www.powerball.com Open in urlscan Pro
34.231.48.239 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.powerball.com/legal/terms-conditions
Submission: On July 26 via manual (July 26th 2021, 9:10:57 am UTC) from GB

Summary HTTP 126 Redirects Behaviour Indicators

Summary

This website contacted 45 IPs in 8 countries across 49 domains to perform 126 HTTP transactions. The main IP is 34.231.48.239, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.powerball.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 11th 2020. Valid for: a year.

This is the only time www.powerball.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	34.231.48.239 34.231.48.239	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:215... 2600:9000:2156:6c00:15:3f44:b280:21	16509 (AMAZON-02) (AMAZON-02)
10	52.217.70.206 52.217.70.206	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:451d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	3.212.26.136 3.212.26.136	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
1	143.204.98.67 143.204.98.67	16509 (AMAZON-02) (AMAZON-02)
2 29	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	13.224.118.209 13.224.118.209	16509 (AMAZON-02) (AMAZON-02)
2	34.98.126.214 34.98.126.214	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
8	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4 4	3.66.135.160 3.66.135.160	16509 (AMAZON-02) (AMAZON-02)
6 6	54.93.122.90 54.93.122.90	16509 (AMAZON-02) (AMAZON-02)
2 2	18.195.105.17 18.195.105.17	16509 (AMAZON-02) (AMAZON-02)
4 4	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
12 12	54.246.13.173 54.246.13.173	16509 (AMAZON-02) (AMAZON-02)
9 11	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
2 2	185.86.137.131 185.86.137.131	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
4 4	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
2	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
2	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	213.19.162.31 213.19.162.31	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1 1	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
1	18.192.228.194 18.192.228.194	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1	18.184.162.185 18.184.162.185	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
2 2	94.23.171.206 94.23.171.206	16276 (OVH) (OVH)
2 2	51.79.83.225 51.79.83.225	16276 (OVH) (OVH)
2 2	54.194.226.253 54.194.226.253	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2	2600:9000:215... 2600:9000:2156:ec00:e:ff8:b40:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	34.209.78.19 34.209.78.19	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1 1	51.255.68.171 51.255.68.171	16276 (OVH) (OVH)
4	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2.16.107.88 2.16.107.88	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	54.243.72.15 54.243.72.15	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:42d... 2600:1f18:42df:3a01:e98f:cdd0:4c16:e538	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
126	45

3 34.231.48.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-48-239.compute-1.amazonaws.com

www.powerball.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:6c00:15:3f44:b280:21 (United States)

ASN16509 (AMAZON-02, US)

d2si3hiz85fm4q.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.217.70.206 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:451d (United States)

ASN13335 (CLOUDFLARENET, US)

code.ionicframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.212.26.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-26-136.compute-1.amazonaws.com

s.gweini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-67.fra50.r.cloudfront.net

fs.gweini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

lanista-bidder-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.118.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-118-209.mad50.r.cloudfront.net

d2tbmvllb55wxq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.126.214 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 214.126.98.34.bc.googleusercontent.com

api.lanistaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.66.135.160 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-135-160.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.93.122.90 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-122-90.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.105.17 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-105-17.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.22 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.246.13.173 (Dublin, Ireland) 12 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.34 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.140 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.131 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.241 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.236 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.31 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c387a00789dfd8f8f15c2e62b7d5528e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.190 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.228.194 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-228-194.eu-central-1.compute.amazonaws.com

j.mrpdata.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (United States)

ASN41041 (VCLK-EU-SE, US)

openx2-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.149 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.162.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-162-185.eu-central-1.compute.amazonaws.com

match.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.23.171.206 (France) 2 redirects

ASN16276 (OVH, FR)

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.79.83.225 (Beauharnois, Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: ns5000442.ip-51-79-83.net

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.226.253 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:ec00:e:ff8:b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

deio3v2go54x9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.209.78.19 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-78-19.us-west-2.compute.amazonaws.com

wowyowapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f872cadd83927e25fd5b072b053cea9a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.255.68.171 (France) 1 redirects

ASN16276 (OVH, FR)

dsp.nrich.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.107.88 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-88.deploy.static.akamaitechnologies.com

pxlclnmdecom-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.243.72.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-72-15.compute-1.amazonaws.com

dt.clnmde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:42df:3a01:e98f:cdd0:4c16:e538 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt6.clnmde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	openx.net 3 redirects lanista-bidder-d.openx.net eu-u.openx.net us-u.openx.net rtb.openx.net	121 KB
20	doubleclick.net 9 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	240 KB
12	googlesyndication.com c387a00789dfd8f8f15c2e62b7d5528e.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com f872cadd83927e25fd5b072b053cea9a.safeframe.googlesyndication.com	73 KB
12	bidr.io 12 redirects match.prod.bidr.io	6 KB
10	amazonaws.com s3.amazonaws.com	897 KB
9	clnmde.com dt.clnmde.com dt6.clnmde.com	3 KB
6	bidswitch.net 6 redirects x.bidswitch.net	2 KB
6	googletagservices.com www.googletagservices.com	177 KB
5	cloudfront.net d2si3hiz85fm4q.cloudfront.net d2tbmvllb55wxq.cloudfront.net deio3v2go54x9.cloudfront.net	594 KB
4	media.net contextual.media.net lg3.media.net	144 KB
4	google.com adservice.google.com www.google.com	2 KB
4	adform.net 4 redirects c1.adform.net	2 KB
4	adnxs.com 4 redirects ib.adnxs.com	4 KB
4	w55c.net 4 redirects pm.w55c.net	3 KB
3	pubmatic.com 2 redirects image2.pubmatic.com hbopenbid.pubmatic.com	1 KB
3	criteo.com bidder.criteo.com gum.criteo.com	1 KB
3	criteo.net static.criteo.net	39 KB
3	powerball.com www.powerball.com	12 KB
2	akamaihd.net pxlclnmdecom-a.akamaihd.net	38 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	onaudience.com 2 redirects pixel.onaudience.com	1021 B
2	erne.co 2 redirects green.erne.co	569 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	613 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com	876 B
2	google.de adservice.google.de	975 B
2	districtm.io dmx.districtm.io	321 B
2	adsrvr.org match.adsrvr.org	529 B
2	quantserve.com 2 redirects pixel.quantserve.com	995 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	smartadserver.com 2 redirects rtb-csync.smartadserver.com	1 KB
2	contextweb.com 2 redirects bh.contextweb.com	2 KB
2	creative-serving.com 2 redirects ads.creative-serving.com	1 KB
2	lanistaads.com api.lanistaads.com
2	clean.gg i.clean.gg	104 B
2	google-analytics.com www.google-analytics.com	19 KB
2	gweini.com s.gweini.com fs.gweini.com	24 KB
2	ionicframework.com code.ionicframework.com	114 KB
1	nrich.ai 1 redirects dsp.nrich.ai	486 B
1	wowyowapi.com wowyowapi.com	1 KB
1	yahoo.com pr-bh.ybp.yahoo.com	837 B
1	turn.com 1 redirects ad.turn.com	441 B
1	justpremium.com match.justpremium.com	322 B
1	dotomi.com openx2-match.dotomi.com	104 B
1	mrpdata.net j.mrpdata.net	75 B
1	simpli.fi 1 redirects um.simpli.fi	609 B
1	casalemedia.com as-sec.casalemedia.com	1 KB
1	rubiconproject.com fastlane.rubiconproject.com	2 KB
1	googleapis.com fonts.googleapis.com	1 KB
0	adtechus.com Failed adserver.adtechus.com Failed
126	49

	Domain	Requested by
14	us-u.openx.net	1 redirects eu-u.openx.net
12	match.prod.bidr.io	12 redirects
11	cm.g.doubleclick.net	9 redirects eu-u.openx.net
11	eu-u.openx.net	www.powerball.com eu-u.openx.net
10	s3.amazonaws.com	www.powerball.com s3.amazonaws.com
8	dt.clnmde.com	pxlclnmdecom-a.akamaihd.net www.powerball.com
8	securepubads.g.doubleclick.net	www.powerball.com securepubads.g.doubleclick.net
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.powerball.com
6	x.bidswitch.net	6 redirects
6	www.googletagservices.com	www.powerball.com d2si3hiz85fm4q.cloudfront.net
4	tpc.googlesyndication.com	www.powerball.com
4	c1.adform.net	4 redirects
4	ib.adnxs.com	4 redirects
4	pm.w55c.net	4 redirects
4	lanista-bidder-d.openx.net	1 redirects www.powerball.com
3	static.criteo.net	www.powerball.com
3	www.powerball.com	s3.amazonaws.com
2	lg3.media.net	wowyowapi.com
2	pxlclnmdecom-a.akamaihd.net	contextual.media.net pxlclnmdecom-a.akamaihd.net
2	contextual.media.net	wowyowapi.com contextual.media.net
2	www.google.com	www.powerball.com
2	deio3v2go54x9.cloudfront.net	d2si3hiz85fm4q.cloudfront.net
2	rtb.openx.net	1 redirects eu-u.openx.net
2	sync.crwdcntrl.net	2 redirects
2	pixel.onaudience.com	2 redirects
2	green.erne.co	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	adservice.google.com	www.powerball.com
2	adservice.google.de	www.powerball.com
2	dmx.districtm.io	d2tbmvllb55wxq.cloudfront.net
2	match.adsrvr.org	eu-u.openx.net
2	pixel.quantserve.com	2 redirects
2	sync.mathtag.com	2 redirects
2	rtb-csync.smartadserver.com	2 redirects
2	bh.contextweb.com	2 redirects
2	image2.pubmatic.com	2 redirects
2	ads.creative-serving.com	2 redirects
2	api.lanistaads.com	www.powerball.com
2	d2tbmvllb55wxq.cloudfront.net	d2si3hiz85fm4q.cloudfront.net
2	bidder.criteo.com	static.criteo.net
2	i.clean.gg	d2si3hiz85fm4q.cloudfront.net
2	www.google-analytics.com	www.powerball.com www.google-analytics.com
2	code.ionicframework.com	www.powerball.com code.ionicframework.com
1	gum.criteo.com	d2si3hiz85fm4q.cloudfront.net
1	dt6.clnmde.com	wowyowapi.com
1	dsp.nrich.ai	1 redirects
1	f872cadd83927e25fd5b072b053cea9a.safeframe.googlesyndication.com	www.powerball.com
1	wowyowapi.com	www.powerball.com
1	pr-bh.ybp.yahoo.com	eu-u.openx.net
1	ad.turn.com	1 redirects
1	match.justpremium.com	eu-u.openx.net
1	openx2-match.dotomi.com	eu-u.openx.net
1	j.mrpdata.net	eu-u.openx.net
1	um.simpli.fi	1 redirects
1	c387a00789dfd8f8f15c2e62b7d5528e.safeframe.googlesyndication.com	www.powerball.com
1	as-sec.casalemedia.com	d2tbmvllb55wxq.cloudfront.net
1	hbopenbid.pubmatic.com	d2tbmvllb55wxq.cloudfront.net
1	fastlane.rubiconproject.com	d2tbmvllb55wxq.cloudfront.net
1	fs.gweini.com	d2si3hiz85fm4q.cloudfront.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	s.gweini.com	www.powerball.com
1	fonts.googleapis.com	www.powerball.com
1	d2si3hiz85fm4q.cloudfront.net	www.powerball.com
0	adserver.adtechus.com Failed	d2tbmvllb55wxq.cloudfront.net
126	65

This site contains no links.

Subject Issuer	Validity	Valid
*.powerball.com Go Daddy Secure Certificate Authority - G2	`2020-12-11` - `2022-01-12`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
ionicframework.com Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
gweini.com Amazon	`2020-12-08` - `2022-01-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2021-06-28` - `2021-09-26`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
api.lanistaads.com GTS CA 1D4	`2021-06-30` - `2021-09-28`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.mrpdata.net Amazon	`2020-12-04` - `2022-01-02`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
tracking.justpremium.com Amazon	`2021-03-01` - `2022-03-30`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
wowyowapi.com Amazon	`2020-09-08` - `2021-10-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
*.clnmde.com Amazon	`2021-05-06` - `2022-06-04`	a year	crt.sh
dt6.clnmde.com Amazon	`2021-03-29` - `2022-04-27`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://www.powerball.com/legal/terms-conditions
Frame ID: 140DAA3369786661671380FF7488F4E4
Requests: 30 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: 27C53235EB9D5BFDE0470B644700FF5C
Requests: 12 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: 69DD9BA4B127C58B271AB802010190CB
Requests: 17 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=0
Frame ID: 03F2CE54E2F3800D25C30CC38FCE3A4A
Requests: 11 HTTP requests in this frame

Frame: https://c387a00789dfd8f8f15c2e62b7d5528e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: CC323DE7179FA60DBF221C4AA299D4BD
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: BB83231782C650892993F9FC8737FDE4
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrSnZF8q4U0TIOnQmjaN1zsa_u3VA3l5O1dBNWBgA9HLGvHR0faHlRgcIy4qwLopx_ZKpBj-e0ipdqqsEIOI3SA2t6iiqKuoBnvmNTUcUbU4p2BkQf3HqW5OJ1MdVaTRvEF-H18SUkKak4cb1HooAJD--mRlzUuP7tsphdUem67Y_4YaXqZa40to6HFvQstRJ0j6_qyQx-lNq8y5W_9xiFpft4GR5fCAU6MbTH-0HrdNFVHKQQ9zRnqkYhQmI266tAAMfTHmrKOrE7ou0XlE9Uc6YgF5IfrOMDZ_BVtwtDHmdmZRdAxQMr0wBhYFqddQ&sig=Cg0ArKJSzD8BrwbtBCbFEAE&urlfix=1&adurl=
Frame ID: 9BB778377FF278A0C8737D1502B8ABBD
Requests: 5 HTTP requests in this frame

Frame: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=www.powerball.com
Frame ID: 45420118BB0FA70C89C6780CE5A035FD
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1B83FB5A73CF46C3597F69F9D8F04751
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C6DCAACD0DFE68EB0437F8A8EDB77B8B
Requests: 1 HTTP requests in this frame

Frame: https://f872cadd83927e25fd5b072b053cea9a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 4CAB77AF3FAB05E5AE25E21A5C6B0687
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv65_VZYAiCWFkuVLvlD0S0obYlelkeBKfyEYqK4etrxI-aDMV4Z1zYxoT9ZFuLMQNdJP4iTqYPAcDagz5gXBGg4Ptaa2oh8UMrri1cKMERnuj4qrDt0ml0VqOvhy7kFcuk0vb8V1w4LxM02YYTYmfeaMh6Xj_-r6GNhxvL7y290cxefPDGu1eVUPaKVhBM0MHA_ZM6_VTeZGVtvRYCxFYyUIvhSSeI_U-bWeBFFmTRRl-yN9Sfx0yJsqsv0bYqEVUuX8FGMilf6T_S3dkySOMqO_8F9CWC_pVz0rAEW9XmixJESGSEe2NfmDuHHwxIEg&sig=Cg0ArKJSzKz94X52CwhjEAE&urlfix=1&adurl=
Frame ID: 32A087DD580CF542302CA1A3FD4855F8
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 85DF67AE7EFA78180F0FED82C907BA6A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 191347C11F146A6B6098E556D87CE735
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: 606BCBF4837CECF3462590CD79EA1995
Requests: 11 HTTP requests in this frame

Frame: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Frame ID: F7CBFA52E6BA2C75DA4D48B92BE8F3CE
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.powerball.com
Frame ID: 59A8FCC974E285CD74D032326FCB855A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Ionicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+ionicons(?:\.min)?\.css/i

Page Statistics

126
Requests

99 %
HTTPS

37 %
IPv6

49
Domains

65
Subdomains

45
IPs

8
Countries

2504 kB
Transfer

4411 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://lanista-bidder-d.openx.net/w/1.0/acj?ai=e7e2c0d0-1d73-4e5d-a7c3-f5556da212bb&o=297a55f473bec3&ju=https%3A//www.powerball.com/legal/terms-conditions&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ifr=1&tws=1600x1200 HTTP 302
https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=e7e2c0d0-1d73-4e5d-a7c3-f5556da212bb&o=297a55f473bec3&ju=https%3A//www.powerball.com/legal/terms-conditions&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ifr=1&tws=1600x1200

Request Chain 39

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=hl3by0jD1M7WD95

Request Chain 40

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=07522dc4-b946-4938-9949-b78e9c5462a9 HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=07522dc4-b946-4938-9949-b78e9c5462a9 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=29a373a6-fa95-4c70-9b4a-0f95dd54f3e8&ssp=openx&expires=30&user_group=5&bsw_param=07522dc4-b946-4938-9949-b78e9c5462a9 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=07522dc4-b946-4938-9949-b78e9c5462a9

Request Chain 41

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7307365655149182935

Request Chain 42

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFSGNrN0JfUGdBQUZaT205VUw0dw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEHck7B_PgAAFZOm9UL4w&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEHck7B_PgAAFZOm9UL4w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEHck7B_PgAAFZOm9UL4w&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEHck7B_PgAAFZOm9UL4w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=6817456822431229497 HTTP 303
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=6817456822431229497&_bee_ppp=1 HTTP 303
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AADtQU7B_PgAAFYOGUIv7Q

Request Chain 43

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=29c460fe-7c0a-4100-9118-367cbd4ac585

Request Chain 44

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=nzoeN55pSDOEbEhmmGhVN5E9TGOEPEgznD47XfPF

Request Chain 45

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4881239038953666617

Request Chain 47

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGU5M2RlMmQtMjk2Zi02YThjLTY2MDAtYzE1OWJhY2U3YmVj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGU5M2RlMmQtMjk2Zi02YThjLTY2MDAtYzE1OWJhY2U3YmVj&google_tc=

Request Chain 48

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECpgfXqX6vLuRd_6cLU0op8&google_cver=1

Request Chain 61

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=49619B4FE45B4804884EA1C5BAB2BC5E

Request Chain 64

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072977&val=ebb4eb04-3d03-4f16-81c5-dbbdd23560b4-60fe7c0b-4348&gdpr=0&gdpr_consent=

Request Chain 66

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YP58CwADNbQXQwA4 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YP58CwADNbQXQwA4&_test=YP58CwADNbQXQwA4

Request Chain 67

https://green.erne.co/openx/cm HTTP 302
https://pixel.onaudience.com/?mapped=2eGg73uvvlMkj4AnW3hYXNIm&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253D2eGg73uvvlMkj4AnW3hYXNIm HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253D2eGg73uvvlMkj4AnW3hYXNIm HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253D2eGg73uvvlMkj4AnW3hYXNIm HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=89a76fe9b3812c5724a5e2cc5e0e793a&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253D2eGg73uvvlMkj4AnW3hYXNIm HTTP 302
https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3D2eGg73uvvlMkj4AnW3hYXNIm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=2eGg73uvvlMkj4AnW3hYXNIm HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072998&rtb=2eGg73uvvlMkj4AnW3hYXNIm

Request Chain 68

https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3884640750484616840&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 69

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=vaqH20mejQaVlNdXozWPNg==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 99

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=is7kgoEM1M7WDa5

Request Chain 100

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=05d4eadc-c296-4213-9901-c9134825906e&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=283&user_id=8320fca2-4b9b-4aa9-bf68-46a709be7cba&expires=1&user_group=5&ssp=openx&bsw_param=05d4eadc-c296-4213-9901-c9134825906e HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=05d4eadc-c296-4213-9901-c9134825906e

Request Chain 101

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=8413308370648544106

Request Chain 102

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEdFFVN0JfUGdBQUZZT0dVSXY3UQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADtQU7B_PgAAFYOGUIv7Q&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADtQU7B_PgAAFYOGUIv7Q&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADtQU7B_PgAAFYOGUIv7Q&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADtQU7B_PgAAFYOGUIv7Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=6817456822431229497 HTTP 303
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AADtQU7B_PgAAFYOGUIv7Q

Request Chain 103

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b72060fe-7c0b-4800-b4ee-435041c8f131

Request Chain 104

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=WOF6qlmyLKxD437_XOgx_1znfa5D6S_5XuFLcLmt

Request Chain 105

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4743308139524278697

Request Chain 107

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDU4ZWI2OTgtZWVjYi0yZjI0LWRlYmMtN2NjYjIxN2YwN2Mz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDU4ZWI2OTgtZWVjYi0yZjI0LWRlYmMtN2NjYjIxN2YwN2Mz&google_tc=

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP5lBM0JJYUr0-FSWvkCCa0&google_cver=1

126 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request terms-conditions Show response
www.powerball.com/legal/ 36 KB
10 KB 373ms
135ms Document
text/html 34.231.48.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powerball.com/legal/terms-conditions

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.48.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-48-239.compute-1.amazonaws.com

Software

Apache /

Resource Hash

edc057a9ffe252ee9fe9172e08553310cecb4374bd881de9e0e703126a0dfbb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.powerball.com
:scheme: https
:path: /legal/terms-conditions
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:32 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-content-type-options: nosniff nosniff
cache-control: max-age=86400, public
x-drupal-dynamic-cache: MISS
link: <http://www.powerball.com/legal/terms-conditions>; rel="canonical" <http://www.powerball.com/legal/terms-conditions>; rel="alternate"; hreflang="en" <http://www.powerball.com/es/legal/terms-conditions>; rel="alternate"; hreflang="es" <http://www.powerball.com/legal/terms-conditions>; rel="revision"
x-ua-compatible: IE=edge
content-language: en
x-frame-options: SAMEORIGIN
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Mon, 26 Jul 2021 05:16:07 GMT
etag: "1627276567"
vary: Cookie,Accept-Encoding
x-generator: Drupal 8 (https://www.drupal.org)
x-drupal-cache: HIT
content-encoding: gzip

GET
H2 200 script.js Show response
d2si3hiz85fm4q.cloudfront.net/ 114 KB
38 KB 61ms
28ms Script
application/javascript 2600:9000:2156:6c00:15:3f44:b280:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6c00:15:3f44:b280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b6afad74ac69e860d6b6b827b27d931ffe29385583305b9f8d594424d3e2400

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:33 GMT
content-encoding: gzip
last-modified: Fri, 23 Jul 2021 15:07:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"f5e5a61d7daaac29d80003382a7c7545"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-id: EkBHX3msH97vRJU2EA0pnsq2YKGZHhEAY-IeFXkWpe_c2uwuMhMT4g==

GET
H/1.1 200
OK css_3GW_YHTxS02_OPzgl9qWZ-r7tZRGCdXItfvK65eg154.css
s3.amazonaws.com/cdn.powerball.com/drupal/files/css/ 7 KB
7 KB 471ms
130ms Stylesheet
text/css 52.217.70.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_3GW_YHTxS02_OPzgl9qWZ-r7tZRGCdXItfvK65eg154.css
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.70.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: dc65bf6074f14b4dbf38fce097da9667eafbb5944609d5c8b5fbcaeb97a0d79e

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jul 2021 09:10:34 GMT
Last-Modified: Fri, 16 Jul 2021 15:05:22 GMT
Server: AmazonS3
x-amz-request-id: K7AJ0JNTJSSA1CZX
ETag: "6b384793528373f709f1b68cda1d97cf"
Content-Type: text/css
Cache-Control: public, max-age=2419200
Accept-Ranges: bytes
Content-Length: 7257
x-amz-id-2: 7Mt/J3/zfbKx/OFmWF0xAVrZwO8Du/1k43cAcy16ijFYSv0DjuSD2P0A51jtG697QCFAUAKMvzw=

GET
H2 200 css
fonts.googleapis.com/ 27 KB
1 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,300i,700|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

11d4c6016909d872cb9aea53bd7066bc23ff08ee947ad525b1a70ae746846e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 07:51:13 GMT
server: ESF
date: Mon, 26 Jul 2021 09:10:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Jul 2021 09:10:33 GMT

GET
H2 200 ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 50 KB
9 KB 49ms
30ms Stylesheet
text/css 2606:4700:20::ac43:451d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:451d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: a4cc039de1c1c1736e2242ac7606a00c24c19b4b
date: Mon, 26 Jul 2021 09:10:33 GMT
via: 1.1 varnish
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 35400
x-cache: HIT
x-cache-hits: 1
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-served-by: cache-fra19154-FRA
last-modified: Thu, 29 Apr 2021 18:50:21 GMT
server: cloudflare
x-github-request-id: 2A52:33E3:8B6C60:90D40C:60FB83D3
x-timer: S1627255234.963388,VS0,VE1
etag: W/"608affed-c854"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEcdir4JLztIWilnhcDNLDRfbVBfkLd2kOqUXJtzer5YoD7vq3VXvs7HJhvgTWEGih5yyclGJwAHixtz1d269ZOerTAbvmdnd%2Fp9XbK%2BXsvJ%2BoqsUUXRCp7XagSgxo5kD0VQq9mkX504tEZ2O4TIRvMv5nvS"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 674c7ed85f5797ea-FRA
x-proxy-cache: MISS
expires: Sat, 24 Jul 2021 03:17:00 GMT

GET
H/1.1 200
OK css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
s3.amazonaws.com/cdn.powerball.com/drupal/files/css/ 184 KB
184 KB 466ms
125ms Stylesheet
text/css 52.217.70.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.70.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ebb38cf55c8bd74f2b83b45a0443696d60506e9c805d6a174e08fae991bf65ec

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jul 2021 09:10:34 GMT
Last-Modified: Wed, 30 Jun 2021 02:12:49 GMT
Server: AmazonS3
x-amz-request-id: K7AMVGBD821CX51N
ETag: "29e4b3e023623a0375473b7ae7634ca4"
Content-Type: text/css
Cache-Control: public, max-age=2419200
Accept-Ranges: bytes
Content-Length: 188017
x-amz-id-2: D1Ow2NY9TKWEVNcO861uzWirBNWP38RpW0Pi/KVFqBnrnZOQoItpPAy1eFC3OssZ8su9sIok3WU=

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 117 KB
38 KB 64ms
28ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 911e1ae59bee7c424cdc950ea226bec46af2a4048a51fec42fe2a7009e8ddb9b

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:33 GMT
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 11:00:01 GMT
server: nginx
etag: W/"60ec20b1-1d47a"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 27 Jul 2021 09:10:33 GMT

GET
H/1.1 200
OK gweiniClientV1.php Show response
s.gweini.com/ 91 KB
8 KB 769ms
154ms Script
text/html 3.212.26.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.gweini.com/gweiniClientV1.php?ClientID=PUB_ID&group=GPPowerball
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.26.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-26-136.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 084fd154266692bdc0410bb5e3a74dbd35c4c544b7e84ce52dd4643a0c49b97e

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jul 2021 09:10:34 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Content-Length: 7941
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK powerball-power-play-logo_0.png
s3.amazonaws.com/cdn.powerball.com/drupal/ 25 KB
26 KB 121ms
121ms Image
image/png 52.217.70.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/powerball-power-play-logo_0.png
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.70.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c0f02a3ba3b3498d9ff3243cd2185bbf9f9c961f1373b2b463dfa025c2d57c5b

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jul 2021 09:10:34 GMT
Last-Modified: Tue, 28 Apr 2020 05:17:42 GMT
Server: AmazonS3
x-amz-request-id: K7ASY940GH3QAXGZ
ETag: "954a0848710c5224685722e2621e667e"
Content-Type: image/png
Cache-Control: public, max-age=2419200
Accept-Ranges: bytes
Content-Length: 26090
x-amz-id-2: y3+LvYjrXBe72IFavk+P5YZmvQkSrjhXkg06ch+8qwFsg9Cg5jWILnEnwU7kpdfOjOSozPmAoXc=

GET
H/1.1 200
OK js_WS1XxDmod7uC7dg_6qfMLFtv1XiZgbhXxIBavu8XyPA.js Show response
s3.amazonaws.com/cdn.powerball.com/drupal/files/js/ 476 KB
476 KB 125ms
125ms Script
application/javascript 52.217.70.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_WS1XxDmod7uC7dg_6qfMLFtv1XiZgbhXxIBavu8XyPA.js
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.70.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 592d57c439a877bb82edd83feaa7cc2c5b6fd5789981b857c4805abeef17c8f0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jul 2021 09:10:34 GMT
Last-Modified: Fri, 16 Jul 2021 14:48:32 GMT
Server: AmazonS3
x-amz-request-id: K7APKSAVK7XE6J8K
ETag: "381dd060633d2150130cb1696ca1b178"
Content-Type: application/javascript
Cache-Control: public, max-age=2419200
Accept-Ranges: bytes
Content-Length: 487005
x-amz-id-2: ouvm7N+1Az7YwqHg1YgAvOOzXwWMQKPoinpl+L8vTvS9PVIiFdLKnPHtac6legKhO+Tit+xaJbA=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 1174
date: Mon, 26 Jul 2021 08:50:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Mon, 26 Jul 2021 10:50:59 GMT

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 141ms
108ms Preflight
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.powerball.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.17.4
date: Mon, 26 Jul 2021 09:10:33 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age: 1728000
content-type: text/plain; charset=utf-8
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 141ms
141ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Jul 2021 09:10:33 GMT
via: 1.1 google
server: nginx/1.17.4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK header-rep.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 4 KB
4 KB 234ms
122ms Image
image/jpeg 52.217.70.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/header-rep.jpg
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.70.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cd9c139673051af705b80d8eb599aa53d534b8d51674f0f8d4dea65a449e51e2

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jul 2021 09:10:34 GMT
Last-Modified: Mon, 03 Jun 2019 18:42:36 GMT
Server: AmazonS3
x-amz-request-id: K7AP7EDRCQAYDQC7
ETag: "0e973dffc15bf2796e8b24b0a1dead33"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 3922
x-amz-id-2: 6B3UdEtDueELPKF/mRXCpc6bcjVu8WSd6hNM1TJzwEs7DweG+L5ta/z7+HY3PdXWMxO5Wy61Dy0=

GET
H/1.1 200
OK ProximaNova-Regular.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Regular/ 39 KB
40 KB 460ms
135ms Font
application/font-woff 52.217.70.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Regular/ProximaNova-Regular.woff
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.70.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5d1765ca16cb96e4294a5c96b2084b580e200a2743b1ff7805d18bd8348825e9

Request headers

Origin: https://www.powerball.com
Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jul 2021 09:10:35 GMT
Last-Modified: Tue, 04 Jun 2019 03:53:18 GMT
Server: AmazonS3
x-amz-request-id: DEYB2JFGQ78DTAHG
ETag: "78adc015dc4ffc4db6e237fefddcf605"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://www.powerball.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 40260
x-amz-id-2: xXvSYdYPAa75iJImXiPOA6hBtpNOzi4VxJTuAVdq3lqVVCcsEE3YiMlYUrYPIk9+TOdUM6LKoJY=

GET
H3-29 200 ionicons.ttf
code.ionicframework.com/ionicons/2.0.1/fonts/ 184 KB
106 KB 41ms
30ms Font
font/ttf 2606:4700:20::ac43:451d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.ionicframework.com/ionicons/2.0.1/fonts/ionicons.ttf?v=2.0.1
Requested by: Host: code.ionicframework.com
URL: https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:451d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2

Request headers

Origin: https://www.powerball.com
Referer: https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 1f2b0c5331a7e470bf72d9430447180379688afd
date: Mon, 26 Jul 2021 09:10:33 GMT
via: 1.1 varnish
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 30655
x-cache: HIT
x-cache-hits: 1
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-served-by: cache-fra19155-FRA
last-modified: Thu, 29 Apr 2021 18:50:21 GMT
server: cloudflare
x-github-request-id: BA6E:F8B9:1494BF:17853D:60DD1377
x-timer: S1627259979.953438,VS0,VE1
etag: W/"608affed-2e05c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VT6hRiU%2FDDBKrJTpO9vWFpugLMHISboKkSiLSMbUODUFE2LHJcZs2rSjhguQFOTMTOsSQeMwCtS9WpcRryFd8hXrxbOwFBQ6Il5Iciq2IuI5pi4zqaMtZqqMiyirVOZDOX2Se67bp%2BQbQuHjOT00LB25%2Bj%2B"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=31536000
x-proxy-cache: HIT
cf-ray: 674c7edd4ee9bf28-FRA
x-origin-cache: HIT
expires: Thu, 01 Jul 2021 01:05:35 GMT

GET
H/1.1 200
OK ProximaNova-Bold.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Bold/ 40 KB
40 KB 468ms
136ms Font
application/font-woff 52.217.70.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Bold/ProximaNova-Bold.woff
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.70.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 37cc0451eec571b22864bfac29a3766ccebe2d1e48ac4a552a8e9b8e6f9be02f

Request headers

Origin: https://www.powerball.com
Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jul 2021 09:10:35 GMT
Last-Modified: Tue, 04 Jun 2019 03:53:14 GMT
Server: AmazonS3
x-amz-request-id: DEY6ME90BJ91DG6D
ETag: "e05ada7ee5a2d1e5a50c5305ce23de68"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://www.powerball.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 40836
x-amz-id-2: EY5Skl2tETqi50uHjUd7o+ljAXdwFwhuyEWM2I6eY4geQTAOQtWCvU17qFagwbBWzZc7DAzJcA8=

GET
H/1.1 200
OK ProximaNova-Semibold.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Semibold/ 39 KB
40 KB 481ms
143ms Font
application/font-woff 52.217.70.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Semibold/ProximaNova-Semibold.woff
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.70.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 16bc74e3ebb6ef6cc2c56565701502e39ea269aa665dd74da5742d371f3b2939

Request headers

Origin: https://www.powerball.com
Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jul 2021 09:10:35 GMT
Last-Modified: Tue, 04 Jun 2019 03:53:19 GMT
Server: AmazonS3
x-amz-request-id: DEYBPEFYRZ3WT3Z9
ETag: "cc1a6c632152a90dfa994a7280496cb3"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://www.powerball.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 40304
x-amz-id-2: K+FJApEtwgflbDyqx8ronpyzl2zGB6wKwoLh/9ymL89TN6DAtGFpb2kMRh7JLXkWPyQlpdZG9I4=

GET
H/1.1 200
OK ProximaNova-Light.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Light/ 39 KB
40 KB 488ms
139ms Font
application/font-woff 52.217.70.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Light/ProximaNova-Light.woff
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.70.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 91822d970ea4cb3dbae6039431aaebfd36c46997c43a53a507518eed6dc230b2

Request headers

Origin: https://www.powerball.com
Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jul 2021 09:10:35 GMT
Last-Modified: Tue, 04 Jun 2019 03:53:17 GMT
Server: AmazonS3
x-amz-request-id: DEY0Y29BMPZHV0SQ
ETag: "0b903f87bae9c87f54243c90469294ee"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://www.powerball.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 40260
x-amz-id-2: AH/VbFl1LqylTN5x1aPYYkfUqDjI62SwTLo4H4qifCdDI5JHHHQ84iKT9kCAGOcxvLvQcqNJWdk=

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 29ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&aip=1&a=1476658794&t=pageview&_s=1&dl=https%3A%2F%2Fwww.powerball.com%2Flegal%2Fterms-conditions&ul=en-us&de=UTF-8&dt=Terms%20%26%20Conditions%20%7C%20Powerball&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=132210325&gjid=1011630279&cid=1955867921.1627290634&tid=UA-29233419-1&_gid=431558355.1627290634&_r=1&_slc=1&z=127618065

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
190 B 98ms
33ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=110&profileId=206&cb=2989484294
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.powerball.com
date: Mon, 26 Jul 2021 09:10:34 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
87 B 17ms
16ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-29233419-1&cid=1955867921.1627290634&jid=132210325&gjid=1011630279&_gid=431558355.1627290634&_u=YGBACEAABAAAAC~&z=2097083022

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 26 Jul 2021 09:10:34 GMT
content-type: text/plain
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 powerball Show response
www.powerball.com/api/v1/estimates/ 162 B
552 B 129ms
129ms XHR
application/json 34.231.48.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powerball.com/api/v1/estimates/powerball?_format=json

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_WS1XxDmod7uC7dg_6qfMLFtv1XiZgbhXxIBavu8XyPA.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.48.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-48-239.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e09a5d8e3457c45de0a3dfdf246f6b1a94a59b126df1caed35cb7e0ab90016dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.1955867921.1627290634; _gid=GA1.2.431558355.1627290634; _gat=1
:path: /api/v1/estimates/powerball?_format=json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.powerball.com
referer: https://www.powerball.com/legal/terms-conditions
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.powerball.com/legal/terms-conditions
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
x-drupal-dynamic-cache: MISS
content-length: 138
x-ua-compatible: IE=edge
last-modified: Mon, 26 Jul 2021 02:38:28 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1627267108"
vary: Cookie,Accept-Encoding
content-language: en
x-generator: Drupal 8 (https://www.drupal.org)
cache-control: max-age=86400, public
content-type: application/json
x-drupal-cache: HIT
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 recent10 Show response
www.powerball.com/api/v1/numbers/powerball/ 1001 B
647 B 129ms
129ms XHR
application/json 34.231.48.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powerball.com/api/v1/numbers/powerball/recent10?_format=json

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_WS1XxDmod7uC7dg_6qfMLFtv1XiZgbhXxIBavu8XyPA.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.48.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-48-239.compute-1.amazonaws.com

Software

Apache /

Resource Hash

61d5d131a1652d6622bf40a61db090766b09e79d7ed665121484329143d3df03

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _ga=GA1.2.1955867921.1627290634; _gid=GA1.2.431558355.1627290634; _gat=1
:path: /api/v1/numbers/powerball/recent10?_format=json
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.powerball.com
referer: https://www.powerball.com/legal/terms-conditions
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.powerball.com/legal/terms-conditions
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff nosniff
x-drupal-dynamic-cache: MISS
content-length: 233
x-ua-compatible: IE=edge
last-modified: Mon, 26 Jul 2021 02:38:29 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1627267109"
vary: Cookie,Accept-Encoding
content-language: en
x-generator: Drupal 8 (https://www.drupal.org)
cache-control: max-age=86400, public
content-type: application/json
x-drupal-cache: HIT
expires: Sun, 19 Nov 1978 05:00:00 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
190 B 31ms
31ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.powerball.com
date: Mon, 26 Jul 2021 09:10:33 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
337 B 17ms
16ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:34 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 21 Jul 2022 09:10:34 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
337 B 17ms
17ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:34 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 21 Jul 2022 09:10:34 GMT

GET
H/1.1 200
OK ProximaNova-RegularIt.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-RegularIt/ 39 KB
40 KB 125ms
125ms Font
application/font-woff 52.217.70.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-RegularIt/ProximaNova-RegularIt.woff
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.70.206 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 59ff4e9457a98e72723231e1ad962b8c2a77c67f6c025dc6464843931d061c0f

Request headers

Origin: https://www.powerball.com
Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_67OM9VyL108rg7RaBENpbWBQbpyAXWoXTgj66ZG_Zew.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jul 2021 09:10:35 GMT
Last-Modified: Tue, 04 Jun 2019 03:53:19 GMT
Server: AmazonS3
x-amz-request-id: DEYF8TGTKSFXHT6C
ETag: "24d85649dddd19938b718e8d57ddb2bf"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://www.powerball.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 40116
x-amz-id-2: zxXX0tkKafNtRh+s3keMYMPD8zxmKXNHXL6NMIuRLlLr69FgvDNReDZjRqLYYWGEBR+3UjWjmCs=

GET
H2 200 gweiniV1_6_1.min.js Show response
fs.gweini.com/ 15 KB
16 KB 135ms
38ms Script
application/javascript 143.204.98.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.gweini.com/gweiniV1_6_1.min.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-67.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c60536e1387fd63f18755c87e9028bc138c1cb11fc77a64a159777aae49a12b5

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 12:01:39 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jan 2020 19:47:21 GMT
server: AmazonS3
age: 76136
etag: "e7bb56484553f1223fea5d70ca7104f4"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 15682
x-amz-cf-id: LjHBtdREzv8WODr_7DM9UwfARbAyNxM7UCKYoVPg76agFq8JNCsbzA==

GET
H2 200 jstag Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 27C5 168 KB
57 KB 113ms
69ms Script
text/javascript 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: d7f91cedc9af34e0523e78dc1aea540db1cfd97825f626df2279774488c9ec24

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:34 GMT
content-encoding: gzip
server: OXGW/16.211.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 58341
expires: Mon, 26 Jul 2021 10:10:34 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 27C5 277 KB
277 KB 214ms
91ms Script
application/javascript 13.224.118.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.118.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-118-209.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jul 2021 09:10:34 GMT
Via: 1.1 ce47d0f1e1d762a58db0f679e6a5cdeb.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MAD50-C1
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: rM9zm86AAnjIbhrD74MQXBfNJ56dTVroecLhUyude_CwNRZ8kvyYjA==

GET
H2 200 jstag Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 69DD 168 KB
57 KB 51ms
41ms Script
text/javascript 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 26b66e83fc168046181937fae3635bcd7b8addf0c033922a501680d81b5e3423

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:34 GMT
content-encoding: gzip
server: OXGW/16.211.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 58335
expires: Mon, 26 Jul 2021 10:10:34 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 69DD 277 KB
277 KB 182ms
94ms Script
application/javascript 13.224.118.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.118.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-118-209.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jul 2021 09:10:34 GMT
Via: 1.1 52686d7bb0f6b3316a4c50b617ea8077.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MAD50-C1
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: Uo_gdnWS3LSsa4lQkc4X7g2288X5_d2GiyYqKs4xG3kHBmq-hfSd9g==

GET
H2 200 ServeAd
api.lanistaads.com/ 0
0 167ms
127ms Image
image/png 34.98.126.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=970x250&SiteID=APST09010385POWB9701&Zone=ATF&g=165
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.126.214 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.126.98.34.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 26 Jul 2021 09:10:34 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-headers: Content-Type
alt-svc: clear
content-type: image/png

GET
H2 200 ServeAd
api.lanistaads.com/ 0
0 168ms
127ms Image
image/png 34.98.126.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3001&Zone=ATF&g=108
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.126.214 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.126.98.34.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 26 Jul 2021 09:10:34 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-headers: Content-Type
alt-svc: clear
content-type: image/png

GET
H2

200

acj Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 69DD
Redirect Chain

https://lanista-bidder-d.openx.net/w/1.0/acj?ai=e7e2c0d0-1d73-4e5d-a7c3-f5556da212bb&o=297a55f473bec3&ju=https%3A//www.powerball.com/legal/terms-conditions&jr=&be=1&prf=0&auid=538738919&aus=300x250...
https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=e7e2c0d0-1d73-4e5d-a7c3-f5556da212bb&o=297a55f473bec3&ju=https%3A//www.powerball.com/legal/terms-conditions&jr=&be=1&prf=0&auid=538738919&aus=30...

452 B
564 B

45ms
45ms

XHR
application/json

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=e7e2c0d0-1d73-4e5d-a7c3-f5556da212bb&o=297a55f473bec3&ju=https%3A//www.powerball.com/legal/terms-conditions&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ifr=1&tws=1600x1200
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: dd77b03d442f3d5769272bdcc3153ee0e7313ce2994a8b00712c307575d76dfe

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:34 GMT
content-encoding: gzip
server: OXGW/16.211.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.powerball.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 280
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 26 Jul 2021 09:10:34 GMT
via: 1.1 google
server: OXGW/16.211.0
location: https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=e7e2c0d0-1d73-4e5d-a7c3-f5556da212bb&o=297a55f473bec3&ju=https%3A//www.powerball.com/legal/terms-conditions&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ifr=1&tws=1600x1200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.powerball.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 27C5 68 KB
24 KB 35ms
15ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13319f25fd8473e4176955d19a09e4614170c8a7941ef7966987ad6156536580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "940 / 571 of 1000 / last-modified: 1627289117"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24127
x-xss-protection: 0
expires: Mon, 26 Jul 2021 09:10:34 GMT

GET
H2 200 pubads_impl_2021071401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 27C5 329 KB
115 KB 81ms
30ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Jul 2021 08:38:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117283
x-xss-protection: 0
expires: Mon, 26 Jul 2021 09:10:35 GMT

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 03F2 1006 B
861 B 31ms
29ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=0
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: db3b633dc73f730a566450dd4778030f91b0c6c0c7c7eddc2f17d62618c6c735

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=b15032be-499f-0bdf-2936-5308140b8671|1627290634
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.powerball.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=b15032be-499f-0bdf-2936-5308140b8671|1627290634; Version=1; Expires=Tue, 26-Jul-2022 09:10:34 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1627290634|mOgeginskin0vNomiygu; Version=1; Expires=Tue, 10-Aug-2021 09:10:34 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.211.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 26 Jul 2021 09:10:34 GMT
content-type: text/html
content-length: 543
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 69DD 68 KB
24 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13319f25fd8473e4176955d19a09e4614170c8a7941ef7966987ad6156536580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "940 / 488 of 1000 / last-modified: 1627289117"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24127
x-xss-protection: 0
expires: Mon, 26 Jul 2021 09:10:34 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 03F2
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=hl3by0jD1M7WD95

43 B
106 B

32ms
29ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=hl3by0jD1M7WD95
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:35 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Jul 2021 09:10:34 GMT
Server: PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-00d04c025752e7422@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=hl3by0jD1M7WD95
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 03F2
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=07522dc4-b946-4938-9949-b78e9c5462a9
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=07522dc4-b946-4938-9949-b78e9c5462a9
https://x.bidswitch.net/sync?dsp_id=4&user_id=29a373a6-fa95-4c70-9b4a-0f95dd54f3e8&ssp=openx&expires=30&user_group=5&bsw_param=07522dc4-b946-4938-9949-b78e9c5462a9
https://us-u.openx.net/w/1.0/sd?id=537072968&val=07522dc4-b946-4938-9949-b78e9c5462a9

43 B
106 B

29ms
29ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=07522dc4-b946-4938-9949-b78e9c5462a9
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:35 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=07522dc4-b946-4938-9949-b78e9c5462a9
date: Mon, 26 Jul 2021 09:10:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 03F2
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7307365655149182935

43 B
106 B

35ms
33ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7307365655149182935
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:35 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Jul 2021 09:10:35 GMT
X-Proxy-Origin: 185.156.175.109; 185.156.175.109; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9fee39a8-662b-4d19-9734-20aebfbd4c6c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7307365655149182935
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 03F2
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFSGNrN0JfUGdBQUZaT205VUw0dw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEHck7B_PgAAFZOm9UL4w&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEHck7B_PgAAFZOm9UL4w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEHck7B_PgAAFZOm9UL4w&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEHck7B_PgAAFZOm9UL4w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=6817456822431229497
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=6817456822431229497&_bee_ppp=1
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AADtQU7B_PgAAFYOGUIv7Q

43 B
106 B

29ms
29ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537125688&val=AADtQU7B_PgAAFYOGUIv7Q
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:36 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537125688&val=AADtQU7B_PgAAFYOGUIv7Q
Date: Mon, 26 Jul 2021 09:10:36 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 03F2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=29c460fe-7c0a-4100-9118-367cbd4ac585

43 B
106 B

29ms
29ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=29c460fe-7c0a-4100-9118-367cbd4ac585
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:35 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 26 Jul 2021 09:10:25 GMT
Server: MT3 3810 5cb7d7e master zrh-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=29c460fe-7c0a-4100-9118-367cbd4ac585
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 26 Jul 2021 09:10:24 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 03F2
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=nzoeN55pSDOEbEhmmGhVN5E9TGOEPEgznD47XfPF

43 B
122 B

30ms
28ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=nzoeN55pSDOEbEhmmGhVN5E9TGOEPEgznD47XfPF
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:35 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:34 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=nzoeN55pSDOEbEhmmGhVN5E9TGOEPEgznD47XfPF
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 03F2
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4881239038953666617

43 B
106 B

29ms
28ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4881239038953666617
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:35 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:35 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4881239038953666617
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 03F2 70 B
265 B 141ms
44ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=62fc0de7-e018-3428-73e0-9be0702cb58c&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 03F2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGU5M2RlMmQtMjk2Zi02YThjLTY2MDAtYzE1OWJhY2U3YmVj
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGU5M2RlMmQtMjk2Zi02YThjLTY2MDAtYzE1OWJhY2U3YmVj&google_tc=

170 B
188 B

41ms
40ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGU5M2RlMmQtMjk2Zi02YThjLTY2MDAtYzE1OWJhY2U3YmVj&google_tc=

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGU5M2RlMmQtMjk2Zi02YThjLTY2MDAtYzE1OWJhY2U3YmVj&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 03F2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECpgfXqX6vLuRd_6cLU0op8&google_cver=1

43 B
106 B

34ms
33ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECpgfXqX6vLuRd_6cLU0op8&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:35 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECpgfXqX6vLuRd_6cLU0op8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021071401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 69DD 329 KB
115 KB 45ms
45ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Jul 2021 08:38:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117283
x-xss-protection: 0
expires: Mon, 26 Jul 2021 09:10:35 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 27C5 0
286 B 53ms
20ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Jul 2021 09:10:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.powerball.com
access-control-allow-credentials: true
cf-ray: 674c7ee55aa10215-ZRH
access-control-allow-headers: Content-Type, Origin

GET ADTECH;v=2;cmd=bid;cors=yes;alias=114a91124fb2b23;misc=1627290635079;bidfloor=0.3;
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 69DD 0
0

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 69DD 0
35 B 26ms
24ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Jul 2021 09:10:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.powerball.com
access-control-allow-credentials: true
cf-ray: 674c7ee55aa40215-ZRH
access-control-allow-headers: Content-Type, Origin

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 69DD 238 B
2 KB 194ms
81ms XHR
application/json 213.19.162.31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=https%3A%2F%2Fwww.powerball.com%2Flegal%2Fterms-conditions&tk_flint=pbjs_lite_v2.44.3&x_source.tid=6cad0dae-7fe8-4844-8f53-fa1a59c888d0&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7519614866204445
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: bc928326d0074ee3a9aaea10d6fa62ce2e6aa21a8698519c70a93021ca0f4c4c

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 26 Jul 2021 09:10:35 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.powerball.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 238
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 69DD 0
118 B 84ms
27ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.powerball.com
date: Mon, 26 Jul 2021 09:10:34 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 69DD 24 B
1 KB 109ms
47ms XHR
application/json 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=398900&v=7.2&r=%7B%22id%22%3A%229c328e24511f33%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2210ae609f9abecee%22%2C%22ext%22%3A%7B%22siteID%22%3A%22398900%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.powerball.com%2Flegal%2Fterms-conditions%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4fc9ce41636acbd666507870960a59ea0ada69e9fbaae3e3b25752897e484d76

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 26 Jul 2021 09:10:35 GMT
Content-Encoding: gzip
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
X-CS-CLIENT-GEO: 12
Connection: keep-alive
Content-Length: 44
X-AK-CLIENT-GEO: 12
Pragma: no-cache
X-AK-INITIAL-GEO: CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.109], XFF:[]
Server: Apache
Vary: Is-Traffic-Invalid,Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.powerball.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Expires: Mon, 26 Jul 2021 09:10:35 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 27C5 107 B
853 B 43ms
21ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Jul 2021 09:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 27C5 107 B
570 B 43ms
19ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Jul 2021 09:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 27C5 8 KB
4 KB 166ms
138ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2150866791607265&correlator=2503424571196545&output=ldjh&impl=fifs&eid=31061842%2C20211866&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210726&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&prev_scp=hb_name%3DAPST09010385POWB9701__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D970x250_t&eri=1&cookie_enabled=1&cdm=www.powerball.com&bc=31&abxe=1&lmt=1627290635&dt=1627290635129&dlt=1627290634687&idt=411&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=3&adxs=315&adys=2844&adks=3386903054&ucis=pajhbtw8e3eh&ifi=1&ifk=320825765&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.powerball.com%2Flegal%2Fterms-conditions&top=https%3A%2F%2Fwww.powerball.com%2Flegal%2Fterms-conditions&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x0&ga_vid=1955867921.1627290634&ga_sid=1627290635&ga_hid=2045894639&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

d078f02ec45b4a636a2f4062956d063679bccd3ade3a403bb59b7578492e347e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4153
x-xss-protection: 0
google-lineitem-id: 5292730782
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138302678468
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c387a00789dfd8f8f15c2e62b7d5528e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CC32 6 KB
3 KB 54ms
14ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c387a00789dfd8f8f15c2e62b7d5528e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: c387a00789dfd8f8f15c2e62b7d5528e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.powerball.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 26 Jul 2021 09:10:35 GMT
expires: Tue, 26 Jul 2022 09:10:35 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame BB83 815 B
809 B 31ms
31ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: eb0775c8fca4cb815e878376d4c554bea513281784195a3afbb9dcf1e259d7af

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=b15032be-499f-0bdf-2936-5308140b8671|1627290634; pd=v2|1627290634|mOgeginskin0vNomiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.powerball.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=b15032be-499f-0bdf-2936-5308140b8671|1627290634; Version=1; Expires=Tue, 26-Jul-2022 09:10:35 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1627290634.1|kiiymOgevNomgunsn0gi.j8gmmWjofcsHqGgqsLiS; Version=1; Expires=Tue, 10-Aug-2021 09:10:35 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.211.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 26 Jul 2021 09:10:35 GMT
content-type: text/html
content-length: 480
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame BB83
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=49619B4FE45B4804884EA1C5BAB2BC5E

43 B
106 B

30ms
30ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=49619B4FE45B4804884EA1C5BAB2BC5E
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:35 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 26 Jul 2021 09:10:35 GMT
x-content-type-options: nosniff
server: nginx
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=49619B4FE45B4804884EA1C5BAB2BC5E
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Sun, 25 Jul 2021 09:10:35 GMT

GET
H/1.1 504
GATEWAY_TIMEOUT c.html
j.mrpdata.net/ Frame BB83 0
75 B 106ms
22ms Image
text/plain 18.192.228.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j.mrpdata.net/c.html?ex=OpenX
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.228.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-228-194.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0

GET
H2 204 current
openx2-match.dotomi.com/match/bounce/ Frame BB83 0
104 B 92ms
63ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:35 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame BB83
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072977&val=ebb4eb04-3d03-4f16-81c5-dbbdd23560b4-60fe7c0b-4348&gdpr=0&gdpr_consent=

43 B
106 B

29ms
29ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072977&val=ebb4eb04-3d03-4f16-81c5-dbbdd23560b4-60fe7c0b-4348&gdpr=0&gdpr_consent=
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:35 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:35 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://us-u.openx.net/w/1.0/sd?id=537072977&val=ebb4eb04-3d03-4f16-81c5-dbbdd23560b4-60fe7c0b-4348&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 ox
match.justpremium.com/match/ Frame BB83 43 B
322 B 75ms
23ms Image
image/gif 18.184.162.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.justpremium.com/match/ox?ex_uid=287dc317-b7a9-0e42-21fe-1dd67159f6b6
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.162.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-162-185.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:35 GMT
content-length: 43
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame BB83
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YP58CwADNbQXQwA4
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YP58CwADNbQXQwA4&_test=YP58CwADNbQXQwA4

43 B
106 B

29ms
29ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YP58CwADNbQXQwA4&_test=YP58CwADNbQXQwA4
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:35 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:35 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1627290635.492070,VS0,VE0
x-served-by: cache-fra19134-FRA
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YP58CwADNbQXQwA4&_test=YP58CwADNbQXQwA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame BB83
Redirect Chain

https://green.erne.co/openx/cm
https://pixel.onaudience.com/?mapped=2eGg73uvvlMkj4AnW3hYXNIm&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb...
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct...
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%2...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=89a76fe9b3812c5724a5e2cc5e0e793a&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%25...
https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3D2eGg73uvvlMkj4AnW3hYXNIm
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=2eGg73uvvlMkj4AnW3hYXNIm
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072998&rtb=2eGg73uvvlMkj4AnW3hYXNIm

43 B
106 B

28ms
28ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072998&rtb=2eGg73uvvlMkj4AnW3hYXNIm
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:36 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072998&rtb=2eGg73uvvlMkj4AnW3hYXNIm
date: Mon, 26 Jul 2021 09:10:36 GMT
via: 1.1 google
server: OXGW/16.211.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame BB83
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3884640750484616840&gdpr=0&gdpr_consent=&us_privacy=

43 B
106 B

32ms
31ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=3884640750484616840&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:35 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=3884640750484616840&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Mon, 26 Jul 2021 09:10:34 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

dds
rtb.openx.net/sync/ Frame BB83
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=vaqH20mejQaVlNdXozWPNg==&ox_sc=1&ox_init=1
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
146 B

30ms
29ms

Image
image/gif

35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:35 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: clear
content-length: 43
x-request-id: cfumuakqft0c0qs7h3l57m54sc9u466e

Redirect headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 f63b6ba3-70b4-a661-4237-8d158f7b78c5
pr-bh.ybp.yahoo.com/sync/openx/ Frame BB83 43 B
837 B 111ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/f63b6ba3-70b4-a661-4237-8d158f7b78c5?gdpr=0

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:35 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9BB7 0
0 31ms
30ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrSnZF8q4U0TIOnQmjaN1zsa_u3VA3l5O1dBNWBgA9HLGvHR0faHlRgcIy4qwLopx_ZKpBj-e0ipdqqsEIOI3SA2t6iiqKuoBnvmNTUcUbU4p2BkQf3HqW5OJ1MdVaTRvEF-H18SUkKak4cb1HooAJD--mRlzUuP7tsphdUem67Y_4YaXqZa40to6HFvQstRJ0j6_qyQx-lNq8y5W_9xiFpft4GR5fCAU6MbTH-0HrdNFVHKQQ9zRnqkYhQmI266tAAMfTHmrKOrE7ou0XlE9Uc6YgF5IfrOMDZ_BVtwtDHmdmZRdAxQMr0wBhYFqddQ&sig=Cg0ArKJSzD8BrwbtBCbFEAE&urlfix=1&adurl=

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Jul 2021 09:10:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 wowyowdisplay970x250desktop.js Show response
deio3v2go54x9.cloudfront.net/ Frame 9BB7 795 B
1 KB 47ms
12ms Script
application/javascript 2600:9000:2156:ec00:e:ff8:b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deio3v2go54x9.cloudfront.net/wowyowdisplay970x250desktop.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ec00:e:ff8:b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df3317fe7031ec742daeed002d97da566a8648fbacb939fce19093f17a79d5c1

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 05:00:10 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified: Fri, 15 May 2020 00:11:29 GMT
server: AmazonS3
age: 15025
etag: "3003337c564f4ca4358edc2761ee81a6"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 795
x-amz-cf-id: eOUVNAuud_Wgn4npUkKbDyQrk3q7CaFxwzSZIb9ZOmxvJ6v3RX8aFA==

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9BB7 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:35 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627039891503395"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Mon, 26 Jul 2021 09:10:35 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 27C5 73 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:35 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627039897272555"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27998
x-xss-protection: 0
expires: Mon, 26 Jul 2021 09:10:35 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 27C5 11 KB
9 KB 39ms
18ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae6564064d15797038e2f8ae0698142f064ff79d9de48347d306269abf346108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Jul 2021 09:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8532
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9BB7 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9d28d5f4a7a552b83864510e32819ee926046884a99680695eeb08f9f985afd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 27C5 17 KB
7 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 26 Jul 2021 09:10:35 GMT

GET
H/1.1 200
OK wowyowdisplay970x250desktop.php Show response
wowyowapi.com/ Frame 4542 907 B
1 KB 729ms
179ms Document
text/html 34.209.78.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=www.powerball.com
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.209.78.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-78-19.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: 8459ce8cedefe43c38e7a0a53975193615fbb687d5a928257ea4a24c90aaf9ae

Request headers

Host: wowyowapi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.powerball.com/

Response headers

access-control-allow-origin: *
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Mon, 26 Jul 2021 09:10:36 GMT
Server: Apache
Content-Length: 907
Connection: keep-alive

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1B83 12 KB
5 KB 21ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.powerball.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 26 Jul 2021 08:02:04 GMT
expires: Tue, 26 Jul 2022 08:02:04 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4111
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C6DC 783 B
759 B 16ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4bcff27b70cd785e1f5f730f861cc6ce205ec0c892eb2ceaaeac76bdbeed4928

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ExeuocDyTGMLCyEw3ItwAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.powerball.com/

Response headers

expires: Mon, 26 Jul 2021 09:10:35 GMT
date: Mon, 26 Jul 2021 09:10:35 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ExeuocDyTGMLCyEw3ItwAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 1B83 34 KB
13 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 14:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13164
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Jul 2022 14:07:18 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 69DD 107 B
122 B 32ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Jul 2021 09:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 69DD 107 B
122 B 32ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Jul 2021 09:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 69DD 7 KB
4 KB 97ms
97ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1911186428699013&correlator=203747716150924&output=ldjh&impl=fifs&eid=31061423%2C31061805%2C31061843%2C20211866&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210726&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DAPST04010385POWB3001__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D300x250_0%252Chb-bid-303391045014e5&eri=1&cookie=ID%3D2921f4d0bb06228b%3AT%3D1627290635%3AS%3DALNI_Mbl8j7SvCclzLj_mln-ThaUxC0wOA&cdm=www.powerball.com&bc=31&abxe=1&lmt=1627290635&dt=1627290635606&dlt=1627290634723&idt=422&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1990784575&ucis=526owymqj2oa&ifi=1&ifk=3453036785&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.powerball.com%2Flegal%2Fterms-conditions&top=https%3A%2F%2Fwww.powerball.com%2Flegal%2Fterms-conditions&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1955867921.1627290634&ga_sid=1627290636&ga_hid=44151479&ga_fc=true&fws=256&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

7c84cecfdcb0eca7b29bcee53ae60f4049b49eea1abfc4641bcd4abc7e92d51b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4071
x-xss-protection: 0
google-lineitem-id: 5293712860
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138303009295
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f872cadd83927e25fd5b072b053cea9a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4CAB 6 KB
3 KB 47ms
14ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f872cadd83927e25fd5b072b053cea9a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f872cadd83927e25fd5b072b053cea9a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.powerball.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 26 Jul 2021 09:10:35 GMT
expires: Tue, 26 Jul 2022 09:10:35 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 32A0 0
0 31ms
30ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv65_VZYAiCWFkuVLvlD0S0obYlelkeBKfyEYqK4etrxI-aDMV4Z1zYxoT9ZFuLMQNdJP4iTqYPAcDagz5gXBGg4Ptaa2oh8UMrri1cKMERnuj4qrDt0ml0VqOvhy7kFcuk0vb8V1w4LxM02YYTYmfeaMh6Xj_-r6GNhxvL7y290cxefPDGu1eVUPaKVhBM0MHA_ZM6_VTeZGVtvRYCxFYyUIvhSSeI_U-bWeBFFmTRRl-yN9Sfx0yJsqsv0bYqEVUuX8FGMilf6T_S3dkySOMqO_8F9CWC_pVz0rAEW9XmixJESGSEe2NfmDuHHwxIEg&sig=Cg0ArKJSzKz94X52CwhjEAE&urlfix=1&adurl=

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Jul 2021 09:10:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 wowyowdisplay300x250desktop.js Show response
deio3v2go54x9.cloudfront.net/ Frame 32A0 1 KB
1 KB 13ms
12ms Script
application/javascript 2600:9000:2156:ec00:e:ff8:b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deio3v2go54x9.cloudfront.net/wowyowdisplay300x250desktop.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ec00:e:ff8:b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 676788eac82d90570b7eb37cbe79b56ddb61b3884014e19515ed5d0b175518d6

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 05:00:10 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jun 2020 23:48:25 GMT
server: AmazonS3
age: 15025
etag: "09141670283bfe88eea14b5bd03b90c3"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1038
x-amz-cf-id: DkKJYrPdrEo93sKa8GGvA1IhrB8ZLN7_kB0YAiKddFJceAQdEgw2fg==

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 32A0 124 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:35 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627039891503395"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Mon, 26 Jul 2021 09:10:35 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 69DD 73 KB
27 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:35 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627039897272555"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27998
x-xss-protection: 0
expires: Mon, 26 Jul 2021 09:10:35 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 69DD 11 KB
8 KB 35ms
21ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ce9941e7c94213d42901c9fef65d2594929c1a8b7d5d51fb099e085ad53b69f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Jul 2021 09:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8470
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 27C5 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071401&jk=2150866791607265&bg=!oKOlo-fNAAbnC78O5ws7ACkAdvg8WjI96a5u79RQIgQyzENQ52mcd0ytDEynYZDbGfqPYsA-FnWxKwIAAABoUgAAAA1oAQeZAoatco3yaBibhu6oj77GXCP8tmQoXQJWUpqfIBqtG3jSeM42mgnPqwYoK3UFnrgK6w3NYHh8SYYyqvNqU9gPu0z3wtcbLq-DFuQObX2rlPpS2o6fI0Rdjb_zqUSCA44T-9P4HPN-lYkeCngDXEPTlp9SZ2h_mm6GgkkrhvoyvqLUc3aNclk7uENDk19gG7THR6njSBTrEOpW0hhUvZ2L2LSCixqaxHRKFa4vEJVOGsu2d1Z8gyjN23IJofk4OADGK_ddtOOL018nQINQu8sUnCtgl5GyYJ1MNQnxHSjut8GWdmOaxj2mSFxHmPlFK1LQgRAq3v-z0qxHHP6H09NzFChf7A4DSwz25HuWYuciL48GU9MTyLcHljjIS7NvuMBl0jAOgMwCYigmkN7Z8-Y6so1QgIpLOA9_7zE9jm-1LmUCH8zA_OsI_A-Hx7NZeBFphZ7QLR4N2dYQg9bJaEKAUmP84XKgeqFlDMdJjaopHtIvGFLF2pIXwhOR69rXHCfV9lDdbIjfN3RcW-dAQFaQtF-IVc-cMVVNCq6o6sm_29ongRB522Fc5tL-Ndq4VCIAj-gdngX8GFxubgcjP4cB3LYRb56xxRhWY62UZDtubKWDzJeEMK7KerPSzeuJWcQrYyyXYK9wmcK1RbBKnO0TfVd66nPBD-cygZlPUIlDmu1RLI7ja2sO5eutCFlZDy-FCrS8C8aHbvOdJy69RDAAE7FyOE8tFfaT_3kHQpqXKLkA1hMr6dMLJCVPXwK4XR62SXWIMuE8_rUPa0AZZN2EnmUNXqtYfkldBJ9IsDmcSGgQIUaFy67U2p6oplU4x3F9qNDYBPHcUUBFay5319gT0oWt64FkVrih

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 32A0 0
0 40ms
39ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpqqaHLmgAgJK1P25eheTn0S_MgHhKMwghYpzu2FPGuxdrxJ10BGSjtqfwk8KrIspcryiRf3V65t_kaIa2QVnwursL4mMcjEwJbePW1sl3fMBvy2qWK0VUOkaFXzx541Tpcy4d_-I34rS8tTuriHcsRtJB9XN0sH22uqOdWQ2KfMUhXn2zwgxkou7xvtmV_RGReRYSF4PCsXWdht0Hi8ysSLaMLT5yu3ULALQPBX-HxGsLFBFdJNpTr64qnmY2foLhPsIb9W4Fx8uDKk7vcsNg-qaMhS-BIte0pbGRlT5S7X23JPxZlYN0nZeKBG2ljqXW&sig=Cg0ArKJSzFqitSD2dAN0EAE&urlfix=1&adurl=

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Jul 2021 09:10:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 26 Jul 2021 09:10:35 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 69DD 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 26 Jul 2021 09:10:35 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 85DF 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.powerball.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 26 Jul 2021 08:02:04 GMT
expires: Tue, 26 Jul 2022 08:02:04 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4111
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1913 783 B
533 B 25ms
23ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

27af9af868d291193ab411962a09f843c01398c397812ca24e00d8568017989e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uGjDbZjbjjDl47U0VO3jLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.powerball.com/

Response headers

expires: Mon, 26 Jul 2021 09:10:35 GMT
date: Mon, 26 Jul 2021 09:10:35 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-uGjDbZjbjjDl47U0VO3jLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 85DF 34 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/c43eojKHTIIjnCN0mOBRrq3mBMCB_MRf6Ad2ET-MShQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 14:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13164
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Jul 2022 14:07:18 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 69DD 0
463 B 62ms
43ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071401&jk=1911186428699013&bg=!GxilGFzNAAbnC78O5ws7ACkAdvg8Wo74GwM12iCfx0LI8S90x9-mdprgqi7Y6dS7MkwEsmURlWwcNQIAAAB0UgAAAAxoAQeZAoE4eGTRipfCi6pJxttKFvfsRRp5hsBulwxuU96h3OzHOCLLo_Qc6dRlCJdA83K5wVBZTL1YcAQ4NNAnc2ZMmURBlGotoigA99N3yK-F_YampVHKXGtQeSenGcZFm52VvDuYg1fPc4HdrNbZHMWjm9qy_pV4zv2zGQMnnSWR1kyujjigqwxZJNkb4IDQjoapM89fwDfOolOMwa_tVxZJvV3NAdwFimAzyMENXk0ObyXc7uQHj_20yCw1Rv4DcTyHWCwZB3sr3ZwS6DCseSzKk3Xyh0K5-oI_dGCsFM_06ltNIZxxz0BVARtLfwDw1AfQOscHN-_Be7BGLyNUtlJygpyfkgZhdnbSmqgu3psKQqwVurKFP1rGIIweuSRepEiU_I1FWsGmS3jUmFEL3gpP-wnugvyNrR1t89EAYZhcCvybGaafB82ztXwdjx23_Kn4Dxc-YROwZRtl1NYAPLXIcN6QUrjULv01up_aovLsYF0DsNUHla5DINljY5EUd83ScMmaZRtgvLLJKYYMZ0XFrMsuK1EEuGZM9O_aKnwmFiJIv0FuvkXd9iqUbLSQPVatMW_pECtTSILr9alR_qlXKnoIpahUV41mbY72Pk7Fus118-KBfsbzvAerxCvYK8JcjuQ3AXQ0d2P_304cu9wYyQcTIqaHXFWLNsGl0ROE92fPOrCoMMb6gX9niGI6ydUWl-KwWSJLEPGiycuPao5BxoliiDzqzwpyeQ7NktA0T5GMpv6o0MdHkWLHY4QeJsfsw5NhTm1R3_3HEl1VZQfiEMQgvnhMsz3zr7lXYCqYJURP_g06DH0BpfZNsQU8dFHouZsRt9TpbAk09V5iWJCEJM-prw

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 606B 1006 B
851 B 30ms
30ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: e90743092b90edcfaf509e329f9ca42f3cb320d0a1133908aa2c6b44410a8614

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=ba4d5a0b-8e3b-4e77-918a-ee9a8fbafa5e|1627290636
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.powerball.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=ba4d5a0b-8e3b-4e77-918a-ee9a8fbafa5e|1627290636; Version=1; Expires=Tue, 26-Jul-2022 09:10:36 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1627290636|mOgeginskin0vNomiygu; Version=1; Expires=Tue, 10-Aug-2021 09:10:36 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.211.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 26 Jul 2021 09:10:36 GMT
content-type: text/html
content-length: 542
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 606B
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=is7kgoEM1M7WDa5

43 B
106 B

28ms
28ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=is7kgoEM1M7WDa5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:36 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Jul 2021 09:10:35 GMT
Server: PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-0b5388877fe362141@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=is7kgoEM1M7WDa5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 606B
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=05d4eadc-c296-4213-9901-c9134825906e&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=283&user_id=8320fca2-4b9b-4aa9-bf68-46a709be7cba&expires=1&user_group=5&ssp=openx&bsw_param=05d4eadc-c296-4213-9901-c9134825906e
https://us-u.openx.net/w/1.0/sd?id=537072968&val=05d4eadc-c296-4213-9901-c9134825906e

43 B
106 B

29ms
29ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=05d4eadc-c296-4213-9901-c9134825906e
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:36 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=05d4eadc-c296-4213-9901-c9134825906e
date: Mon, 26 Jul 2021 09:10:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 606B
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072399%26val%3D%24UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=8413308370648544106

43 B
106 B

28ms
28ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=8413308370648544106
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:36 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Jul 2021 09:10:36 GMT
X-Proxy-Origin: 185.156.175.109; 185.156.175.109; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f5a5b2ce-a7ff-44e4-968d-cefa66f5f665
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=8413308370648544106
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 606B
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEdFFVN0JfUGdBQUZZT0dVSXY3UQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADtQU7B_PgAAFYOGUIv7Q&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADtQU7B_PgAAFYOGUIv7Q&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADtQU7B_PgAAFYOGUIv7Q&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADtQU7B_PgAAFYOGUIv7Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=6817456822431229497
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AADtQU7B_PgAAFYOGUIv7Q

43 B
106 B

4530ms
4529ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537125688&val=AADtQU7B_PgAAFYOGUIv7Q
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:41 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537125688&val=AADtQU7B_PgAAFYOGUIv7Q
Date: Mon, 26 Jul 2021 09:10:36 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 606B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b72060fe-7c0b-4800-b4ee-435041c8f131

43 B
106 B

29ms
28ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b72060fe-7c0b-4800-b4ee-435041c8f131
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:36 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 26 Jul 2021 09:10:26 GMT
Server: MT3 3810 5cb7d7e master zrh-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b72060fe-7c0b-4800-b4ee-435041c8f131
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 26 Jul 2021 09:10:25 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 606B
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=WOF6qlmyLKxD437_XOgx_1znfa5D6S_5XuFLcLmt

43 B
106 B

28ms
28ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=WOF6qlmyLKxD437_XOgx_1znfa5D6S_5XuFLcLmt
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:36 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:36 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=WOF6qlmyLKxD437_XOgx_1znfa5D6S_5XuFLcLmt
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 606B
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4743308139524278697

43 B
106 B

70ms
70ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4743308139524278697
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:36 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:36 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4743308139524278697
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 606B 70 B
264 B 44ms
43ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=69e16552-27bc-7180-cb5c-2672eb9dc9a3&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 606B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDU4ZWI2OTgtZWVjYi0yZjI0LWRlYmMtN2NjYjIxN2YwN2Mz
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDU4ZWI2OTgtZWVjYi0yZjI0LWRlYmMtN2NjYjIxN2YwN2Mz&google_tc=

170 B
188 B

31ms
30ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDU4ZWI2OTgtZWVjYi0yZjI0LWRlYmMtN2NjYjIxN2YwN2Mz&google_tc=

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDU4ZWI2OTgtZWVjYi0yZjI0LWRlYmMtN2NjYjIxN2YwN2Mz&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 606B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP5lBM0JJYUr0-FSWvkCCa0&google_cver=1

43 B
106 B

29ms
28ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP5lBM0JJYUr0-FSWvkCCa0&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:36 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 26 Jul 2021 09:10:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP5lBM0JJYUr0-FSWvkCCa0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dmedianet.js Show response
contextual.media.net/ Frame 4542 446 KB
142 KB 165ms
104ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CU2R40WC

Requested by

Host: wowyowapi.com
URL: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=www.powerball.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7f5970c9956a4fa1e7efa0499fde4e2ce7d868ec891da48951f7a99512f8a1e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://wowyowapi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h: 10-8
content-encoding: gzip
server: Apache
etag: "c9359a61fb2daaf80ffc594f6b745711"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
date: Mon, 26 Jul 2021 09:10:36 GMT
strict-transport-security: max-age=604800
x-mnt-w: 8-33
expires: Mon, 26 Jul 2021 09:15:36 GMT

GET
H/1.1 200
OK browserfp.min.js Show response
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 4542 109 KB
34 KB 121ms
54ms Script
text/javascript 2.16.107.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU2R40WC
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU2R40WC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-88.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: 8a53b449f42f26e1fbcb2a9cca976682bc7e76d13ab38566352685397099ce3d

Request headers

Referer: https://wowyowapi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jul 2021 09:10:36 GMT
Content-Encoding: gzip
X-Powered-By: Express
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1800
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 34344
Expires: Mon, 26 Jul 2021 09:40:36 GMT

GET
H2 200 fcmain.js Show response
contextual.media.net/1017354394/ Frame 4542 3 KB
2 KB 254ms
254ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/1017354394/fcmain.js?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU2R40WC&cpcd=S0QoxJjx8zdgMjrOCDQAOA%3D%3D&crid=964576456&size=970x250&cc=CH&https=1&vif=2&requrl=https%3A%2F%2Fwww.powerball.com%2F&nse=5&vi=1627290636788567355&ugd=4&nb=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU2R40WC

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

aed38da596ff3b7f4a55a1c2bb7c1295740d21565b2189aaf93fd84b069cd446

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://wowyowapi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
x-mnt-hl2: 10-3
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300
date: Mon, 26 Jul 2021 09:10:36 GMT
content-length: 1526
expires: Mon, 26 Jul 2021 09:15:36 GMT

GET
H2 200 bping.php
lg3.media.net/ Frame 4542 35 B
189 B 43ms
41ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?&gdpr=0&prid=8PRHGG6T9&cid=8CU2R40WC&crid=964576456&vi=1627290636788567355&ugd=4&lf=6&cc=CH&sc=ZH&lper=100&wsip=2886994110&r=1627290636453&requrl=https%3A%2F%2Fwww.powerball.com%2F&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1627290636118476173&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pgid=p1483853036t202107260910&vgd_pgids=1&vgd_uspa=0&hvsid=00001627290636447031140534857184&gdpr=0&vgd_end=1

Requested by

Host: wowyowapi.com
URL: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=www.powerball.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://wowyowapi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Mon, 26 Jul 2021 09:10:36 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Mon, 26 Jul 2021 09:10:36 GMT

GET
H/1.1 200
OK bfp_ssn.js Show response
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame F7CB 12 KB
4 KB 24ms
24ms Document
text/html 2.16.107.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU2R40WC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-88.deploy.static.akamaitechnologies.com
Software: / Express
Resource Hash: 3fc6f5ea55c0fdd696dcc85170da17433800a34832a5b6184840b3c6b2e11a01

Request headers

Host: pxlclnmdecom-a.akamaihd.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://wowyowapi.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wowyowapi.com/

Response headers

Content-Type: text/html; charset=utf-8
X-Powered-By: Express
Vary: Accept-Encoding
Access-Control-Max-Age: 1800
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Cache-Control: max-age=1800
Expires: Mon, 26 Jul 2021 09:40:36 GMT
Date: Mon, 26 Jul 2021 09:10:36 GMT
Content-Length: 3747
Connection: keep-alive

POST
H2 200 ptmdP
dt.clnmde.com/ Frame 4542 7 B
329 B 355ms
115ms Ping
text/html 54.243.72.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.clnmde.com/ptmdP
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU2R40WC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.72.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-72-15.compute-1.amazonaws.com
Software: / Express
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://wowyowapi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 26 Jul 2021 09:10:36 GMT
vary: Accept-Encoding
x-powered-by: Express
etag: W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 7

GET
H2 200 cenw.js Show response
dt.clnmde.com/ Frame 4542 36 B
360 B 355ms
116ms XHR
text/html 54.243.72.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.clnmde.com/cenw.js?identifier=bafp
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU2R40WC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.72.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-72-15.compute-1.amazonaws.com
Software: / Express
Resource Hash: 65a801f723b57e8ea832487ee47e147285cd2b7b87ef94bf20d4427821ff4b41

Request headers

Referer: https://wowyowapi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:36 GMT
vary: Accept-Encoding
x-powered-by: Express
etag: W/"24-uWdQh33bfCAQ41JIwBLxuw"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 36

GET
H2 200 ptmdDual
dt6.clnmde.com/ Frame 4542 70 B
331 B 293ms
95ms Image
image/gif 2600:1f18:42df:3a01:e98f:cdd0:4c16:e538
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt6.clnmde.com/ptmdDual?t=%7B%22gh%22%3A%22162729063658633466922877%22%2C%22za%22%3A1%2C%22gcd%22%3A1627290636597%2C%22al%22%3A3%2C%22bcnd%22%3A1%7D
Requested by: Host: wowyowapi.com
URL: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=www.powerball.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:42df:3a01:e98f:cdd0:4c16:e538 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://wowyowapi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 26 Jul 2021 09:10:36 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H2 200 cenw.js Show response
dt.clnmde.com/ Frame F7CB 36 B
359 B 333ms
117ms XHR
text/html 54.243.72.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.clnmde.com/cenw.js
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.72.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-72-15.compute-1.amazonaws.com
Software: / Express
Resource Hash: 29379dee029abe121d9f1a9ec4ceb9c682be4a5458735edae8fc4c12dd7c7b6a

Request headers

Referer: https://pxlclnmdecom-a.akamaihd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 09:10:36 GMT
vary: Accept-Encoding
x-powered-by: Express
etag: W/"24-G/IG2aN/SgMf9Q5pVHbj4g"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 36

GET
H2 200 flping.php
lg3.media.net/ Frame 4542 35 B
189 B 31ms
31ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/flping.php?reason=6&action=4&cme=wxG_qN-DlbcwEWAHhWUa3mpICoxW7Hs3kkyRsYbjHajZY_XxqR2BR_NnlEDoFcsEtO-EuvbmuV7Vycb0bSU2uVGYkQluxYZFeFHsNEC_y6gIJCPdFpWTnjmIGCJi3BHrJd-mqTz0hbLzhAOhKSt_C1hpY0UuNL9vTcJFzNx2OYIsNG8pMPJTuwowt7Cwgx3sTjwOyeHaOdFUTyqlMspdB2m6oqIBjdTmKuzSLaYiDiVA77i2AJ8lDLO6y9qjJKrpagLcDpjyEbXj14s5AT9etSQWKJ55M8O3Gd1obDf2efgI4B-2Oh9I3ZUp1I1DPzNE7L-bPFQWbpOs3wGBLSEt0_m6uGbLe5GQTZIcvs6BDZwzo2N1UuCZtdKbseqO6inRcpMQkb7R2321tt-T7_0ENszRgsJFUSzMeTxqYVFF-DxGtpfatxKg_ZFi-x7myupH25_1aMCQ10dngupsc6pyqg8nk1fI5GMsqZlPHEKjgYr95VfUtnTrKpNj1pH-NdsM_poLSZz-9mFXCO8qWningZhFXCi7BBZQ-DXyIMCO2utpEglf803MBwo_Ias9h5koCt4xDXiIwIwvCq9p3BDBvA%3D%3D%7C%7C&gdpr=0&vgd_xrw=

Requested by

Host: wowyowapi.com
URL: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=www.powerball.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

Referer: https://wowyowapi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
server: Apache
date: Mon, 26 Jul 2021 09:10:36 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Mon, 26 Jul 2021 09:10:36 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9BB7 0
0 83ms
32ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsskkygdcpjYBbY8bY6FZ9eoanALuvw2PNzMoCeADbnmlLzRjYLGD0x0mmcFBaF3RygQ-xr-Gl5OjhQSwLZbngH-kVwJ1bbZ6etXChwylGP7jtVCliR-ejAqv9ZC_IOZDLu0gWYs58D2vmOwG0Ajn5BWXxLprbplxvL7-VkCctd9lUCMt3LN_XAHZFG2Alvi81m4P8gO03aM02umDpgTfcEbi5gb8kaSyzESgZMhRBsx4PGU4TBBKi1YhfPewRsUhtxuzpdUT2PvrxMjFIAsukOVcSi-mP_OobBjJcUkhLD2n8FbSjpYgeOACM_0gq-RRQjq&sig=Cg0ArKJSzIN50jLfr8IKEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 26 Jul 2021 09:10:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 26 Jul 2021 09:10:36 GMT

GET
H2 200 ptmd
dt.clnmde.com/ Frame 4542 70 B
330 B 117ms
116ms Image
image/gif 54.243.72.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=162729063658633466922877_N4IgxmAWDWIFwG0QE4BsAWArAdg51IAugDQgAOAlgCYAu8SADEaQE4CmAZgKosA2diEMxABnFmB796ISDRpkRAUgDMAQUUAmAGKatAdwMA6MgHs9bFgCMAhr16GwJgLa7hANxEB9agIQA7AFc7EhkPb1ppBiiGAEZUDWwNZAZUZQx0bAZlGJj0BkxldAAOHBii9GEwAJEacN8QIoBhLg0AJTyAdUbKljdpYAAdFDxcLFQhuEGQGgBPMjYJobAWcKHiIbcKVfghuISklLTsIpLUbGVMTDWhyDDqRZBo2PjE5NT0zOzc-MKS7DL0EMAL5A4R+az0dBJdBoRIYYgxQoMIqfZDEApRcpFZQMELgkTwJKkCjWJz0XHE6wEuBFYl9OAMQyYUg1aw0aqQ4jKZRc9Bc5lpLnYLm05RookxZAhABeELgMVIZAA5vAQH1SGw-PTyCBSErIKq9q9DqhMEVUoVUKhkBoNCjsLrptSQLkkkUGNh0PFLkVHR5VahDIz0NlHbZ4DyQBwwPAALQKkBsGgUQ0vA7vR01FUMlmwOAutNvNKeDIMZAFPLu5DIR1sChkQ0lQwxfDN7CYZtlv0WVVkFgmKi1gJyhMBFPyjVuXj0UDgpxsVWWahUCzhR1UNly0BLqgrlbUeCBOykTZr-NG9NHE74c6XEAgkJkGM50T0+Ms3g1VP7IumooxR1eA4eAE1PA9z0LE1jlOW9MEdKoajPBpmjaTpuj1Z8LyLf4UlIABHBcJyjccNCBIA
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.72.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-72-15.compute-1.amazonaws.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://wowyowapi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 26 Jul 2021 09:10:37 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H2 200 ptmd
dt.clnmde.com/ Frame 4542 70 B
330 B 125ms
125ms Image
image/gif 54.243.72.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=162729063658633466922877_N4Ig1ghiBcIKwHYCMBOFBTJAGAtOgJgGZI5JLoBGOF+AHAjgGwJarIDGWCcAzCADTgKMJIPYA3GCGAAdEAGd08+QEsA9gDsA+vIAuagE4QA5ujnQ5iVBmx4iJMpWp0GzVig5decgL4CQxrqEMADaWPzhkREAuoKB8qFRSbEKugnQYRFZolgp6Oy6ALZScHC0-ugAHlJY-vLsalJIjABMCC0oWIw8jFoALCwovH1YtFhodQ3B0KIKDbpNre2d3b0D48Oj4yhatBQtowgU2C3sGDzocISEBEjsSAO0BHsI5YL1akEi7-P4i20dLo9fqDTZjNBaM5HQjHLAUUZwdAcCC0HjsFroPo3CCdfD4CY-T5Eb4gdCQErIDDsHi4AjEUjkKgoCgoFo4BB0RicOCoPpkCpgYQzMTidLSOSKZTqbR6QwmMwwSyU-I0uz0xxMllsjm0LlYHkoPlIOT8OQNNRgFToLT4CC6CDmJWoFW0+wMpzM1nsznc3lkXwVCAAG1CeQgAAdQiAkLQ4AA6JBwRgJ7gJ8YgFIqSTQFrve26ACu6RCKH4LR4-BjlZQKQAXlBhSBw8YpJJBOgNNmm-5jAALf7LIGMMrdHh9RiMVktegIfxpJp9DpjBDjlqlN4gUVSZNYON9HhIfzBmAVkCEdgwUjt3QqAeA1Z1XQt6DhBRgO8rYHrIZjrYE0kqJGsAxvGibJkgqbYCg-jiOgBhSOGBhqH87YFg2swFrejboOIIYZKAGgQIU6BSBQKh4nBWjkf4tr2jAoBkRRBhUX80AaAWQZBoI4gqCxH5Dq8sbMDwpQgD4PgpOGF4vu82ZXgoQZ6PxqxlIeghBtMsw8XxwFLPePSCUmCAiXA-jsEWug6SAtAAMIAKotAASiMADqNk9tJzQAp+ur6oIACOJGNoQWE8D4QA
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.72.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-72-15.compute-1.amazonaws.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://wowyowapi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 26 Jul 2021 09:10:38 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H2 200 ptmd
dt.clnmde.com/ Frame 4542 70 B
330 B 117ms
117ms Image
image/gif 54.243.72.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=162729063658633466922877_N4IgHgZiBcIAwDYIEYDGAmAnAEwEbowHYBWADnQFNcBmXUuAFhXWIWvULhABpwIAXGCFLUKCCpky4IDOLkIME6ahFTViyFdjipimOOmw8QASwBuMBrwDO-AIb8ArtZgBtanG7JMAXV4AvOxhkXgAHAHMhC14KADsLWFDjcIALIWQlQixEagQyNmpFBEx0dFJCQmN+F1hkBix6BSViMmMzGpAEADo4LoZqZGM7ABsYal5VGABaEJAKfhN0zOy2BGNbSOhPEGsAayWOFdyAfQZOTGJCuHpJYwoTJNrSYi7kVleSV7hMNooAJyEoT+AHsjDFHEFoLNHIsoTEzKNoK5QLE7ABbChCXAmbDYf7HHHGbAOSGgbG4-GE6CxRzDYa8MwmAlGWrLfSrQikZ4IQjqYggAC+Ar8IFCqBg22sCRmNmGtgOWXZuTIg14wygcJAjOZCqOPK5rF5LWMqGc-B1sFIAGEAKroABKsgA6lbkuKoWzELIEKQrCAAI6YzUQWEMAVAA
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/legal/terms-conditions
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.72.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-72-15.compute-1.amazonaws.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://wowyowapi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 26 Jul 2021 09:10:40 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 59A8 291 B
724 B 41ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.powerball.com

Requested by

Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=www.powerball.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.powerball.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1462
set-cookie: uid=7a632700-7030-4f11-b46e-f6d27fb9cccb; expires=Tue, 26 Jul 2022 09:10:40 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Mon, 26 Jul 2021 09:10:40 GMT
content-length: 321

GET
H2 200 ptmd
dt.clnmde.com/ Frame 4542 70 B
330 B 116ms
116ms Image
image/gif 54.243.72.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.clnmde.com/ptmd?t=162729063658633466922877_N4IgZghiBcDaDMB2AbADgAzIJzwEyoBoBGdQ9A8yi6q5AFhsfQF0DwIBnGZNgC15ixc5XEVbgwMXGwCuMmEQCs6BuABuMECDYBLDdEIgOAFwjGZXOLkXEs4gF5RoRNgAcA5po1sApgDt9EFdtEHcBaBAiZFxEXCxMeGRFVGR4eDpkbFx8REQQ40tIujiMRAzrZJC1QuQAOnRaungiEIgAGxh4NjAAYxgAWhcQH2MdTSiYuITkEJNPaHIjAGtx6Nj41OQAfTpEdCxFdNJ9rBCfHWCIolRFWqU6okRbklO2NR8AJ01XD4B7ABMzjInEMZGNnL41B04KA-BAALY+TQAIx0-3+ny2aJC-zMTlAqPRmOx0D8MjabTeOixgKuaymm0QqBuyEQ8EUihAAF8ueJXH0FmwOPpBkK2iZVpMNolki02G1JBCQGpqSTIvTpazmYpWezOWwehZjDTNKgAMIAVVwACU6OgAOpmkLuAUTdaYOgZdA2EAARyRSrA4PQXKAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.72.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-72-15.compute-1.amazonaws.com
Software: / Express
Resource Hash: c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer: https://wowyowapi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 26 Jul 2021 09:10:44 GMT
x-powered-by: Express
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: image/gif

POST
H2 200 ptmdP
dt.clnmde.com/ Frame 4542 7 B
328 B 116ms
116ms Ping
text/html 54.243.72.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dt.clnmde.com/ptmdP
Requested by: Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CU2R40WC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.72.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-72-15.compute-1.amazonaws.com
Software: / Express
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://wowyowapi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 26 Jul 2021 09:10:46 GMT
vary: Accept-Encoding
x-powered-by: Express
etag: W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age: 1800
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length: 7

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adserver.adtechus.com
URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=114a91124fb2b23;misc=1627290635079;bidfloor=0.3;

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_WS1XxDmod7uC7dg_6qfMLFtv1XiZgbhXxIBavu8XyPA.js(Line 2) Message: jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at setupWhereToPlay (https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_WS1XxDmod7uC7dg_6qfMLFtv1XiZgbhXxIBavu8XyPA.js:466:21780) at HTMLDocument.<anonymous> (https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_WS1XxDmod7uC7dg_6qfMLFtv1XiZgbhXxIBavu8XyPA.js:466:30501) at e (https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_WS1XxDmod7uC7dg_6qfMLFtv1XiZgbhXxIBavu8XyPA.js:2:30005) at t (https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_WS1XxDmod7uC7dg_6qfMLFtv1XiZgbhXxIBavu8XyPA.js:2:30307) at https://d2si3hiz85fm4q.cloudfront.net/script.js:1:72540 undefined
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js(Line 6) Message: [GPT] To reserve space and reduce layout shifts, consider setting min-width=300px, min-height=250px styles on the div element with id=APST04010385POWB3001__54. Learn more: https://developers.google.com/publisher-tag/guides/minimize-layout-shift

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ads.creative-serving.com
adserver.adtechus.com
adservice.google.com
adservice.google.de
api.lanistaads.com
as-sec.casalemedia.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
c387a00789dfd8f8f15c2e62b7d5528e.safeframe.googlesyndication.com
cm.g.doubleclick.net
code.ionicframework.com
contextual.media.net
d2si3hiz85fm4q.cloudfront.net
d2tbmvllb55wxq.cloudfront.net
deio3v2go54x9.cloudfront.net
dmx.districtm.io
dsp.nrich.ai
dt.clnmde.com
dt6.clnmde.com
eu-u.openx.net
f872cadd83927e25fd5b072b053cea9a.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fs.gweini.com
green.erne.co
gum.criteo.com
hbopenbid.pubmatic.com
i.clean.gg
ib.adnxs.com
image2.pubmatic.com
j.mrpdata.net
lanista-bidder-d.openx.net
lg3.media.net
match.adsrvr.org
match.justpremium.com
match.prod.bidr.io
openx2-match.dotomi.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pxlclnmdecom-a.akamaihd.net
rtb-csync.smartadserver.com
rtb.openx.net
s.gweini.com
s3.amazonaws.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
tpc.googlesyndication.com
um.simpli.fi
us-u.openx.net
wowyowapi.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.powerball.com
x.bidswitch.net
adserver.adtechus.com
104.16.68.69
13.224.118.209
142.250.184.226
142.250.186.34
143.204.98.67
151.101.14.49
169.50.137.190
178.250.0.165
18.184.162.185
18.192.228.194
18.195.105.17
185.29.132.241
185.64.189.112
185.64.190.80
185.86.137.131
198.148.27.140
2.16.107.88
2.18.234.21
2.18.235.93
2001:678:cb4:bbbb::11
213.19.162.31
2600:1f18:42df:3a01:e98f:cdd0:4c16:e538
2600:9000:2156:6c00:15:3f44:b280:21
2600:9000:2156:ec00:e:ff8:b40:93a1
2606:4700:20::ac43:451d
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:110:c305::8000
2a00:1450:4001:800::2001
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c04::9d
2a02:2638:1::13
2a02:2638::3
2a02:fa8:8806:20::2010
3.212.26.136
3.66.135.160
34.209.78.19
34.231.48.239
34.95.69.49
34.98.126.214
35.186.253.211
35.244.159.8
37.157.2.236
37.252.173.22
51.255.68.171
51.79.83.225
52.217.70.206
54.194.226.253
54.243.72.15
54.246.13.173
54.93.122.90
66.155.71.149
76.223.111.131
94.23.171.206
084fd154266692bdc0410bb5e3a74dbd35c4c544b7e84ce52dd4643a0c49b97e
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0b6afad74ac69e860d6b6b827b27d931ffe29385583305b9f8d594424d3e2400
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11d4c6016909d872cb9aea53bd7066bc23ff08ee947ad525b1a70ae746846e0b
13319f25fd8473e4176955d19a09e4614170c8a7941ef7966987ad6156536580
16bc74e3ebb6ef6cc2c56565701502e39ea269aa665dd74da5742d371f3b2939
26b66e83fc168046181937fae3635bcd7b8addf0c033922a501680d81b5e3423
27af9af868d291193ab411962a09f843c01398c397812ca24e00d8568017989e
29379dee029abe121d9f1a9ec4ceb9c682be4a5458735edae8fc4c12dd7c7b6a
37cc0451eec571b22864bfac29a3766ccebe2d1e48ac4a552a8e9b8e6f9be02f
3fc6f5ea55c0fdd696dcc85170da17433800a34832a5b6184840b3c6b2e11a01
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4bcff27b70cd785e1f5f730f861cc6ce205ec0c892eb2ceaaeac76bdbeed4928
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fc9ce41636acbd666507870960a59ea0ada69e9fbaae3e3b25752897e484d76
5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f
592d57c439a877bb82edd83feaa7cc2c5b6fd5789981b857c4805abeef17c8f0
59ff4e9457a98e72723231e1ad962b8c2a77c67f6c025dc6464843931d061c0f
5d1765ca16cb96e4294a5c96b2084b580e200a2743b1ff7805d18bd8348825e9
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2
61d5d131a1652d6622bf40a61db090766b09e79d7ed665121484329143d3df03
65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c
65a801f723b57e8ea832487ee47e147285cd2b7b87ef94bf20d4427821ff4b41
676788eac82d90570b7eb37cbe79b56ddb61b3884014e19515ed5d0b175518d6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ce9941e7c94213d42901c9fef65d2594929c1a8b7d5d51fb099e085ad53b69f
738ddea232874c82239c237498e051aeade604c081fcc45fe80776113f8c4a14
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7c84cecfdcb0eca7b29bcee53ae60f4049b49eea1abfc4641bcd4abc7e92d51b
7f5970c9956a4fa1e7efa0499fde4e2ce7d868ec891da48951f7a99512f8a1e1
8459ce8cedefe43c38e7a0a53975193615fbb687d5a928257ea4a24c90aaf9ae
8a53b449f42f26e1fbcb2a9cca976682bc7e76d13ab38566352685397099ce3d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
911e1ae59bee7c424cdc950ea226bec46af2a4048a51fec42fe2a7009e8ddb9b
91822d970ea4cb3dbae6039431aaebfd36c46997c43a53a507518eed6dc230b2
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ae6564064d15797038e2f8ae0698142f064ff79d9de48347d306269abf346108
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed38da596ff3b7f4a55a1c2bb7c1295740d21565b2189aaf93fd84b069cd446
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
bc928326d0074ee3a9aaea10d6fa62ce2e6aa21a8698519c70a93021ca0f4c4c
be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4
c0f02a3ba3b3498d9ff3243cd2185bbf9f9c961f1373b2b463dfa025c2d57c5b
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77
c60536e1387fd63f18755c87e9028bc138c1cb11fc77a64a159777aae49a12b5
c9d28d5f4a7a552b83864510e32819ee926046884a99680695eeb08f9f985afd
cd9c139673051af705b80d8eb599aa53d534b8d51674f0f8d4dea65a449e51e2
d078f02ec45b4a636a2f4062956d063679bccd3ade3a403bb59b7578492e347e
d7f91cedc9af34e0523e78dc1aea540db1cfd97825f626df2279774488c9ec24
db3b633dc73f730a566450dd4778030f91b0c6c0c7c7eddc2f17d62618c6c735
dc65bf6074f14b4dbf38fce097da9667eafbb5944609d5c8b5fbcaeb97a0d79e
dd77b03d442f3d5769272bdcc3153ee0e7313ce2994a8b00712c307575d76dfe
df3317fe7031ec742daeed002d97da566a8648fbacb939fce19093f17a79d5c1
e09a5d8e3457c45de0a3dfdf246f6b1a94a59b126df1caed35cb7e0ab90016dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e90743092b90edcfaf509e329f9ca42f3cb320d0a1133908aa2c6b44410a8614
eb0775c8fca4cb815e878376d4c554bea513281784195a3afbb9dcf1e259d7af
ebb38cf55c8bd74f2b83b45a0443696d60506e9c805d6a174e08fae991bf65ec
edc057a9ffe252ee9fe9172e08553310cecb4374bd881de9e0e703126a0dfbb6

www.powerball.com Open in urlscan Pro 34.231.48.239 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

126 Requests

99 %HTTPS

37 %IPv6

49 Domains

65 Subdomains

45 IPs

8 Countries

2504 kBTransfer

4411 kBSize

0 Cookies

0 Outgoing links

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.powerball.com Open in urlscan Pro
34.231.48.239 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

99 %
HTTPS

37 %
IPv6

49
Domains

65
Subdomains

45
IPs

8
Countries

2504 kB
Transfer

4411 kB
Size

0
Cookies

126 HTTP transactions
1 data transactions