:57:43	Name: _gid Value: GA1.2.2147194622.1605377361
powerball.com/	1969-12-31 23:59:59	Name: OX_plg Value: pm
.powerball.com/	1970-01-19 13:56:17	Name: _gat Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15bb87f7bf5870eb9d5da55ba7cc4510.safeframe.googlesyndication.com
49066fdf39dbf690a5949570c8bb81b8.safeframe.googlesyndication.com
6662fcd9070aae1b93a1d98e6f932518.safeframe.googlesyndication.com
ab42dcc19ec28a362ef1ac5cb392cc1e.safeframe.googlesyndication.com
adserver.adtech.advertising.com
adserver.adtechus.com
adservice.google.com
adservice.google.de
api.lanistaads.com
as-sec.casalemedia.com
b0ee07527caf8d4ae1f0c56fa2b21124.safeframe.googlesyndication.com
bidder.criteo.com
code.ionicframework.com
d2si3hiz85fm4q.cloudfront.net
d2tbmvllb55wxq.cloudfront.net
dc5fec73264351bda8446a12f9fde2f0.safeframe.googlesyndication.com
deio3v2go54x9.cloudfront.net
dmx.districtm.io
dw7nrwnn2bkh1.cloudfront.net
eu-u.openx.net
fastlane.rubiconproject.com
fonts.googleapis.com
fs.gweini.com
gum.criteo.com
hbopenbid.pubmatic.com
i.clean.gg
lanista-bidder-d.openx.net
muslapi.musl.com
pagead2.googlesyndication.com
powerball.com
s.gweini.com
s3.amazonaws.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
wowyowapi.com
www.google-analytics.com
www.googletagservices.com
104.111.215.135
104.16.68.69
104.219.254.16
143.204.215.44
152.199.21.35
172.217.22.66
178.250.0.165
185.64.189.112
2600:9000:2057:5400:15:3f44:b280:21
2600:9000:20ae:9600:e:ff8:b40:93a1
2600:9000:20ae:c200:6:266a:9940:21
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:4700:20::681a:7ad
2a00:1450:4001:800::2001
2a00:1450:4001:801::2001
2a00:1450:4001:801::200e
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:817::2002
2a00:1450:4001:81a::200e
2a00:1450:400c:c03::9b
2a02:2638::1c
2a02:2638::3
3.210.81.118
34.234.199.175
34.95.69.49
34.98.126.214
34.98.64.218
35.244.159.8
52.217.67.14
52.37.186.198
54.230.228.95
69.173.144.141
00dfd24963305a6a979cc6cbe0c6b09cf91f31def2c6c117bde2df9f3c3a1977
03bdd68a1e549bf59bc419d1842bec52628885efc75ed8a58a7d1f7671d6c4d7
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06a79a26274c60253bdb0a153a7a2f1d60e9b0fec21dd9ceb9a1187c3ba5a3cd
06ef905faafedcc71b11e25d395607fb6fef70fdbdaceb87c744255c67624799
084fd154266692bdc0410bb5e3a74dbd35c4c544b7e84ce52dd4643a0c49b97e
088b616e24711a624d186a6c5f34fa7e57038c9742be01a2b9b0bc54deab3482
0c2e68f39502650756db6641d20ce2ffae77eae88ae0ecb646826ff475f1a0b6
0f7629d61b75eb6d7c66ef4b50d1834816a73712cff60247ac19f997502ba573
12b66ed14ac75ad0379df5860a3a2164fd1d0204221cc88bf72e3956bd44577a
16bc74e3ebb6ef6cc2c56565701502e39ea269aa665dd74da5742d371f3b2939
1a67f0d874ea37d9bfc919d26a7e1a06d0154513c43e4d4ba1d7e8a6271dba3a
1ab2b90221143759d0cd61d26cd6ca890bf1199710186af4d59a01ba73e789e8
1b1d51840695cebf90274b527443cd64945cd9dfc5d2b785b0a772996ec588fc
1bdc22fea192ccae8d49af471f22e035d0e0bfc695055a58cf7d5ef3f67e30c1
1c67ddd1bbf200ba5e5e0a6918d2e27988d20605a84c4054d284f06c5da4725f
1d96ab2b7dfed04789709927a4ee0c96dff6a9724f6544d0e3e72163d9ed933b
20cbfdda3b89df3d3c52fd63f0c9ee05ee2bf92494b08b6cab7e0aec3df45474
2ae2901f146e2e0eb83648fdfc19c78aca16e1674313e164bc93c3739bba5d36
2d0d2037bb2a549b1aa2e67834687af55bf4c3e32dece3e79e4c27f1c90c7199
325cee8a45b452b68fe28fb92173f63a7f19967dbe3bf794bf4e3211772150c9
34a5447cfe3025eaed781049a76c1931403c18549b77ed4b649944a13defde68
353a59d05970b6687c82b9521172bc8adffe0ec7b7b27f34fa7061c75f1d7a04
36c537918428cfb1573c5e1d75d0891bef788af37455c120a93057ef3374e44b
37cc0451eec571b22864bfac29a3766ccebe2d1e48ac4a552a8e9b8e6f9be02f
39403e8432066c7809c34d03b0c4a38b63be6c04a66b5336ffaac508958798a0
3cde3dc0691b364cf1af3f233269802b8b4d566b962c107fc49966e839222f1e
3d1d0efcac5d213b89c532db6bd846541b32cbe3190d0d35770dc7280846e71d
3edf24dedbacca771946f5e4200a9cb48a7184787db7010159f558c515f80275
441cacde84c3fa07e835536bfa606229aff53036ededace76d87a13769bca70a
442f5fbc4ca36945554fb357000bca13625954ef68cfe1a78a9a75224771ebd9
478eed09c2a5870bda05b7b2ad7eba224272cc5225a7226de9e7920e3ec20d70
47a3d1d29044a5086d50d45f66600b612cdd16df4893eaf01571c8d2d714f42c
4802bcd22ef4944c802bd1bfa1434a199a8f3c3480252ebfbf54e3272c19b7fc
4bd898800a3d6e073a377c52e661e066644231f0d1bafaf4604a1fc5ebc025c0
4cde20607a069eefd4289f5f75cbacac271db09ca6fb9fbfaf615876ee6f9257
509d3c3c026fd85ee8c4c3f7184f9d2c50bf8a37d084d61c6ef9f0af62fdc510
5111b3af3c37b8466db90632f3cdb79670a1af92835aa85a510260b52f045a71
51f45c89e5baf365e97a33c12bcd2a8bd365f5e156a519eb3c6db4a270ef0d1a
52fe2f0394335dab93ffb9cac2bea65d4460b5d24cbc3861e62392194b11bfff
5444170add44bc07eb260682356b61b0d1dfb51175f302c7e71f9e6ed205a22f
586f76dc6bb5b23638b5952b115013e6cde86c5d0b18d071fc7a5b2a21787ff7
587843e8250773df7ab65fc848b867dafea14bda7e849b9839500ae19893940e
59f5fcb6da9d8dd2bc430bc879fc48e0421e3f7c8954578eedb491c5db2b02ac
59ff4e9457a98e72723231e1ad962b8c2a77c67f6c025dc6464843931d061c0f
5a5f9899f9c1147c3f4ebaf57fa881ccc8b0a35a38dfe0408d2fd0f4c600e4fd
5d1765ca16cb96e4294a5c96b2084b580e200a2743b1ff7805d18bd8348825e9
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2
60d9368fc1deb5a275b3786195a53ef1272fc24b05a313aa52b1bfcc0a0356a3
62a6c980b8be129cceb54b1c6e63cbf6be73035a0580640635096fb0df2d51ec
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
66fc54a98b293328d2b284b173eb7d0473888e55afe3b5e8ba151b12a526b63f
676788eac82d90570b7eb37cbe79b56ddb61b3884014e19515ed5d0b175518d6
6b3422c0bf088fb098d4cf5a1e63791c8eecdcb4d3ab1dc0c36f19a30b171e36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bac28b40c710514ce42fda86320277f18b0c22a4ddb3091748cfe6493359a78
6ec2cf5a4d9b10423ca6e413d5fd8afaea310e3b78f68831dc134b25f14a0f1b
77e253f505244807bb3b20519289552308191f98fee3bf62a5ed216ef0027bbf
7a259155dc178421c9b729db60b3ccb553630e6bcfd596bf56920a025459d7c3
821e02b7009ed37828e3acf4c71ae2f7949acd106935854e5e668d75c07e8d37
8ad95f25228413950336120708c2bf63a71bf1424c0e6313b6af5dca40171ed2
90f8a1b7383a69e746bac8e5b5f60c46f4365156f049cf1d02a1a120c4a6cf1e
91822d970ea4cb3dbae6039431aaebfd36c46997c43a53a507518eed6dc230b2
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
946a4a92ed1abe0bc69dabb3125912b3214b7545ef0b69abb8d531047dd326ac
96c89ec734c7752e7c75aaf206e8cddcfbb8fef9c103bee66a78748df450cf23
9b0e415f742585b82139fb7076506657dde225088247e2ac0fba6f88a3d19588
9bfb3b51af4299412b11882b14b5f00c7d4acd274d9604600fd3735d7393e729
a033dfd05c28552ef231e1f03f2fbe2ae1de5d36050cbab306e4eb79379335cd
a2ef194ebea955025ec930aaa5c9adfb4bb5169751962ef42720c95982827d76
a57c9e62447467753e18a6156de0555439e4da83afa4f03cff1771f48b8f6a28
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee8f6c904d21fb3cd41ea1db98629c28a18b0f86543cc2a3d1d31280bfbb589
af9ef9e4461af3cc15cc952c6e15a1b61e9d71aceb089faa5a376f890f12f6a4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b587b14d52dbe3b7f022df8029480b80f6f8edf6942268c25d2a7c41a84195f8
b5abf5b778d2b365d80d73fe19360dc9d79b037de4533335716e3a10cb02a19e
b758f60ab7ad38a56bdff71e6464b146312ea575f56ab7f6b05ed7f157f5bc48
b7eca0566a433074b3919b13144df2921b0b000f7521a2917910db3cc26e0ec2
b9b9103c60ef2c61de42660d6cd67a82d9816426f2b0f0c0a8fa3a1deae3538c
ba3db19758b8e5004cd06839aebaaa8fb63a2e55ec13db34c7d2e9328a941a36
ba7b2e4051f31892835b810c80389f065f296c4987fb664441e98078fa202797
bc3885219e4d0a9175100b9462d3188c0819073518907d378efd2d04e491cd67
bccb0a308fbb44b2d9bb821ec1f556a7c02b548b364b403d35622144cc08d60b
bd4c78cb4cd5c2c87a907794076f7a7f7392f9df50958389afbec8c40eb5da8a
be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4
becfbf498f3cc9647d8fc8a70816cb1f3f73803a9fa293735cb9059c77854409
c0f02a3ba3b3498d9ff3243cd2185bbf9f9c961f1373b2b463dfa025c2d57c5b
c289fc13d24db3dee7916fb4fdd73dcc8fb0723f2ccdb2fd095cf352a0363a21
c60536e1387fd63f18755c87e9028bc138c1cb11fc77a64a159777aae49a12b5
c9a9cadda2e12dd1c246db8b30adc5a2c2584fb931e1a024b4c29bac261d78fc
cbc8abcf771fbe0106242a5f0fb5c6abcee8f5e2eb295bd5099999bafe14f446
cc6a35e7dab489b088c071fc775e3cf588c8cc459c2aefc588fd3b5b63c4f04f
cd9c139673051af705b80d8eb599aa53d534b8d51674f0f8d4dea65a449e51e2
cec7b7ab2f97e76737b96b13651fd0dd0bd22752713cfca094b15f2bbbc262a6
d134107061dcfaad34af3db635f5ca3b3e368bdeeada543ac4b2b6e183c6ecb8
d2b2822c6367990fdca0bad9a373e6ae8e9741565641fe1b7519cebb5d0db603
d67eaa6e32c34eea44a3f90b36561f63181ed3d0407665e4e7dc48d54e5b266d
d90fe56d5322d03430a767ffbff32757f35e50d09efaf2102bdf3266f3ffe4d3
d9f9302403f3ff37116c63167633fac42db2cb3315ca86b361d7ece48f7a1185
df3317fe7031ec742daeed002d97da566a8648fbacb939fce19093f17a79d5c1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e6e69ae9133bcc7f46c03b0b6608b525ed2cf440c9a218649f9525368093836a
e703a92a166d64eba9b39e066909ad90bfc11299b3ca14ec0c70c4a8e92e68c4
eab42dac98795c50f2268c0cf5b318f0dd6c2115db7570c8ac479e108f526167
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b23a6200bdb4728ad055b6439a7055e73c62e61a97804fa6ac13871164c198
f271ca8720194c2ccc73be15ea8d71992c7660f9aa065b56fda2769b3f818727
ff5e5f296b0ef16c2c0d6fbc4f47680335eac8b0a452f413e032531e9788238a
ff60bf71801ba353fc4ee363fcd10e085d9e7bb7b1931c4ca7bbbf58fc5006f0
ffd2b669b1e9644f9c9173f577c545125cd4424a599f3c6068f57299cc2f5368

powerball.com Open in urlscan Pro 34.234.199.175 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

216 Requests

100 %HTTPS

49 %IPv6

25 Domains

39 Subdomains

35 IPs

6 Countries

6159 kBTransfer

9252 kBSize

7 Cookies

0 Outgoing links

Redirected requests

216 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

powerball.com Open in urlscan Pro
34.234.199.175 Public Scan

Screenshot
Live screenshot

Full Image

216
Requests

100 %
HTTPS

49 %
IPv6

25
Domains

39
Subdomains

35
IPs

6
Countries

6159 kB
Transfer

9252 kB
Size

7
Cookies

216 HTTP transactions
4 data transactions