www.powerball.com Open in urlscan Pro
54.87.126.121 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.powerball.com/
Effective URL:
https://www.powerball.com/
Submission: On April 17 via api (April 17th 2020, 3:09:30 pm UTC) from US

Summary HTTP 232 Redirects Behaviour Indicators

Summary

This website contacted 33 IPs in 6 countries across 29 domains to perform 232 HTTP transactions. The main IP is 54.87.126.121, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.powerball.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 9th 2018. Valid for: 3 years.

This is the only time www.powerball.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 22	54.87.126.121 54.87.126.121	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:21f... 2600:9000:21f3:cc00:15:3f44:b280:21	16509 (AMAZON-02) (AMAZON-02)
25	52.216.238.21 52.216.238.21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:6ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.45.243.84 52.45.243.84	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
1	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:3e00:6:266a:9940:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	13.224.194.99 13.224.194.99	16509 (AMAZON-02) (AMAZON-02)
1 21	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE)
6	13.224.186.107 13.224.186.107	16509 (AMAZON-02) (AMAZON-02)
6	3.94.236.166 3.94.236.166	14618 (AMAZON-AES) (AMAZON-AES)
38	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
6	35.156.227.32 35.156.227.32	16509 (AMAZON-02) (AMAZON-02)
4	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	69.173.144.143 69.173.144.143	26667 (RUBICONPR...) (RUBICONPROJECT)
7 11	152.199.21.35 152.199.21.35	15133 (EDGECAST) (EDGECAST)
8 8	2606:2800:233... 2606:2800:233:97b6:26be:138a:cba8:bb01	15133 (EDGECAST) (EDGECAST)
4	23.213.15.82 23.213.15.82	16625 (AKAMAI-AS) (AKAMAI-AS)
24	172.217.21.194 172.217.21.194	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
6	2600:9000:215... 2600:9000:2156:7400:e:ff8:b40:21	16509 (AMAZON-02) (AMAZON-02)
6	35.160.156.47 35.160.156.47	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
10 14	52.58.189.189 52.58.189.189	16509 (AMAZON-02) (AMAZON-02)
6 10	52.16.238.200 52.16.238.200	16509 (AMAZON-02) (AMAZON-02)
8	54.93.143.252 54.93.143.252	16509 (AMAZON-02) (AMAZON-02)
4 4	91.228.74.144 91.228.74.144	27281 (QUANTCAST) (QUANTCAST)
2 2	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	54.239.17.112 54.239.17.112	16509 (AMAZON-02) (AMAZON-02)
232	33

22 54.87.126.121 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-126-121.compute-1.amazonaws.com

www.powerball.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:cc00:15:3f44:b280:21 (United States)

ASN16509 (AMAZON-02, US)

d2si3hiz85fm4q.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 52.216.238.21 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:6ad (United States)

ASN13335 (CLOUDFLARENET, US)

code.ionicframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.243.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-243-84.compute-1.amazonaws.com

s.gweini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.69.49 (United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:3e00:6:266a:9940:21 (United States)

ASN16509 (AMAZON-02, US)

dw7nrwnn2bkh1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.99 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-99.fra2.r.cloudfront.net

fs.gweini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com

lanista-bidder-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.224.186.107 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-107.fra2.r.cloudfront.net

d2tbmvllb55wxq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.94.236.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-236-166.compute-1.amazonaws.com

api.lanistaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.156.227.32 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-227-32.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 152.199.21.35 (United States) 7 redirects

ASN15133 (EDGECAST, US)

adserver.adtechus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:2800:233:97b6:26be:138a:cba8:bb01 (United States) 8 redirects

ASN15133 (EDGECAST, US)

adserver.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.213.15.82 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-15-82.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 172.217.21.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s12-in-f194.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2156:7400:e:ff8:b40:21 (United States)

ASN16509 (AMAZON-02, US)

deio3v2go54x9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.160.156.47 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-156-47.us-west-2.compute.amazonaws.com

wowyowapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.58.189.189 (Frankfurt am Main, Germany) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-189-189.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.16.238.200 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-238-200.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.93.143.252 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-143-252.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.228.74.144 (United Kingdom) 4 redirects

ASN27281 (QUANTCAST, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.239.17.112 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	64 KB
27	doubleclick.net 2 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	521 KB
25	amazonaws.com s3.amazonaws.com	2 MB
22	powerball.com 4 redirects www.powerball.com	113 KB
21	openx.net 1 redirects lanista-bidder-d.openx.net eu-u.openx.net	344 KB
20	3lift.com 10 redirects tlx.3lift.com eb2.3lift.com	7 KB
18	googletagservices.com www.googletagservices.com	421 KB
16	advertising.com 8 redirects adserver.adtech.advertising.com pixel.advertising.com	3 KB
14	cloudfront.net d2si3hiz85fm4q.cloudfront.net dw7nrwnn2bkh1.cloudfront.net d2tbmvllb55wxq.cloudfront.net deio3v2go54x9.cloudfront.net	2 MB
11	adtechus.com 7 redirects adserver.adtechus.com	5 KB
10	adsrvr.org 6 redirects match.adsrvr.org	4 KB
6	wowyowapi.com wowyowapi.com
6	google.com adservice.google.com	1 KB
6	google.de adservice.google.de	1 KB
6	lanistaads.com api.lanistaads.com	2 KB
4	quantserve.com 4 redirects pixel.quantserve.com	2 KB
4	casalemedia.com as-sec.casalemedia.com	4 KB
4	rubiconproject.com fastlane.rubiconproject.com	5 KB
4	pubmatic.com hbopenbid.pubmatic.com	304 B
3	criteo.net static.criteo.net	30 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	600 B
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	gweini.com s.gweini.com fs.gweini.com	22 KB
2	ionicframework.com code.ionicframework.com	110 KB
1	bing.com c.bing.com	445 B
1	criteo.com bidder.criteo.com	147 B
1	clean.gg i.clean.gg	107 B
1	googleapis.com fonts.googleapis.com	2 KB
0	districtm.io Failed dmx.districtm.io Failed
232	29

	Domain	Requested by
25	s3.amazonaws.com	www.powerball.com s3.amazonaws.com
24	securepubads.g.doubleclick.net	www.powerball.com securepubads.g.doubleclick.net
22	www.powerball.com	4 redirects www.powerball.com s3.amazonaws.com
18	tpc.googlesyndication.com	www.powerball.com
18	www.googletagservices.com	www.powerball.com d2si3hiz85fm4q.cloudfront.net
14	eb2.3lift.com	10 redirects www.powerball.com
13	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.powerball.com
11	adserver.adtechus.com	7 redirects www.powerball.com
11	lanista-bidder-d.openx.net	1 redirects www.powerball.com lanista-bidder-d.openx.net
10	match.adsrvr.org	6 redirects www.powerball.com d2tbmvllb55wxq.cloudfront.net
10	eu-u.openx.net	www.powerball.com
8	pixel.advertising.com	www.powerball.com d2tbmvllb55wxq.cloudfront.net
8	adserver.adtech.advertising.com	8 redirects
6	wowyowapi.com	www.powerball.com
6	deio3v2go54x9.cloudfront.net	d2si3hiz85fm4q.cloudfront.net
6	adservice.google.com	www.powerball.com
6	adservice.google.de	www.powerball.com
6	tlx.3lift.com	d2tbmvllb55wxq.cloudfront.net
6	api.lanistaads.com	www.powerball.com
6	d2tbmvllb55wxq.cloudfront.net	d2si3hiz85fm4q.cloudfront.net
4	pixel.quantserve.com	4 redirects
4	as-sec.casalemedia.com	d2tbmvllb55wxq.cloudfront.net
4	fastlane.rubiconproject.com	d2tbmvllb55wxq.cloudfront.net
4	hbopenbid.pubmatic.com	d2tbmvllb55wxq.cloudfront.net
3	static.criteo.net	www.powerball.com
2	s.amazon-adsystem.com	1 redirects www.powerball.com
2	cm.g.doubleclick.net	2 redirects
2	www.google-analytics.com	1 redirects www.powerball.com
2	code.ionicframework.com	www.powerball.com
1	c.bing.com	www.powerball.com
1	fs.gweini.com	d2si3hiz85fm4q.cloudfront.net
1	bidder.criteo.com	static.criteo.net
1	stats.g.doubleclick.net	www.powerball.com
1	dw7nrwnn2bkh1.cloudfront.net	d2si3hiz85fm4q.cloudfront.net
1	i.clean.gg	d2si3hiz85fm4q.cloudfront.net
1	s.gweini.com	www.powerball.com
1	fonts.googleapis.com	www.powerball.com
1	d2si3hiz85fm4q.cloudfront.net	www.powerball.com
0	dmx.districtm.io Failed	d2tbmvllb55wxq.cloudfront.net
232	39

This site contains no links.

Subject Issuer	Validity	Valid
*.powerball.com Go Daddy Secure Certificate Authority - G2	`2018-02-09` - `2021-02-09`	3 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-02`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
ionicframework.com CloudFlare Inc ECC CA-2	`2019-12-04` - `2020-10-09`	10 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
gweini.com Amazon	`2019-12-05` - `2021-01-05`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
i.clean.gg GTS CA 1D2	`2020-03-05` - `2020-06-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.adiply.com Amazon	`2019-12-05` - `2021-01-05`	a year	crt.sh
*.3lift.com Amazon	`2019-07-17` - `2020-08-17`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adtechus.com GeoTrust RSA CA 2018	`2019-08-07` - `2021-08-07`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
wowyowapi.com Amazon	`2019-10-06` - `2020-11-06`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2017-06-14` - `2020-06-18`	3 years	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
s.amazon-adsystem.com Amazon	`2019-12-03` - `2020-11-06`	a year	crt.sh

This page contains 35 frames:

Primary Page: https://www.powerball.com/
Frame ID: 697F9104CB34F09A9157D0F31AD963A4
Requests: 63 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: DB32526DC2F8865F9AB3AE6C247B979E
Requests: 16 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: DC25874A818BABC884ED31597ECC581C
Requests: 16 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: 0D183F65EF3538217AE5CF70EA95E7EB
Requests: 24 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: C0C006A595AB7CE21C809DE7DC61CD70
Requests: 24 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: 893AAE1B417401DC05116D371D52A636
Requests: 24 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: 329B4090D09DE890ED43BF1FDB3979D6
Requests: 24 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: 4BF2F28E0BF3FE9B23B579114770DC08
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Frame ID: BE0D7A193F03C61D15E9BF423BAEFD6A
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: 79FB0AE717AF4F2BE20487F4B306E41A
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Frame ID: 0F6D3010FC34D989EC999A09F21B5AA7
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: A5D32D429151140A7AD193C28E2C602C
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Frame ID: D38421ADB5F663936C4BAD15C82E4AB5
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: F06E634DDCBF136A206FF4C3A689467D
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Frame ID: 727316BFA960BBC5CD1D5AD637866AAF
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstEKTFU86SqwNhbnB1MLY7XYMgQZoUm7oLLTbRYrJY8IKnTijme3WGkvfA83-yag44d6SLZtj6cQjF6nyc0cPjUNEAmgkPEr5QRlptWZbInRVNTLPmAMwcqHblBMrwc2txKWEac9BPisBqiXZtR-0CNl4PbBehm-9tMKre-ny-e2qX-658Cd44zXeuQkkJ0V7cylN-mPamIMgCBfWe14fzNXEtDOL6XfgceN_S9ogpuKzlGSXlTg0QgPP-WI35-4HS2Nr5tJWGCvTNcdhVJGA&sai=AMfl-YTxMROA5Bp2yQr2Qya8hu6KXWAZBkW0bYHtFQa1hE6IKPetA8TNry786xCG9nwh6uIXqY4ev_wNnEnIAvhjsTNUW3idEpde6PwNzXgj&sig=Cg0ArKJSzAQ4KzalGjvqEAE&urlfix=1&adurl=
Frame ID: 5562B020430770D6C4E9AA1846EBA3DB
Requests: 5 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: 89C6BAAB65929312AC9AC31B5E130BC8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQqH1O7gMq1is1V684Nxm3MlJdLtGBip644GyGfxBehhBHoK02t3RwsCCpQ2pCk0x4xs29nG9r6sM5Vo8Bfa9B2ASp3y2uXe6_RVT2WpSpTtXy9sPF788xlCy3PrGI77yUWoAQdatAPZpPlrCkmNjX8E689R7TR5bTquCiMxnQSPKwKoO2Sop0L-pv21pc342jFukGeapr5aN2V1De4o8ctdkXdq3HKm3kzqjUReMskD2spqUZlYAtwRwU-e4pQF3RDhnJJIoeC6Ue3uNxfQ&sai=AMfl-YRDXpqS78REo9_go0Rws5IBUCCx5I_Rg2zP8fb6i5zI73wJ0LrLhrzCIiLiJUarYCDnIUyaN7UuUWnEDEBzIDk2eJsru3LiJ3IRkYC2&sig=Cg0ArKJSzJR4z7CnAiidEAE&urlfix=1&adurl=
Frame ID: 80DEE1915C8951F4D9D6C9A035E574BE
Requests: 4 HTTP requests in this frame

Frame: https://wowyowapi.com/wowyowdisplay970x250desktop.php?u=fb243434-6d38-f6b6-4543-c462ef8458dc
Frame ID: 891BD7C00F44AF4BA48FB59E9DC7B9C2
Requests: 1 HTTP requests in this frame

Frame: https://wowyowapi.com/wowyowdisplay970x250desktop.php?u=fb243434-6d38-f6b6-4543-c462ef8458dc
Frame ID: 9325072A76486BC3ED897A6E38907808
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 44B3197C7B713F8F0CA3D9AEDF0F29EA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: CD0A0DFFC2607F1847A4C4F6DEC962CF
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQhKzDPaMqfwjRdBpWCdGGzDZ0pQI15hi6JC0qjDSc6GRCfvsRL5akuR55R8EoCT_sWIbHqDZi96L6HRocngrzrNuQAEfmWj-ztpP6ODW3e7CIsRYsCxX4cRbgWZAtNmOAm9uZtA1gJXRd77jkBFDhybHV27ARuw9oHE8yn8tJTbgbl6D7Asr28apR-02u9ILhfhVZwaMMyX9Ku9834MnLgHlyHgCAqBYgFWSCNPpRBLEw6d4lQ1x-RF5rEqRFQeT5mNmJPl6M_4V5qWKrQg&sig=Cg0ArKJSzJMOzerLBQIzEAE&urlfix=1&adurl=
Frame ID: 31536B4350B000C49291BD2B717EC1F9
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYT-xFndj_sc92gvFSmo4WZ5nIVfD44kOYPPPvWdb6IrXysBzmIpcJsTW3Ds2s7pigY_DWYEGXpGbPkTiyvpLO4MrYa7JHWJOHzC0VGqFjYOhenZyA0i3zT4nJncPjQ3r69-lUm5WrwASELAVTfc73bKqjqku0qoLknl71Mm4JsGXJg1sijn3PKmhvyEAeGErNTi_okPwctjc6ddg9rhmPpHSVP-h6i5ODgeXWfH_34lfl_MEOQh-PVQVvMMS1WxNxw-UciMU3CsNvqCBbGQ&sig=Cg0ArKJSzMdr_lrTqGquEAE&urlfix=1&adurl=
Frame ID: 40DF7536F2BD611E0325AF322EFFE730
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0Czh0PK05WTdLdmO_4cb2QkN0pxGjDjaiUyNchITaGeePjqI3L1OEaH_mEZVaeQ4vuu-uZuWJAJhUQA7P4htmhGn2MdDjya6JEPRk81Cir210kdFFjmQXBrewtnfcHwIy5OTcsUVVZAKYqSBxizU8i940pcjo-jEUc0jxZqZMWnUQC9Zg8YfIZAJ-0yPoEyErMjd3b8r6T8he-42gIZeIBY-PIKn8nUbRGINm7aCOxhl_ESlotTdu6IY6L-V9SgrLNsfCLxeKrownf8BuKg&sig=Cg0ArKJSzDRxyWScZ442EAE&urlfix=1&adurl=
Frame ID: E5F5057472F2EE0056E951F41FAA2013
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfDqVDzC8Dj8sYKi6UjcR2NIYAhxV_L31uSWbFK9SLeismQCAA5NlpJJ3F6pfE3_n9WOlLjBOHGy5zvNbMynCnMX9nWtf9KHhUeuPE2DxV-BVz4LIV74ogfLWjq8d6g278-5b-J3mv879Q8KX-qAusGIEK4lYe6g-LOAN1SvX6bOeA4yGLQoyFM39t7rVT6127LdmaEmYgA1ydirY0H21yHDk8l36MXw_6KIhSj4WMxVqaNJY7P0fewBrH83VOY64JVSStoCsAyRqoUd_-1Q&sig=Cg0ArKJSzPE0WgKSu58yEAE&urlfix=1&adurl=
Frame ID: BE3906F197B72C8FD3795371AEBC854C
Requests: 4 HTTP requests in this frame

Frame: https://wowyowapi.com/wowyowdisplay300x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc
Frame ID: EF11FDE5806AD3408D2AB645C7BD15F4
Requests: 1 HTTP requests in this frame

Frame: https://wowyowapi.com/wowyowdisplay300x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc
Frame ID: A29D1C30B52EE52A13069224F54846D6
Requests: 1 HTTP requests in this frame

Frame: https://wowyowapi.com/wowyowdisplay300x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc
Frame ID: 5389866C7A0D11E640D47534DD5D32FA
Requests: 1 HTTP requests in this frame

Frame: https://wowyowapi.com/wowyowdisplay300x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc
Frame ID: 526397654631DF8B6329F32E278E3D52
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: FC74501341CA9451FB503053403BB798
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: B46D760EC05E7FCB4FC099E43A8446ED
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 7E9120C651FE997E95221958A920BE31
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 145A205F1DC001E5FB341D114A512312
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: D3D4903D84364EB8779FF9846C587751
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.powerball.com/ HTTP 302
https://www.powerball.com/ Page URL

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Drupal(?:\s([\d.]+))?/i
headers expires /19 Nov 1978/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Ionicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+ionicons(?:\.min)?\.css/i

Page Statistics

232
Requests

97 %
HTTPS

37 %
IPv6

29
Domains

39
Subdomains

33
IPs

6
Countries

5696 kB
Transfer

8450 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.powerball.com/ HTTP 302
https://www.powerball.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://www.powerball.com/s3fs-css/css/css_ruj2yQTSH7PNQeoduYYpwooYsPhlQ8wqPR0xKAv7tYk.css?q874w4 HTTP 302
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ruj2yQTSH7PNQeoduYYpwooYsPhlQ8wqPR0xKAv7tYk.css?q874w4

Request Chain 4

https://www.powerball.com/s3fs-css/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q874w4 HTTP 302
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q874w4

Request Chain 26

https://www.powerball.com/s3fs-js/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js HTTP 302
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js

Request Chain 43

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=10900298&t=pageview&_s=1&dl=https%3A%2F%2Fwww.powerball.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Powerball&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGBACEABB~&jid=1508309290&gjid=542641394&cid=1714887466.1587136142&tid=UA-29233419-1&_gid=1113768863.1587136142&_r=1&z=1893287360 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29233419-1&cid=1714887466.1587136142&jid=1508309290&_gid=1113768863.1587136142&gjid=542641394&_v=j81&z=1893287360

Request Chain 79

https://lanista-bidder-d.openx.net/w/1.0/acj?ai=14f5e668-6f72-4cb4-9adf-8627ff80d550&o=2d16366068e5eb&ju=https%3A//www.powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ifr=1&tws=1600x1200 HTTP 302
https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=14f5e668-6f72-4cb4-9adf-8627ff80d550&o=2d16366068e5eb&ju=https%3A//www.powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ifr=1&tws=1600x1200

Request Chain 84

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13fcb7bec6455eb;misc=1587136143273;bidfloor=0.3; HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=13fcb7bec6455eb;misc=1587136143273;bidfloor=0.3 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=13fcb7bec6455eb;misc=1587136143273;bidfloor=0.3 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=13fcb7bec6455eb;misc=1587136143273;bidfloor=0.3 HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A604b5390-80bd-11ea-909b-125139b028ba;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=13fcb7bec6455eb;misc=1587136143273;bidfloor=0.3

Request Chain 93

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=133b06d972d2f4d;misc=1587136143410;bidfloor=0.3; HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1587136142;v=2;cmd=bid;cors=yes;alias=133b06d972d2f4d;misc=1587136143410;bidfloor=0.3 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=133b06d972d2f4d;misc=1587136143410;bidfloor=0.3 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1587136144;v=2;cmd=bid;cors=yes;alias=133b06d972d2f4d;misc=1587136143410;bidfloor=0.3 HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A604b5390-80bd-11ea-909b-125139b028ba;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=133b06d972d2f4d;misc=1587136143410;bidfloor=0.3

Request Chain 99

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13858b5c5313f2d;misc=1587136143424;bidfloor=0.3; HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=13858b5c5313f2d;misc=1587136143424;bidfloor=0.3 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=13858b5c5313f2d;misc=1587136143424;bidfloor=0.3 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=13858b5c5313f2d;misc=1587136143424;bidfloor=0.3 HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A6041b074-80bd-11ea-95a6-12794b40da64;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=13858b5c5313f2d;misc=1587136143424;bidfloor=0.3

Request Chain 107

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=138742185440eb1;misc=1587136143524;bidfloor=0.3; HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=138742185440eb1;misc=1587136143524;bidfloor=0.3 HTTP 302
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1587136144;v=2;cmd=bid;cors=yes;alias=138742185440eb1;misc=1587136143524;bidfloor=0.3 HTTP 302
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A604b5390-80bd-11ea-909b-125139b028ba;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=138742185440eb1;misc=1587136143524;bidfloor=0.3

Request Chain 217

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1 HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=bd520d03-0256-4a15-9f1c-d308490ba072&dongle=0cfd

Request Chain 218

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1 HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=f0432aad-e68a-433c-9865-ae418d5faa3d&dongle=0cfd

Request Chain 219

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1 HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=691aa5f3-1942-49ad-aafa-93b852f0b5da&dongle=0cfd

Request Chain 221

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=ECJ0UkZxdFgIf3UJESFgU0cjew8IJngNQHQxFI0b

Request Chain 224

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&google_tc= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMIDg7FtFObViQAImruHV_k&dongle=c627&google_cver=1

Request Chain 226

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=7q6Iwrj9iMj289fOva-czrj-hc_28tPKualicDl7

Request Chain 227

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://eb2.3lift.com/getuid?redir=%2F%2Fc.bing.com%2Fc.gif%3Fxid%3D%24UID%26Red3%3DTLMS_pd%0A HTTP 302
https://c.bing.com/c.gif?xid=11783488391130053194&Red3=TLMS_pd

Request Chain 229

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=7q6Iwrj9iMj289fOva-czrj-hc_28tPKualicDl7

Request Chain 231

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=7q6Iwrj9iMj289fOva-czrj-hc_28tPKualicDl7

Request Chain 233

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&dcc=t

232 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.powerball.com/
Redirect Chain

http://www.powerball.com/
https://www.powerball.com/

106 KB
16 KB

332ms
126ms

Document
text/html

54.87.126.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.126.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-126-121.compute-1.amazonaws.com

Software

Apache /

Resource Hash

42c8d1ff84aad5d2eb1d589e1cccf07c16987c465e07e59a30c6926818d09cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.powerball.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 17 Apr 2020 15:09:01 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-content-type-options: nosniff nosniff
cache-control: max-age=86400, public
x-drupal-dynamic-cache: MISS
link: <http://www.powerball.com/>; rel="shortlink", <http://www.powerball.com/>; rel="canonical" <http://www.powerball.com/games/home>; rel="alternate"; hreflang="en" <http://www.powerball.com/es/games/home>; rel="alternate"; hreflang="es" </games/home>; rel="revision" </node?node=1>; rel="create"
x-ua-compatible: IE=edge
content-language: en
x-frame-options: SAMEORIGIN
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Thu, 16 Apr 2020 20:29:03 GMT
etag: "1587068943"
vary: Cookie,Accept-Encoding
x-generator: Drupal 8 (https://www.drupal.org)
x-drupal-cache: HIT
content-encoding: gzip

Redirect headers

Date: Fri, 17 Apr 2020 15:09:00 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 210
Connection: keep-alive
Server: Apache
X-Content-Type-Options: nosniff
Location: https://www.powerball.com/
Cache-Control: max-age=1209600
Expires: Fri, 01 May 2020 15:09:00 GMT

GET
H2 200 script.js Show response
d2si3hiz85fm4q.cloudfront.net/ 100 KB
37 KB 28ms
8ms Script
application/javascript 2600:9000:21f3:cc00:15:3f44:b280:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:cc00:15:3f44:b280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1420a12b947dc5da81d2df97b3d29695b90c5761699c5edde2855f070607e7ad

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 16 Apr 2020 23:21:54 GMT
content-encoding: gzip
last-modified: Tue, 07 Apr 2020 08:19:51 GMT
server: AmazonS3
age: 56828
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: dL_IfJ8JPKQOCrgug6kqB1t6nvI8suBJPKSx1DDj2v808YTf5C-cCw==
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)

GET
H/1.1

200
OK

css_ruj2yQTSH7PNQeoduYYpwooYsPhlQ8wqPR0xKAv7tYk.css
s3.amazonaws.com/cdn.powerball.com/drupal/files/css/
Redirect Chain

https://www.powerball.com/s3fs-css/css/css_ruj2yQTSH7PNQeoduYYpwooYsPhlQ8wqPR0xKAv7tYk.css?q874w4
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ruj2yQTSH7PNQeoduYYpwooYsPhlQ8wqPR0xKAv7tYk.css?q874w4

7 KB
8 KB

532ms
218ms

Stylesheet
text/css

52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ruj2yQTSH7PNQeoduYYpwooYsPhlQ8wqPR0xKAv7tYk.css?q874w4
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: aee8f6c904d21fb3cd41ea1db98629c28a18b0f86543cc2a3d1d31280bfbb589

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 15:09:02 GMT
Last-Modified: Tue, 17 Mar 2020 17:51:59 GMT
Server: AmazonS3
x-amz-request-id: 304E378D3F771415
ETag: "c714f92f60895226a3964640d4100d65"
Content-Type: text/css
Cache-Control: public, max-age=2419200
Accept-Ranges: bytes
Content-Length: 7299
x-amz-id-2: Sy6SPSqSy2mUMLLhFXsto6anbj346cuvt5Bvs4uuJxFnWKiE9kyrub92xFRV7aL5YldDeL+o7sQ=

Redirect headers

date: Fri, 17 Apr 2020 15:09:01 GMT
x-content-type-options: nosniff
server: Apache
status: 302
content-type: text/html; charset=iso-8859-1
location: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ruj2yQTSH7PNQeoduYYpwooYsPhlQ8wqPR0xKAv7tYk.css?q874w4
cache-control: max-age=1209600
content-length: 302
expires: Fri, 01 May 2020 15:09:01 GMT

GET
H2 200 css
fonts.googleapis.com/ 33 KB
2 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,300i,700|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c01fa660f5e3a79aee33f24fac394cc5f333632e26cdb380744ebac41d871b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Apr 2020 15:09:01 GMT
server: ESF
date: Fri, 17 Apr 2020 15:09:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Apr 2020 15:09:01 GMT

GET
H2 200 ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 50 KB
8 KB 45ms
14ms Stylesheet
text/css 2606:4700:20::681a:6ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 3d7694969de5da104de916c00a443a98f2cc821d
date: Fri, 17 Apr 2020 15:09:01 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 46749
x-cache: HIT
status: 200
x-cache-hits: 1
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 022a48af800000178e02a8b200000001
x-served-by: cache-fra19176-FRA
last-modified: Mon, 04 Feb 2019 22:08:34 GMT
server: cloudflare
x-github-request-id: 4156:7997:70E6A:911E7:5E98616D
x-timer: S1587089392.034920,VS0,VE0
etag: W/"5c58b7e2-c854"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-proxy-cache: MISS
cf-ray: 585710926eb7178e-FRA
x-origin-cache: 1
expires: Thu, 16 Apr 2020 13:55:17 GMT

GET
H/1.1

200
OK

css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css
s3.amazonaws.com/cdn.powerball.com/drupal/files/css/
Redirect Chain

https://www.powerball.com/s3fs-css/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q874w4
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q874w4

181 KB
182 KB

434ms
119ms

Stylesheet
text/css

52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q874w4
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6572a5c9d30eb6f8d2424be69ae3f8f4b8816cb46fbdbfe3fb0f94863c8ad922

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 15:09:02 GMT
Last-Modified: Tue, 17 Mar 2020 17:51:59 GMT
Server: AmazonS3
x-amz-request-id: C0C2B38C32821B22
ETag: "bf64468298603d6826b5cb6c0de6b0f0"
Content-Type: text/css
Cache-Control: public, max-age=2419200
Accept-Ranges: bytes
Content-Length: 185781
x-amz-id-2: A8sruat2NEFTtUG+CweYyPMvEvPdYaJq/tiOmYX3sJe5vT8CeY4fk/fmd4N5wZ7WEgITufbBU9E=

Redirect headers

date: Fri, 17 Apr 2020 15:09:01 GMT
x-content-type-options: nosniff
server: Apache
status: 302
content-type: text/html; charset=iso-8859-1
location: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q874w4
cache-control: max-age=1209600
content-length: 302
expires: Fri, 01 May 2020 15:09:01 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 98 KB
30 KB 62ms
30ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6d891777771aa5f97eacda90fbd16004957c0784475110611a4f7493bad8a9b5

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
content-encoding: gzip
last-modified: Mon, 30 Mar 2020 10:35:37 GMT
server: nginx
etag: W/"5e81cb79-1867d"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 18 Apr 2020 15:09:02 GMT

GET
H/1.1 200
OK gweiniClientV1.php Show response
s.gweini.com/ 60 KB
6 KB 460ms
135ms Script
text/html 52.45.243.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.gweini.com/gweiniClientV1.php?ClientID=PUB_ID&group=GPPowerball
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.243.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-243-84.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: d5ff44821e16661e64cb8f336248f282c85d7cf990b67074fbe8baf742f44da0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 15:09:02 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Content-Length: 6278
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK powerball-power-play-68px.png
s3.amazonaws.com/cdn.powerball.com/drupal/files/ 29 KB
29 KB 117ms
113ms Image
image/png 52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/powerball-power-play-68px.png
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e03925061ffc4e98cda3a842d70a4e1955c9c129e45ddd942038a48370e0804c

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 15:09:03 GMT
Last-Modified: Mon, 03 Jun 2019 18:45:39 GMT
Server: AmazonS3
x-amz-request-id: 84B8BD73C4EDB6C5
ETag: "80e6eb478dda7fea2d1753e08ab7268a"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 29834
x-amz-id-2: 9l6Kfsuu5giXw47d8/RoXy4tagvh0ScNHiJlJPn4v+M9A5UflWQaJJVvmQ+kIdfUHarTmdeXwVk=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5427
date: Fri, 17 Apr 2020 13:38:34 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Fri, 17 Apr 2020 15:38:34 GMT

POST
H2 200 1a Show response
i.clean.gg/ 0
107 B 101ms
101ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
x-api-key: cvYGNal5xGaRZYDiS2z80aL3JULuLgSOakuDmdmt
Content-Type: application/json

Response headers

date: Fri, 17 Apr 2020 15:09:01 GMT
via: 1.1 google
server: nginx/1.17.4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,x-api-key
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: clear
content-length: 0

GET
H2 200 958153f1b8b96ec4c4eb2147429105d9.json Show response
dw7nrwnn2bkh1.cloudfront.net/ 6 KB
7 KB 7ms
6ms XHR
application/json 2600:9000:21f3:3e00:6:266a:9940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:3e00:6:266a:9940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e713c9c395d61560a1c6ab6ad9e1d71247bd9867f8b0fd66c59613b7e8e27785

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
x-api-key: cvYGNal5xGaRZYDiS2z80aL3JULuLgSOakuDmdmt
Content-Type: application/json

Response headers

date: Fri, 17 Apr 2020 01:28:49 GMT
via: 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 49213
x-cache: Hit from cloudfront
status: 200
content-length: 6252
last-modified: Fri, 17 Apr 2020 00:06:47 GMT
server: AmazonS3
etag: "b6e34493cf51e8c6e6c7f67e4604f4e3"
access-control-max-age: 600
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: npxwGGotq9MiEFeMTvHOMZfFDJj7xmQUdBD-4pQMtRlh__PZXjsP1w==

GET
H/1.1 200
OK icon%20-%20suitcase.png
s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-11/ 1 KB
2 KB 235ms
115ms Image
image/png 52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-11/icon%20-%20suitcase.png
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 62a6c980b8be129cceb54b1c6e63cbf6be73035a0580640635096fb0df2d51ec

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 15:09:03 GMT
Last-Modified: Mon, 03 Jun 2019 18:45:42 GMT
Server: AmazonS3
x-amz-request-id: EF5455265A1D745F
ETag: "10fafcb681743db4bdf20e94bd570fe6"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1339
x-amz-id-2: j6vthZoVDAYHLVrVjHpe9uaHZssjsgomgZU2rLW17QYjuRR4ouiMW/eIBzItX8/c2UHDVwZyuIA=

GET
H2 200 plap-icon-how.png
www.powerball.com/themes/rapid/images/home/ 9 KB
9 KB 107ms
103ms Image
image/png 54.87.126.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/themes/rapid/images/home/plap-icon-how.png

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.126.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-126-121.compute-1.amazonaws.com

Software

Apache /

Resource Hash

51f45c89e5baf365e97a33c12bcd2a8bd365f5e156a519eb3c6db4a270ef0d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 19:45:46 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 9192
expires: Fri, 01 May 2020 15:09:02 GMT

GET
H2 200 plap-icon-where.png
www.powerball.com/themes/rapid/images/home/ 2 KB
2 KB 108ms
104ms Image
image/png 54.87.126.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/themes/rapid/images/home/plap-icon-where.png

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.126.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-126-121.compute-1.amazonaws.com

Software

Apache /

Resource Hash

946a4a92ed1abe0bc69dabb3125912b3214b7545ef0b69abb8d531047dd326ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 19:45:46 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1976
expires: Fri, 01 May 2020 15:09:02 GMT

GET
H2 200 plap-icon-powerplay.png
www.powerball.com/themes/rapid/images/home/ 3 KB
4 KB 110ms
106ms Image
image/png 54.87.126.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/themes/rapid/images/home/plap-icon-powerplay.png

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.126.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-126-121.compute-1.amazonaws.com

Software

Apache /

Resource Hash

ffd2b669b1e9644f9c9173f577c545125cd4424a599f3c6068f57299cc2f5368

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 19:45:46 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 3385
expires: Fri, 01 May 2020 15:09:02 GMT

GET
H2 200 plap-icon-multidraw.png
www.powerball.com/themes/rapid/images/home/ 5 KB
5 KB 112ms
108ms Image
image/png 54.87.126.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/themes/rapid/images/home/plap-icon-multidraw.png

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.126.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-126-121.compute-1.amazonaws.com

Software

Apache /

Resource Hash

bd4c78cb4cd5c2c87a907794076f7a7f7392f9df50958389afbec8c40eb5da8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 19:45:46 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 4817
expires: Fri, 01 May 2020 15:09:02 GMT

GET
H2 200 monument-smithsonian-1.png
www.powerball.com/themes/rapid/images/home/how-tall/ 273 B
479 B 111ms
107ms Image
image/png 54.87.126.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/themes/rapid/images/home/how-tall/monument-smithsonian-1.png

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.126.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-126-121.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b9b9103c60ef2c61de42660d6cd67a82d9816426f2b0f0c0a8fa3a1deae3538c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 19:45:46 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 273
expires: Fri, 01 May 2020 15:09:02 GMT

GET
H2 200 monument-liberty2.png
www.powerball.com/themes/rapid/images/home/how-tall/ 927 B
1 KB 111ms
107ms Image
image/png 54.87.126.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/themes/rapid/images/home/how-tall/monument-liberty2.png

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.126.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-126-121.compute-1.amazonaws.com

Software

Apache /

Resource Hash

2ae2901f146e2e0eb83648fdfc19c78aca16e1674313e164bc93c3739bba5d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 19:45:46 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 927
expires: Fri, 01 May 2020 15:09:02 GMT

GET
H2 200 monument-pyramid-3.png
www.powerball.com/themes/rapid/images/home/how-tall/ 2 KB
3 KB 114ms
110ms Image
image/png 54.87.126.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/themes/rapid/images/home/how-tall/monument-pyramid-3.png

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.126.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-126-121.compute-1.amazonaws.com

Software

Apache /

Resource Hash

52fe2f0394335dab93ffb9cac2bea65d4460b5d24cbc3861e62392194b11bfff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 19:45:46 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 2432
expires: Fri, 01 May 2020 15:09:02 GMT

GET
H2 200 monument-bloomberg4.png
www.powerball.com/themes/rapid/images/home/how-tall/ 326 B
532 B 112ms
109ms Image
image/png 54.87.126.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/themes/rapid/images/home/how-tall/monument-bloomberg4.png

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.126.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-126-121.compute-1.amazonaws.com

Software

Apache /

Resource Hash

d67eaa6e32c34eea44a3f90b36561f63181ed3d0407665e4e7dc48d54e5b266d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 19:45:46 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 326
expires: Fri, 01 May 2020 15:09:02 GMT

GET
H2 200 monument-eiffel-5.png
www.powerball.com/themes/rapid/images/home/how-tall/ 2 KB
3 KB 113ms
109ms Image
image/png 54.87.126.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/themes/rapid/images/home/how-tall/monument-eiffel-5.png

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.126.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-126-121.compute-1.amazonaws.com

Software

Apache /

Resource Hash

becfbf498f3cc9647d8fc8a70816cb1f3f73803a9fa293735cb9059c77854409

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 19:45:46 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 2378
expires: Fri, 01 May 2020 15:09:02 GMT

GET
H2 200 monument-tradecenter-6.png
www.powerball.com/themes/rapid/images/home/how-tall/ 806 B
1012 B 114ms
111ms Image
image/png 54.87.126.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/themes/rapid/images/home/how-tall/monument-tradecenter-6.png

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.126.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-126-121.compute-1.amazonaws.com

Software

Apache /

Resource Hash

a2ef194ebea955025ec930aaa5c9adfb4bb5169751962ef42720c95982827d76

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 19:45:46 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 806
expires: Fri, 01 May 2020 15:09:02 GMT

GET
H2 200 monument-burj-7.png
www.powerball.com/themes/rapid/images/home/how-tall/ 2 KB
2 KB 195ms
192ms Image
image/png 54.87.126.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/themes/rapid/images/home/how-tall/monument-burj-7.png

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.126.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-126-121.compute-1.amazonaws.com

Software

Apache /

Resource Hash

47a3d1d29044a5086d50d45f66600b612cdd16df4893eaf01571c8d2d714f42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 19:45:46 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1545
expires: Fri, 01 May 2020 15:09:02 GMT

GET
H2 200 monument-sears-8.png
www.powerball.com/themes/rapid/images/home/how-tall/ 619 B
825 B 195ms
193ms Image
image/png 54.87.126.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/themes/rapid/images/home/how-tall/monument-sears-8.png

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.126.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-126-121.compute-1.amazonaws.com

Software

Apache /

Resource Hash

06ef905faafedcc71b11e25d395607fb6fef70fdbdaceb87c744255c67624799

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 19:45:46 GMT
server: Apache
content-type: image/png
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 619
expires: Fri, 01 May 2020 15:09:02 GMT

GET
H/1.1 200
OK odds.png
s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/ 20 KB
20 KB 345ms
112ms Image
image/png 52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/odds.png
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ff5e5f296b0ef16c2c0d6fbc4f47680335eac8b0a452f413e032531e9788238a

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 15:09:03 GMT
Last-Modified: Mon, 03 Jun 2019 18:45:58 GMT
Server: AmazonS3
x-amz-request-id: AEDBC2F59DC46979
ETag: "31e28e1ff8717ae89c4787ce8930a8bc"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 20304
x-amz-id-2: jrNxJiXcqnVorCZPAuByZ1r7cdUClBiEN52Tm/lMRLzokg1GfLcytk0yvSWY1G8hfPPUkqnYQOU=

GET
H/1.1 200
OK payments.png
s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/ 20 KB
20 KB 425ms
112ms Image
image/png 52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/payments.png
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1b1d51840695cebf90274b527443cd64945cd9dfc5d2b785b0a772996ec588fc

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 15:09:03 GMT
Last-Modified: Mon, 03 Jun 2019 18:45:58 GMT
Server: AmazonS3
x-amz-request-id: 603B9A376C832425
ETag: "7f93eb9bb1be1c208734e209e3ed1f8d"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 20330
x-amz-id-2: G9+BNAmafBVOn0U69OcudBesJ072kwt/mw5fpP9bjmEQCnaBxL+mileEjACQc2h/oRLiBxQ/bhs=

GET
H/1.1

200
OK

js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js Show response
s3.amazonaws.com/cdn.powerball.com/drupal/files/js/
Redirect Chain

https://www.powerball.com/s3fs-js/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js

472 KB
472 KB

116ms
115ms

Script
application/javascript

52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3f1ff7d31ce12c7c2750f80726b70e80052dfa843702a5ec1071343bf02adea0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 15:09:02 GMT
Last-Modified: Tue, 17 Mar 2020 17:52:00 GMT
Server: AmazonS3
x-amz-request-id: 81BA22D48545AB74
ETag: "3a26b126127df1c6adc4c291d6931b15"
Content-Type: application/javascript
Cache-Control: public, max-age=2419200
Accept-Ranges: bytes
Content-Length: 483158
x-amz-id-2: MOtfm5hVpaGjKdYumCOy95YgQ29x2WuQZXSc9Y1GFyz7+BsiznCqPio5i9x6sWhbeHeWHcZJlDE=

Redirect headers

date: Fri, 17 Apr 2020 15:09:01 GMT
x-content-type-options: nosniff
server: Apache
status: 302
content-type: text/html; charset=iso-8859-1
location: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js
cache-control: max-age=1209600
content-length: 292
expires: Fri, 01 May 2020 15:09:01 GMT

GET
H/1.1 200
OK header-rep.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 4 KB
4 KB 542ms
235ms Image
image/jpeg 52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/header-rep.jpg
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cd9c139673051af705b80d8eb599aa53d534b8d51674f0f8d4dea65a449e51e2

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q874w4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 15:09:03 GMT
Last-Modified: Mon, 03 Jun 2019 18:42:36 GMT
Server: AmazonS3
x-amz-request-id: 373853DA86ECA57D
ETag: "0e973dffc15bf2796e8b24b0a1dead33"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 3922
x-amz-id-2: 3CXESTT6uA7dImEepjNQ2NMe44fKnx+HBmuqWn7Ct4RMBqjqXRkFCVUTRhdhAYPOcBAT1RznHic=

GET
H/1.1 200
OK draw-summary-hero-bg.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 166 KB
166 KB 428ms
122ms Image
image/png 52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/draw-summary-hero-bg.png
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a2b3fc2929f834a2a22450475944ed1146a14f8e159f8b138dfc70334c0c49c8

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q874w4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 15:09:03 GMT
Last-Modified: Mon, 03 Jun 2019 18:42:36 GMT
Server: AmazonS3
x-amz-request-id: A479D65598FA558C
ETag: "8c85d8a92fa58059342e8f2ef6b0ab7b"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 170075
x-amz-id-2: m3vcm5VIn7A+8w1//cU7fW0OXjhjx2VjAIheCB2zH7Gvzegr4ccAZgNluwZQmxAn20vB8yDXjkA=

GET
H/1.1 200
OK chapter-sections-digits.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 134 KB
135 KB 123ms
121ms Image
image/png 52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/chapter-sections-digits.png
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 03bdd68a1e549bf59bc419d1842bec52628885efc75ed8a58a7d1f7671d6c4d7

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q874w4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 15:09:03 GMT
Last-Modified: Mon, 03 Jun 2019 18:42:35 GMT
Server: AmazonS3
x-amz-request-id: 6453F7B4750839A2
ETag: "463652a321bd08768e5436662ab77a65"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 137704
x-amz-id-2: Xa/YUYQ7ifv5L6HDC6dRZB5KWUMGxcn2xU+6rDiLegCFnrD8g1H4sKcxclkeyU7KNhED1jJKM/8=

GET
H/1.1 200
OK chapter-icon-digits.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 5 KB
5 KB 120ms
118ms Image
image/png 52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/chapter-icon-digits.png
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 325cee8a45b452b68fe28fb92173f63a7f19967dbe3bf794bf4e3211772150c9

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q874w4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 15:09:03 GMT
Last-Modified: Mon, 03 Jun 2019 18:42:34 GMT
Server: AmazonS3
x-amz-request-id: D4A911A2D64C6ECA
ETag: "941ef7347e719b3dd272745a601be5ca"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4711
x-amz-id-2: P1PzPqQkKq3ih0IFFLoFwcfsDffblhi6B1oXofAsuN5NVEbpUrRn+feUf8scE1TajD3nmfJy0d8=

GET
H/1.1 200
OK selected-tab.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 358 B
714 B 122ms
121ms Image
image/png 52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/selected-tab.png
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 60d9368fc1deb5a275b3786195a53ef1272fc24b05a313aa52b1bfcc0a0356a3

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q874w4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 15:09:03 GMT
Last-Modified: Mon, 03 Jun 2019 18:42:37 GMT
Server: AmazonS3
x-amz-request-id: 5CB63662E78F2DD7
ETag: "a534365977f2b2e499d219861587f18f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 358
x-amz-id-2: woAYglEFjjZrlvsmdXkAS15UcFdPc9OuKqGzoFlpvQjOAMwD+H5pHtggmRECoKeMtYFCA73+DMc=

GET
H/1.1 200
OK ball-powerball-red.svg
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/home/ 2 KB
2 KB 122ms
121ms Image
image/svg+xml 52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/home/ball-powerball-red.svg
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9b0e415f742585b82139fb7076506657dde225088247e2ac0fba6f88a3d19588

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q874w4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 15:09:03 GMT
Last-Modified: Mon, 03 Jun 2019 18:42:32 GMT
Server: AmazonS3
x-amz-request-id: AA7FE2169643B561
ETag: "b51736b050323703cfdd1b2dea37359b"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1539
x-amz-id-2: BKp3Sfj3FhQoYg7y/WYm2yVgoul8Z8hyGNeFKjxVpTyLxLezVa14bvU5rQ5/9pPzUE2XTCo5Akw=

GET
H/1.1 200
OK chapter-sections-plap.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 127 KB
128 KB 120ms
119ms Image
image/png 52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/chapter-sections-plap.png
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d134107061dcfaad34af3db635f5ca3b3e368bdeeada543ac4b2b6e183c6ecb8

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q874w4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 15:09:03 GMT
Last-Modified: Mon, 03 Jun 2019 18:42:35 GMT
Server: AmazonS3
x-amz-request-id: BEB8AB3870AD185B
ETag: "919037d9f382c51cc1f7a8315a0fba30"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 130339
x-amz-id-2: PjINL6anpNeoAyPPrtvtw+g0e53WKBj1GDNl1L7KnHkxdbsktQpD4NAz/5IHFSYB37GEcI9zva8=

GET
H/1.1 200
OK chapter-icon-plap.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 3 KB
3 KB 114ms
112ms Image
image/png 52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/chapter-icon-plap.png
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b5abf5b778d2b365d80d73fe19360dc9d79b037de4533335716e3a10cb02a19e

Request headers

Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q874w4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 15:09:03 GMT
Last-Modified: Mon, 03 Jun 2019 18:42:34 GMT
Server: AmazonS3
x-amz-request-id: 392D09E3DF06EC0B
ETag: "dbf5cfdb8c71d88c4763528d7d7746d8"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2674
x-amz-id-2: SurW9ceDeV9iZgyAtZYqpvEWtu6mBTHX1SY0yRwHSp2ufP2RfuiWFULrlh+mNqGlzDNjFsGnDnQ=

GET
H/1.1 200
OK how-tall-desktop_0.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/ 10 KB
10 KB 115ms
114ms Image
image/jpeg 52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/how-tall-desktop_0.jpg
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 77e253f505244807bb3b20519289552308191f98fee3bf62a5ed216ef0027bbf

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 15:09:03 GMT
Last-Modified: Mon, 03 Jun 2019 18:45:54 GMT
Server: AmazonS3
x-amz-request-id: D042B0480CF3BCEE
ETag: "d94fd880ae887e896b75c3a3992f6572"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 9768
x-amz-id-2: G+CCrD8gmHxeuO1ZnJAp+dvZNHk9GnjK28rS/N2jawajS70VZ1nTHuUJhhGSrifummQoIKKLnnU=

GET
H/1.1 200
OK ProximaNova-Regular.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Regular/ 39 KB
40 KB 439ms
130ms Font
application/font-woff 52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Regular/ProximaNova-Regular.woff
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5d1765ca16cb96e4294a5c96b2084b580e200a2743b1ff7805d18bd8348825e9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q874w4
Origin: https://www.powerball.com

Response headers

Date: Fri, 17 Apr 2020 15:09:03 GMT
Last-Modified: Tue, 04 Jun 2019 03:53:18 GMT
Server: AmazonS3
x-amz-request-id: 9CE70F3F71B47ED6
ETag: "78adc015dc4ffc4db6e237fefddcf605"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://www.powerball.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 40260
x-amz-id-2: C5JMywa5Zn7Z/CRhNsl8z66N/yTbVb+rZ63R78NLN3irUo3wqFEarXZy+tP5WZooOkt0ZblGQvs=

GET
H2 200 ionicons.ttf
code.ionicframework.com/ionicons/2.0.1/fonts/ 184 KB
102 KB 54ms
37ms Font
font/ttf 2606:4700:20::681a:6ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.ionicframework.com/ionicons/2.0.1/fonts/ionicons.ttf?v=2.0.1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Origin: https://www.powerball.com

Response headers

x-fastly-request-id: 98433ae88d38aaa4132756c5ae8e46babbe72be7
date: Fri, 17 Apr 2020 15:09:02 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 43252
x-cache: HIT
status: 200
x-cache-hits: 1
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 022a48b2b9000097ae668f3200000001
x-served-by: cache-fra19178-FRA
last-modified: Mon, 04 Feb 2019 22:08:34 GMT
server: cloudflare
x-github-request-id: C290:72A9:1E0C0:26C13:5E853156
x-timer: S1587092890.282532,VS0,VE1
etag: W/"5c58b7e2-2e05c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 585710978b8f97ae-FRA
x-proxy-cache: REVALIDATED
expires: Wed, 01 Apr 2020 21:15:28 GMT

GET
H/1.1 200
OK ProximaNova-Bold.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Bold/ 40 KB
40 KB 465ms
153ms Font
application/font-woff 52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Bold/ProximaNova-Bold.woff
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 37cc0451eec571b22864bfac29a3766ccebe2d1e48ac4a552a8e9b8e6f9be02f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q874w4
Origin: https://www.powerball.com

Response headers

Date: Fri, 17 Apr 2020 15:09:03 GMT
Last-Modified: Tue, 04 Jun 2019 03:53:14 GMT
Server: AmazonS3
x-amz-request-id: A6DBE0F85143CD79
ETag: "e05ada7ee5a2d1e5a50c5305ce23de68"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://www.powerball.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 40836
x-amz-id-2: aveLdL0IW6Pr2LqRcYoykwZVgLpEhlPKHjZdVZESWCY0BfGmXzKdmNScOrf80gBKF4nQkHFjIzY=

GET
H/1.1 200
OK ProximaNova-Semibold.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Semibold/ 39 KB
40 KB 437ms
126ms Font
application/font-woff 52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Semibold/ProximaNova-Semibold.woff
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 16bc74e3ebb6ef6cc2c56565701502e39ea269aa665dd74da5742d371f3b2939

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q874w4
Origin: https://www.powerball.com

Response headers

Date: Fri, 17 Apr 2020 15:09:03 GMT
Last-Modified: Tue, 04 Jun 2019 03:53:19 GMT
Server: AmazonS3
x-amz-request-id: 1AE16B835E17F4C5
ETag: "cc1a6c632152a90dfa994a7280496cb3"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://www.powerball.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 40304
x-amz-id-2: LypbcYA4HfGxCDf6BlIssXUO7RQdBJPO6Fq1fpFQ86w0GNIyj9izNKOkHis0TTDA3DS7Mvn+0IM=

GET
H/1.1 200
OK ProximaNova-Extrabld.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Extrabld/ 40 KB
40 KB 440ms
128ms Font
application/font-woff 52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Extrabld/ProximaNova-Extrabld.woff
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6bac28b40c710514ce42fda86320277f18b0c22a4ddb3091748cfe6493359a78

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q874w4
Origin: https://www.powerball.com

Response headers

Date: Fri, 17 Apr 2020 15:09:03 GMT
Last-Modified: Tue, 04 Jun 2019 03:53:15 GMT
Server: AmazonS3
x-amz-request-id: EF02BB2C36F35FD5
ETag: "dbce0260a4c434e83703edda344b0329"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://www.powerball.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 40852
x-amz-id-2: QNMmk5YuOE6pppZg4IJhf7FnB7Iaqmt9JjpKDjJ8NbUzB1EcfSDmW4dQldNInFO177hATNrWrZ8=

GET
H/1.1 200
OK ProximaNova-Light.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Light/ 39 KB
40 KB 435ms
122ms Font
application/font-woff 52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Light/ProximaNova-Light.woff
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 91822d970ea4cb3dbae6039431aaebfd36c46997c43a53a507518eed6dc230b2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q874w4
Origin: https://www.powerball.com

Response headers

Date: Fri, 17 Apr 2020 15:09:03 GMT
Last-Modified: Tue, 04 Jun 2019 03:53:17 GMT
Server: AmazonS3
x-amz-request-id: 9F7C614B9E024B18
ETag: "0b903f87bae9c87f54243c90469294ee"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://www.powerball.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 40260
x-amz-id-2: 7RDMkt7zu8mm8Tr6TVAlLV/iqepLPev7KGxCk8EVc7as8et0z7eDw+EpvVRWoZ7dHgD/NQpRlWc=

GET
H/1.1 200
OK ProximaNova-RegularIt.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-RegularIt/ 39 KB
40 KB 433ms
119ms Font
application/font-woff 52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-RegularIt/ProximaNova-RegularIt.woff
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 59ff4e9457a98e72723231e1ad962b8c2a77c67f6c025dc6464843931d061c0f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_ZXKlydMOtvjSQkvmmuP49LiBbLRvvb_j-w-UhjyK2SI.css?q874w4
Origin: https://www.powerball.com

Response headers

Date: Fri, 17 Apr 2020 15:09:03 GMT
Last-Modified: Tue, 04 Jun 2019 03:53:19 GMT
Server: AmazonS3
x-amz-request-id: 5449C62FB3E001D9
ETag: "24d85649dddd19938b718e8d57ddb2bf"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff
Access-Control-Allow-Origin: https://www.powerball.com
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 40116
x-amz-id-2: BSseXCDw5p4MBFczOFlY61yn13Cvy/qGWRlXitF5uv7BgBBp+dyV4+5KVsNewcoxvfczlJoqkCc=

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=10900298&t=pageview&_s=1&dl=https%3A%2F%2Fwww.powerball.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Powerball&sd=24-bit&sr=1600x1200&vp=15...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29233419-1&cid=1714887466.1587136142&jid=1508309290&_gid=1113768863.1587136142&gjid=542641394&_v=j81&z=1893287360

35 B
102 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29233419-1&cid=1714887466.1587136142&jid=1508309290&_gid=1113768863.1587136142&gjid=542641394&_v=j81&z=1893287360

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 17 Apr 2020 15:09:02 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:02 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29233419-1&cid=1714887466.1587136142&jid=1508309290&_gid=1113768863.1587136142&gjid=542641394&_v=j81&z=1893287360
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 419
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
147 B 72ms
22ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=88&profileId=206&cb=79171668697
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Fri, 17 Apr 2020 15:09:02 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.powerball.com
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 15ms
15ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 12 Apr 2021 15:09:02 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 16ms
15ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 12 Apr 2021 15:09:02 GMT

GET
H2 200 recent Show response
www.powerball.com/api/v1/numbers/powerball/ 301 B
559 B 124ms
124ms XHR
application/json 54.87.126.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powerball.com/api/v1/numbers/powerball/recent?_format=json

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.126.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-126-121.compute-1.amazonaws.com

Software

Apache /

Resource Hash

0deb441d23abe9d2318838b90204bd333ad5f5b8a2b0983f33689f62569bca93

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.powerball.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
status: 200
x-drupal-dynamic-cache: MISS
content-length: 145
x-ua-compatible: IE=edge
last-modified: Fri, 17 Apr 2020 02:39:07 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1587091147"
vary: Cookie,Accept-Encoding
content-language: en
x-generator: Drupal 8 (https://www.drupal.org)
cache-control: max-age=86400, public
content-type: application/json
x-drupal-cache: HIT
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 powerball Show response
www.powerball.com/api/v1/estimates/ 160 B
552 B 122ms
121ms XHR
application/json 54.87.126.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powerball.com/api/v1/estimates/powerball?_format=json

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.126.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-126-121.compute-1.amazonaws.com

Software

Apache /

Resource Hash

a24afc0f61d08f8171459d9ca3a5a735ef11fbf0c4b1e817d44cdb58f7837336

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.powerball.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
status: 200
x-drupal-dynamic-cache: MISS
content-length: 138
x-ua-compatible: IE=edge
last-modified: Fri, 17 Apr 2020 02:39:07 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1587091147"
vary: Cookie,Accept-Encoding
content-language: en
x-generator: Drupal 8 (https://www.drupal.org)
cache-control: max-age=86400, public
content-type: application/json
x-drupal-cache: HIT
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 recent10 Show response
www.powerball.com/api/v1/numbers/powerball/ 1001 B
663 B 125ms
124ms XHR
application/json 54.87.126.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powerball.com/api/v1/numbers/powerball/recent10?_format=json

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.126.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-126-121.compute-1.amazonaws.com

Software

Apache /

Resource Hash

62e689a409cf95da6685bd4f3f001e5c45749904e66475af5540fda2b3c73d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.powerball.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
status: 200
x-drupal-dynamic-cache: MISS
content-length: 249
x-ua-compatible: IE=edge
last-modified: Fri, 17 Apr 2020 02:39:07 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1587091147"
vary: Cookie,Accept-Encoding
content-language: en
x-generator: Drupal 8 (https://www.drupal.org)
cache-control: max-age=86400, public
content-type: application/json
x-drupal-cache: HIT
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H/1.1 200
OK hero-home-d-v2.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2018-02/ 141 KB
141 KB 244ms
244ms Image
image/jpeg 52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2018-02/hero-home-d-v2.jpg
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4266325a01fe2566fd77a4c1c061f8f05b73b07e498ebca7597942c9bd1d4fa0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 15:09:03 GMT
Last-Modified: Mon, 03 Jun 2019 18:47:14 GMT
Server: AmazonS3
x-amz-request-id: 91F57A74B1B84EB0
ETag: "9564c99c2a65359a431fdf65e45d4cb8"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 144068
x-amz-id-2: ppCOOpZ9TY7O4Pjab4LkETyeQGP+vLQNiGj64wu9EkpwSYUmZOe3tMpfAQZBZlg7Nf86X9DQ59A=

GET
H2 200 /
www.powerball.com/ 64 KB
64 KB 125ms
125ms Image
text/html 54.87.126.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.powerball.com/

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.126.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-126-121.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
status: 200
x-drupal-dynamic-cache: MISS
vary: Cookie,Accept-Encoding
x-ua-compatible: IE=edge
last-modified: Thu, 16 Apr 2020 20:29:03 GMT
server: Apache
etag: "1587068943"
x-frame-options: SAMEORIGIN
content-language: en
x-generator: Drupal 8 (https://www.drupal.org)
cache-control: max-age=86400, public
content-type: text/html; charset=UTF-8
link: <http://www.powerball.com/>; rel="shortlink", <http://www.powerball.com/>; rel="canonical", <http://www.powerball.com/games/home>; rel="alternate"; hreflang="en", <http://www.powerball.com/es/games/home>; rel="alternate"; hreflang="es", </games/home>; rel="revision", </node?node=1>; rel="create"
x-drupal-cache: HIT
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H/1.1 200
OK hero-home-d_0.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2018-01/ 264 KB
264 KB 116ms
115ms Image
image/jpeg 52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2018-01/hero-home-d_0.jpg
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6b3422c0bf088fb098d4cf5a1e63791c8eecdcb4d3ab1dc0c36f19a30b171e36

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 15:09:03 GMT
Last-Modified: Mon, 03 Jun 2019 18:46:29 GMT
Server: AmazonS3
x-amz-request-id: AD5F4D6644DA79A6
ETag: "7f3021434efe42ed5c9720ca66cbfdc0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 270033
x-amz-id-2: goBsMFDrCgj3vGKBgmtS0/0Z/KJ7LcrKJwyudE+nCBafk1j/PMokDwfdG4Mes4jLDNT2TBQ4w90=

GET
H/1.1 200
OK divider-img-home-9ways.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2018-01/ 486 KB
486 KB 112ms
112ms Image
image/jpeg 52.216.238.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2018-01/divider-img-home-9ways.jpg
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b758f60ab7ad38a56bdff71e6464b146312ea575f56ab7f6b05ed7f157f5bc48

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 15:09:03 GMT
Last-Modified: Mon, 03 Jun 2019 18:46:23 GMT
Server: AmazonS3
x-amz-request-id: 35D7EFBBE10D07F1
ETag: "02dfd34fecf8640a24d1123ca8a81313"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 497334
x-amz-id-2: ygsJYbclZo4UWaQQ51R1vfcSmiuBfZ1ugMcvXsAmJiEtMmDn5Uhx6bhnlPTFDc4DsDOV9z+l01w=

GET
H2 200 powerball Show response
www.powerball.com/api/v1/estimates/ 160 B
552 B 123ms
123ms XHR
application/json 54.87.126.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.powerball.com/api/v1/estimates/powerball?_format=json

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.126.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-126-121.compute-1.amazonaws.com

Software

Apache /

Resource Hash

a24afc0f61d08f8171459d9ca3a5a735ef11fbf0c4b1e817d44cdb58f7837336

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.powerball.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
status: 200
x-drupal-dynamic-cache: MISS
content-length: 138
x-ua-compatible: IE=edge
last-modified: Fri, 17 Apr 2020 02:39:07 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1587091147"
vary: Cookie,Accept-Encoding
content-language: en
x-generator: Drupal 8 (https://www.drupal.org)
cache-control: max-age=86400, public
content-type: application/json
x-drupal-cache: HIT
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 gweiniV1_6_1.min.js Show response
fs.gweini.com/ 15 KB
16 KB 88ms
22ms Script
application/javascript 13.224.194.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.gweini.com/gweiniV1_6_1.min.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.194.99 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-99.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c60536e1387fd63f18755c87e9028bc138c1cb11fc77a64a159777aae49a12b5

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 06:17:05 GMT
via: 1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jan 2020 19:47:21 GMT
server: AmazonS3
age: 31918
etag: "e7bb56484553f1223fea5d70ca7104f4"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 15682
x-amz-cf-id: YuvAcCpOmYEJznpQsqw-jRZKDZEz3FNEtgLIyShq4tKEn-S_AQqKRg==

GET
H2 200 jstag Show response
lanista-bidder-d.openx.net/w/1.0/ Frame DB32 167 KB
57 KB 94ms
40ms Script
text/javascript 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash: 32af50ae4f601d5c57dad4ab9074440aaca36e42b00ed43f5ee23b2ccde38436

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
content-encoding: gzip
server: OXGW/16.183.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 58134
via: 1.1 google
expires: Fri, 17 Apr 2020 16:09:02 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame DB32 277 KB
277 KB 114ms
20ms Script
application/javascript 13.224.186.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.186.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-107.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 06:23:12 GMT
Via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 31551
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: Zmr0z-DumuRax4ThcOVHAOTSGL6htY9Rf_ZhdYItCitEJVu_P_1JRQ==

GET
H2 200 jstag Show response
lanista-bidder-d.openx.net/w/1.0/ Frame DC25 167 KB
57 KB 83ms
66ms Script
text/javascript 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash: 0667b1b862f025d909a0300a29c929f610d6a3c8d5571e823de15b49cf55918a

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
content-encoding: gzip
server: OXGW/16.183.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 58130
via: 1.1 google
expires: Fri, 17 Apr 2020 16:09:02 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame DC25 277 KB
277 KB 95ms
31ms Script
application/javascript 13.224.186.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.186.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-107.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 06:23:12 GMT
Via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 31551
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: UuOi4T0VAugPZ2NhHKHQdSbBan-e0PmFf6sc5CimIQVBxQgUDhfN5g==

GET
H2 200 jstag Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 0D18 167 KB
57 KB 72ms
71ms Script
text/javascript 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash: a8a47578ef37048e38dc641b0dae27ef14cf59744c98cd95c93baba71de272b0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
content-encoding: gzip
server: OXGW/16.183.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 58134
via: 1.1 google
expires: Fri, 17 Apr 2020 16:09:02 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 0D18 277 KB
277 KB 93ms
20ms Script
application/javascript 13.224.186.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.186.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-107.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 06:23:12 GMT
Via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 31551
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: LqjfT5KP-w4IfvewPWaIHo5WBny3u2FPVpu1ifncD8kP-ZXe_oTfCg==

GET
H2 200 jstag Show response
lanista-bidder-d.openx.net/w/1.0/ Frame C0C0 167 KB
57 KB 64ms
63ms Script
text/javascript 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash: a723be196fc269545e2aa4ed8cc2e19d246170e36f58dee42b57215c0d541a8a

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
content-encoding: gzip
server: OXGW/16.183.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 58135
via: 1.1 google
expires: Fri, 17 Apr 2020 16:09:02 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame C0C0 277 KB
277 KB 66ms
22ms Script
application/javascript 13.224.186.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.186.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-107.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 06:23:12 GMT
Via: 1.1 7eb0b6b84b224c3eff8520d4bc275e4c.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 31551
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: JO5FGDmMHffqI9_K-fKtlLW5rcGihgKvVZlCfRWfTxqO9rmrr4K2Iw==

GET
H2 200 jstag Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 893A 167 KB
57 KB 40ms
39ms Script
text/javascript 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash: 28ad86ec6078f4c1a45d2eeea28bc10ef5b948823da7bcd7608bb5bc21faa3c3

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
content-encoding: gzip
server: OXGW/16.183.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 58132
via: 1.1 google
expires: Fri, 17 Apr 2020 16:09:02 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 893A 277 KB
277 KB 56ms
21ms Script
application/javascript 13.224.186.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.186.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-107.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 06:23:12 GMT
Via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 31551
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: __albYaZVULbiY67kBhSF6Z5OH5gFz2wDymJjeCQJXfudhO95vHwwQ==

GET
H2 200 jstag Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 329B 167 KB
57 KB 50ms
40ms Script
text/javascript 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash: ab793043cb972f4dd3fbfa9053138a3b8e68ac67e861bcf2b9c8759bb98e6349

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:02 GMT
content-encoding: gzip
server: OXGW/16.183.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 58129
via: 1.1 google
expires: Fri, 17 Apr 2020 16:09:02 GMT

GET
H/1.1 200
OK prebid2.27.0.js Show response
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 329B 277 KB
277 KB 29ms
21ms Script
application/javascript 13.224.186.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.186.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-107.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 17 Apr 2020 06:23:12 GMT
Via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Jan 2020 21:18:36 GMT
Server: AmazonS3
Age: 31551
ETag: "e68bd028eaaff6c766a2630c72373b02"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 283302
X-Amz-Cf-Id: SZ4jYhiXoi6TwXMmVWGHJEFbN9H7zHtYa--WCthfO-D18RxUUp9m-A==

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
322 B 514ms
105ms Image
image/png 3.94.236.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=970x250&SiteID=APST09010385POWB9701&Zone=ATF&g=219
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.94.236.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-94-236-166.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 17 Apr 2020 15:09:03 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
transfer-encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
323 B 517ms
108ms Image
image/png 3.94.236.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=970x250&SiteID=APST09010385POWB9702&Zone=ATF&g=341
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.94.236.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-94-236-166.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 17 Apr 2020 15:09:02 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
transfer-encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
323 B 517ms
107ms Image
image/png 3.94.236.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3001&Zone=ATF&g=594
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.94.236.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-94-236-166.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 17 Apr 2020 15:09:03 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
transfer-encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
323 B 518ms
107ms Image
image/png 3.94.236.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3002&Zone=ATF&g=157
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.94.236.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-94-236-166.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 17 Apr 2020 15:09:02 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
transfer-encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
323 B 521ms
107ms Image
image/png 3.94.236.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3003&Zone=ATF&g=773
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.94.236.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-94-236-166.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 17 Apr 2020 15:09:03 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
transfer-encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK ServeAd
api.lanistaads.com/ 70 B
317 B 503ms
107ms Image
image/png 3.94.236.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3004&Zone=ATF&g=961
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.94.236.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-94-236-166.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 17 Apr 2020 15:09:02 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
transfer-encoding: chunked
Content-Type: image/png

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame DB32 43 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab0dc6c4a4f355cf028114ff40468c515c964cc062789d234a2b7adf85d5ebb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "488 / 681 of 1000 / last-modified: 1587071041"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:03 GMT

POST v1
dmx.districtm.io/b/ Frame DC25 0
0

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame DC25 19 B
281 B 102ms
23ms XHR
application/json 35.156.227.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=2.44.3&referrer=https%3A%2F%2Fwww.powerball.com%2F&tmax=3000

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.227.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-227-32.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:03 GMT
x-auction-status: 12
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame DB32 19 B
281 B 92ms
21ms XHR
application/json 35.156.227.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=2.44.3&referrer=https%3A%2F%2Fwww.powerball.com%2F&tmax=3000

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.227.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-227-32.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:03 GMT
x-auction-status: 12
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST v1
dmx.districtm.io/b/ Frame DB32 0
0

GET
H2

200

acj Show response
lanista-bidder-d.openx.net/w/1.0/ Frame C0C0
Redirect Chain

https://lanista-bidder-d.openx.net/w/1.0/acj?ai=14f5e668-6f72-4cb4-9adf-8627ff80d550&o=2d16366068e5eb&ju=https%3A//www.powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c....
https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=14f5e668-6f72-4cb4-9adf-8627ff80d550&o=2d16366068e5eb&ju=https%3A//www.powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=10...

454 B
484 B

54ms
54ms

XHR
application/json

34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=14f5e668-6f72-4cb4-9adf-8627ff80d550&o=2d16366068e5eb&ju=https%3A//www.powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ifr=1&tws=1600x1200
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash: c58a203c7c9b9677ff60318d0d66bcc4496de6783db3c6957eb4493a2664b068

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
server: OXGW/16.183.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.powerball.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 282
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 17 Apr 2020 15:09:03 GMT
via: 1.1 google
server: OXGW/16.183.0
status: 302
location: https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=14f5e668-6f72-4cb4-9adf-8627ff80d550&o=2d16366068e5eb&ju=https%3A//www.powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ifr=1&tws=1600x1200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.powerball.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame DC25 43 KB
14 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a17d610434c8447f9f2a3cf3d7635e060e18a93aed5c5a64e05d73cd5206b16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "488 / 6 of 1000 / last-modified: 1587070946"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14310
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:03 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 0D18 0
118 B 59ms
21ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 17 Apr 2020 15:09:03 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.powerball.com

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 0D18 238 B
2 KB 138ms
53ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=https%3A%2F%2Fwww.powerball.com%2F&tk_flint=pbjs_lite_v2.44.3&x_source.tid=0c75f1d1-b389-4df6-8546-451594e30537&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5778078468514942
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 258879e40983ed7fd3b3f5e2bf6e48762658266e3e1ce0f6bf0842e37abde7c3

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 17 Apr 2020 15:09:03 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.powerball.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=330
Content-Length: 238
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 0D18 19 B
281 B 24ms
23ms XHR
application/json 35.156.227.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=2.44.3&referrer=https%3A%2F%2Fwww.powerball.com%2F&tmax=3000

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.227.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-227-32.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:03 GMT
x-auction-status: 12
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2

200

ADTECH;apid=1A604b5390-80bd-11ea-909b-125139b028ba;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=13fcb7bec6455eb;misc=1587136143273;bidfloor=0.3 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 0D18
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13fcb7bec6455eb;misc=1587136143273;bidfloor=0.3;
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=13fcb7bec6455eb;misc=1587136143273;bidfloor=0.3
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=13fcb7bec6455eb;misc=1587136143273;bidflo...
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=13fcb7bec6455eb;misc=1587136143273;bidflo...
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A604b5390-80bd-11ea-909b-125139b028ba;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=13fcb7bec6455eb;misc=1587136143273;b...

606 B
930 B

183ms
176ms

XHR
application/json

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A604b5390-80bd-11ea-909b-125139b028ba;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=13fcb7bec6455eb;misc=1587136143273;bidfloor=0.3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 805229b65e273163e8ba5a227376d6f3e02d1470e76e0d6f3c46bb0a3e5c2bfd

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:04 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 606
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:04 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A604b5390-80bd-11ea-909b-125139b028ba;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=13fcb7bec6455eb;misc=1587136143273;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 0D18 24 B
989 B 147ms
87ms XHR
application/json 23.213.15.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=398900&v=7.2&r=%7B%22id%22%3A%2296a4bfd8c2354f%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2210a83b4ae0dbd29%22%2C%22ext%22%3A%7B%22siteID%22%3A%22398900%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.powerball.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.15.82 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-15-82.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e7ce71d068a3ee78a2c1b7059a01ad65457811d8938ead8f26b7ee9015244890

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 17 Apr 2020 15:09:03 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.powerball.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 44
Expires: Fri, 17 Apr 2020 15:09:03 GMT

POST v1
dmx.districtm.io/b/ Frame 0D18 0
0

GET
H2 200 acj Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 893A 453 B
487 B 101ms
100ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/acj?ai=6f818543-d6f2-492b-976f-9776e9a0872b&o=2ace8efabb7ae3&ju=https%3A//www.powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ws=300x250&ifr=1&tws=1600x1200
Requested by: Host: lanista-bidder-d.openx.net
URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash: fce2e621636dc5add7667aa87cd861ea9ad3c7494035fc74a5b209f790ed7e8e

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
server: OXGW/16.183.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.powerball.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 282
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 acj Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 0D18 453 B
574 B 33ms
31ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/acj?ai=f0a92e49-6d40-4421-9bdb-99304809a3db&o=25f03f092e2fec&ju=https%3A//www.powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ifr=1&tws=1600x1200
Requested by: Host: lanista-bidder-d.openx.net
URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash: 13ed0f2dd3b4dbead8efdfb7fd12e558021ed61b92284a23fc0fb1926914d100

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
server: OXGW/16.183.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.powerball.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 281
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 893A 24 B
989 B 95ms
80ms XHR
application/json 23.213.15.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=398900&v=7.2&r=%7B%22id%22%3A%2210013d12118be1%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22264eed650b1d48%22%2C%22ext%22%3A%7B%22siteID%22%3A%22398900%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.powerball.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.15.82 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-15-82.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2b8973ca8134a9207d9d0c448820cfd79d66ba0ac8d1a6425ad6ec1699d39ffc

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 17 Apr 2020 15:09:03 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.powerball.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 44
Expires: Fri, 17 Apr 2020 15:09:03 GMT

POST v1
dmx.districtm.io/b/ Frame 893A 0
0

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 893A 19 B
281 B 25ms
25ms XHR
application/json 35.156.227.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=2.44.3&referrer=https%3A%2F%2Fwww.powerball.com%2F&tmax=3000

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.227.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-227-32.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:03 GMT
x-auction-status: 12
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 893A 0
62 B 22ms
22ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 17 Apr 2020 15:09:03 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.powerball.com

GET
H2

200

ADTECH;apid=1A604b5390-80bd-11ea-909b-125139b028ba;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=133b06d972d2f4d;misc=1587136143410;bidfloor=0.3 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 893A
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=133b06d972d2f4d;misc=1587136143410;bidfloor=0.3;
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1587136142;v=2;cmd=bid;cors=yes;alias=133b06d972d2f4d;misc=1587136143410;bidfloor=0.3
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=133b06d972d2f4d;misc=1587136143410;bidflo...
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1587136144;v=2;cmd=bid;cors=yes;alias=133b06d972d2f4d;misc=1587136143410;bidflo...
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A604b5390-80bd-11ea-909b-125139b028ba;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=133b06d972d2f4d;misc=1587136143410;b...

605 B
929 B

143ms
142ms

XHR
application/json

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A604b5390-80bd-11ea-909b-125139b028ba;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=133b06d972d2f4d;misc=1587136143410;bidfloor=0.3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 83a6dfafb8b570c6e953a44b0e01063219aaeb57b54be6b2e004d72905588f02

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:04 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 605
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:04 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A604b5390-80bd-11ea-909b-125139b028ba;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=133b06d972d2f4d;misc=1587136143410;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 893A 238 B
1 KB 100ms
99ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=https%3A%2F%2Fwww.powerball.com%2F&tk_flint=pbjs_lite_v2.44.3&x_source.tid=8ae17d9d-eb1e-41a0-acdf-cb49ee130971&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.38544343682609616
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 24b709c45e552f0e040b42e812896b0fae2d0680b450e503191fbc76da075535

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 17 Apr 2020 15:09:03 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.powerball.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=393
Content-Length: 238
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST v1
dmx.districtm.io/b/ Frame C0C0 0
0

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame C0C0 24 B
982 B 144ms
110ms XHR
application/json 23.213.15.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=398900&v=7.2&r=%7B%22id%22%3A%22359b068b13fe4e%22%2C%22imp%22%3A%5B%7B%22id%22%3A%224fb0891d66b65d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22398900%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.powerball.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.15.82 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-15-82.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 765633bbc0cb875ba0d7df231b6b90c5f9fbcf38268e1901d776d02395d991f6

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 17 Apr 2020 15:09:03 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.powerball.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 44
Expires: Fri, 17 Apr 2020 15:09:03 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame C0C0 238 B
1 KB 127ms
56ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=https%3A%2F%2Fwww.powerball.com%2F&tk_flint=pbjs_lite_v2.44.3&x_source.tid=27ced418-6a1a-4941-bd93-6e2a5dc626f4&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8849322802216815
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 682e1c3944f2acd146a08bb5ce46251291b4dfed92500006a46acf5f6ba432f0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 17 Apr 2020 15:09:03 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.powerball.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=80
Content-Length: 238
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame C0C0 0
62 B 27ms
27ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 17 Apr 2020 15:09:03 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.powerball.com

GET
H2

200

ADTECH;apid=1A6041b074-80bd-11ea-95a6-12794b40da64;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=13858b5c5313f2d;misc=1587136143424;bidfloor=0.3 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame C0C0
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=13858b5c5313f2d;misc=1587136143424;bidfloor=0.3;
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=13858b5c5313f2d;misc=1587136143424;bidfloor=0.3
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=13858b5c5313f2d;misc=1587136143424;bidflo...
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=13858b5c5313f2d;misc=1587136143424;bidflo...
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A6041b074-80bd-11ea-95a6-12794b40da64;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=13858b5c5313f2d;misc=1587136143424;b...

606 B
981 B

204ms
196ms

XHR
application/json

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A6041b074-80bd-11ea-95a6-12794b40da64;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=13858b5c5313f2d;misc=1587136143424;bidfloor=0.3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: ef2a662560caa0db8776136728583ce0c1d1b6785ca588d4184cf4a2f5bbe139

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:04 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 606
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:04 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A6041b074-80bd-11ea-95a6-12794b40da64;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=13858b5c5313f2d;misc=1587136143424;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame C0C0 19 B
281 B 27ms
26ms XHR
application/json 35.156.227.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=2.44.3&referrer=https%3A%2F%2Fwww.powerball.com%2F&tmax=3000

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.227.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-227-32.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:03 GMT
x-auction-status: 12
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 acj Show response
lanista-bidder-d.openx.net/w/1.0/ Frame 329B 455 B
489 B 284ms
283ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lanista-bidder-d.openx.net/w/1.0/acj?ai=da2bf25a-3c8c-46ca-88ac-9a1f54f5d3dc&o=2c825d63e4f5dd&ju=https%3A//www.powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-120&ws=300x250&ifr=1&tws=1600x1200
Requested by: Host: lanista-bidder-d.openx.net
URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash: 786d8b9b4a813f8b34eb2279ba7cb16a38f47085fbe53d8c92d48c20112ff43f

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
server: OXGW/16.183.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.powerball.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 283
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 4BF2 0
0 76ms
31ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=37a03411-fb12-08c1-3c72-ae693d37c17f|1587136143
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=37a03411-fb12-08c1-3c72-ae693d37c17f|1587136143; Version=1; Expires=Sat, 17-Apr-2021 15:09:03 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1587136143|mOsLgqgikin0fcmWiygu; Version=1; Expires=Sat, 02-May-2020 15:09:03 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.183.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 17 Apr 2020 15:09:03 GMT
content-type: text/html
content-length: 482
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame BE0D 0
0 50ms
31ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=37a03411-fb12-08c1-3c72-ae693d37c17f|1587136143
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=37a03411-fb12-08c1-3c72-ae693d37c17f|1587136143; Version=1; Expires=Sat, 17-Apr-2021 15:09:03 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1587136143|mOsLgqgikin0fcmWiygu; Version=1; Expires=Sat, 02-May-2020 15:09:03 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.183.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 17 Apr 2020 15:09:03 GMT
content-type: text/html
content-length: 482
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 0D18 43 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3668f6bc8dd86f6690ad159eed9c3020cf6af81084e29712995005ecc7176aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "488 / 257 of 1000 / last-modified: 1587070946"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:03 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 329B 238 B
1 KB 97ms
61ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=https%3A%2F%2Fwww.powerball.com%2F&tk_flint=pbjs_lite_v2.44.3&x_source.tid=958326b5-6ea9-4b7f-bc3a-79ab7cdee734&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.28536668042537117
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 951f0742dfc017e17d73e323e26ae0dba4e3f03528ce47bac11a88302d9ac005

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 17 Apr 2020 15:09:03 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.powerball.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=475
Content-Length: 238
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 329B 24 B
753 B 133ms
97ms XHR
application/json 23.213.15.82
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=398900&v=7.2&r=%7B%22id%22%3A%2232618e670521ac%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2241b2d957b9d19a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22398900%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.powerball.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.15.82 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-15-82.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 24c4489c10d338b7d4a1d34931746b78f1cf18f4d57e5f963b3b7458da44c6d5

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 17 Apr 2020 15:09:03 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.powerball.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 44
Expires: Fri, 17 Apr 2020 15:09:03 GMT

GET
H2

200

ADTECH;apid=1A604b5390-80bd-11ea-909b-125139b028ba;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=138742185440eb1;misc=1587136143524;bidfloor=0.3 Show response
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 329B
Redirect Chain

https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=138742185440eb1;misc=1587136143524;bidfloor=0.3;
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=138742185440eb1;misc=1587136143524;bidflo...
https://adserver.adtech.advertising.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;rdhost=adserver.adtechus.com;cfp=2;rndc=1587136144;v=2;cmd=bid;cors=yes;alias=138742185440eb1;misc=1587136143524;bidflo...
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A604b5390-80bd-11ea-909b-125139b028ba;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=138742185440eb1;misc=1587136143524;b...

606 B
930 B

141ms
141ms

XHR
application/json

152.199.21.35
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A604b5390-80bd-11ea-909b-125139b028ba;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=138742185440eb1;misc=1587136143524;bidfloor=0.3
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.35 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: ff9531bd6e48e9975cd7ff3f6054333899de35965398fcc4c1387c32d8c82d4c

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:04 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 606
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:04 GMT
server: nginx
status: 302
location: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;apid=1A604b5390-80bd-11ea-909b-125139b028ba;cfp=1;rndc=1587136143;v=2;cmd=bid;cors=yes;alias=138742185440eb1;misc=1587136143524;bidfloor=0.3
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 329B 0
62 B 55ms
21ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 17 Apr 2020 15:09:03 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.powerball.com

POST v1
dmx.districtm.io/b/ Frame 329B 0
0

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 329B 19 B
281 B 51ms
42ms XHR
application/json 35.156.227.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=2.44.3&referrer=https%3A%2F%2Fwww.powerball.com%2F&tmax=3000

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.227.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-227-32.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:03 GMT
x-auction-status: 12
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 79FB 0
0 34ms
27ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=37a03411-fb12-08c1-3c72-ae693d37c17f|1587136143
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=37a03411-fb12-08c1-3c72-ae693d37c17f|1587136143; Version=1; Expires=Sat, 17-Apr-2021 15:09:03 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1587136143|mOsLgqgikin0fcmWiygu; Version=1; Expires=Sat, 02-May-2020 15:09:03 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.183.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 17 Apr 2020 15:09:03 GMT
content-type: text/html
content-length: 482
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 0F6D 0
0 30ms
29ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=37a03411-fb12-08c1-3c72-ae693d37c17f|1587136143
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=37a03411-fb12-08c1-3c72-ae693d37c17f|1587136143; Version=1; Expires=Sat, 17-Apr-2021 15:09:03 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1587136143|mOsLgqgikin0fcmWiygu; Version=1; Expires=Sat, 02-May-2020 15:09:03 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.183.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 17 Apr 2020 15:09:03 GMT
content-type: text/html
content-length: 482
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 893A 43 KB
14 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fed88ada1fa70feeb7d88d7a9d2dd28aeff49928ecd0ae83d18cae26746d2186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "488 / 554 of 1000 / last-modified: 1587071041"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:03 GMT

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame A5D3 0
0 67ms
67ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=37a03411-fb12-08c1-3c72-ae693d37c17f|1587136143
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=37a03411-fb12-08c1-3c72-ae693d37c17f|1587136143; Version=1; Expires=Sat, 17-Apr-2021 15:09:03 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1587136143|mOsLgqgikin0fcmWiygu; Version=1; Expires=Sat, 02-May-2020 15:09:03 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.183.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 17 Apr 2020 15:09:03 GMT
content-type: text/html
content-length: 482
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame D384 0
0 50ms
47ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=37a03411-fb12-08c1-3c72-ae693d37c17f|1587136143; pd=v2|1587136143|mOsLgqgikin0fcmWiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=37a03411-fb12-08c1-3c72-ae693d37c17f|1587136143; Version=1; Expires=Sat, 17-Apr-2021 15:09:03 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1587136143|rsgmkimWfcvmsHqGgqmuiynIsLomgemOgunsn0gi; Version=1; Expires=Sat, 02-May-2020 15:09:03 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.183.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 17 Apr 2020 15:09:03 GMT
content-type: text/html
content-length: 480
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame C0C0 43 KB
14 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3668f6bc8dd86f6690ad159eed9c3020cf6af81084e29712995005ecc7176aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "488 / 894 of 1000 / last-modified: 1587070946"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:03 GMT

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame F06E 0
0 47ms
30ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=37a03411-fb12-08c1-3c72-ae693d37c17f|1587136143; pd=v2|1587136143|rsgmkimWfcvmsHqGgqmuiynIsLomgemOgunsn0gi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=37a03411-fb12-08c1-3c72-ae693d37c17f|1587136143; Version=1; Expires=Sat, 17-Apr-2021 15:09:03 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1587136143|forsj8gmkimWjotufcvmsHtlqGgqvtmuiyfQnIsLiSomgemOgusflEnsn0gi; Version=1; Expires=Sat, 02-May-2020 15:09:03 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.183.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 17 Apr 2020 15:09:03 GMT
content-type: text/html
content-length: 546
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame DB32 109 B
171 B 28ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame DB32 109 B
171 B 28ms
17ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020041602.js Show response
securepubads.g.doubleclick.net/gpt/ Frame DB32 167 KB
61 KB 83ms
76ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

82bbd04adfca6dbbc54fbcff55f4db8bc1f66d7ccfe36820480be504d94d905d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Apr 2020 16:34:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 62526
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:03 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame DC25 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame DC25 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020040702.js Show response
securepubads.g.doubleclick.net/gpt/ Frame DC25 167 KB
61 KB 73ms
57ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

740078cb1778d885689a3108d2ca696b01fd80cb73437528af4ed0dd6e7466b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Apr 2020 20:25:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 62521
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:03 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 0D18 109 B
171 B 18ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0D18 109 B
171 B 23ms
20ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020040702.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0D18 167 KB
61 KB 157ms
154ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

740078cb1778d885689a3108d2ca696b01fd80cb73437528af4ed0dd6e7466b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Apr 2020 20:25:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 62521
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:03 GMT

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 7273 0
0 70ms
65ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=37a03411-fb12-08c1-3c72-ae693d37c17f|1587136143; pd=v2|1587136143|forsj8gmkimWjotufcvmsHtlqGgqvtmuiyfQnIsLiSomgemOgusflEnsn0gi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=37a03411-fb12-08c1-3c72-ae693d37c17f|1587136143; Version=1; Expires=Sat, 17-Apr-2021 15:09:03 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1587136143|forsgSj8tKgmkimWjotufcvmsHtlqGgqvtmuiyfQnIsLiSomgemOgusflEnsn0rFgi; Version=1; Expires=Sat, 02-May-2020 15:09:03 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.183.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 17 Apr 2020 15:09:03 GMT
content-type: text/html
content-length: 323
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 329B 43 KB
14 KB 75ms
68ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3668f6bc8dd86f6690ad159eed9c3020cf6af81084e29712995005ecc7176aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "488 / 780 of 1000 / last-modified: 1587070946"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:03 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 893A 109 B
171 B 55ms
53ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 893A 109 B
171 B 57ms
55ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020040702.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 893A 167 KB
61 KB 176ms
175ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js?21065889

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

740078cb1778d885689a3108d2ca696b01fd80cb73437528af4ed0dd6e7466b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Apr 2020 20:25:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 62521
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:03 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame C0C0 109 B
171 B 46ms
45ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame C0C0 109 B
171 B 47ms
47ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020040702.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C0C0 167 KB
61 KB 138ms
121ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

740078cb1778d885689a3108d2ca696b01fd80cb73437528af4ed0dd6e7466b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Apr 2020 20:25:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 62521
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:03 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DB32 4 KB
3 KB 99ms
98ms XHR
text/plain 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2213744346156310&correlator=1243052136030977&output=ldjh&impl=fifs&adsid=NT&eid=21065890%2C21065620&vrg=2020041602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200417&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&prev_scp=hb_name%3DAPST09010385POWB9701__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D970x250_t&eri=1&cookie_enabled=1&cdm=www.powerball.com&bc=31&abxe=1&lmt=1587136143&dt=1587136143895&dlt=1587136142746&idt=1114&ea=0&frm=23&biw=1585&bih=1200&isw=970&ish=250&oid=3&adxs=308&adys=1060&adks=3386903054&ucis=i8eepgg78je&ifi=1&ifk=627720725&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.powerball.com%2F&top=https%3A%2F%2Fwww.powerball.com%2F&dssz=11&icsg=2724&mso=4&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x250&ga_vid=811518937.1587136144&ga_sid=1587136144&ga_hid=1570114582&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

b2572769deea7987c997c3f55c251b9fd9527c109f081e794c72fe93de6316aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2083
x-xss-protection: 0
google-lineitem-id: 5292730782
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138302678468
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020041602.js Show response
securepubads.g.doubleclick.net/gpt/ Frame DB32 64 KB
23 KB 90ms
90ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

df255e2f7f9fd8c86ec6b227d9b3d2f8b3501188802e75a5009cbf9ba6f4eab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Apr 2020 16:34:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 23935
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:03 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame DB32 0
0 7ms
5ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 329B 109 B
171 B 27ms
26ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 329B 109 B
171 B 27ms
27ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.powerball.com

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020040702.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 329B 167 KB
61 KB 53ms
50ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

740078cb1778d885689a3108d2ca696b01fd80cb73437528af4ed0dd6e7466b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Apr 2020 20:25:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 62521
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:03 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DC25 4 KB
2 KB 101ms
99ms XHR
text/plain 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=756865198240663&correlator=4259974205541512&output=ldjh&impl=fifs&adsid=NT&eid=21062832%2C21065203%2C22316438&vrg=2020040702&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200417&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&prev_scp=hb_name%3DAPST09010385POWB9702__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D970x250_t&eri=1&cookie_enabled=1&cdm=www.powerball.com&bc=31&abxe=1&lmt=1587136143&dt=1587136143972&dlt=1587136142784&idt=1170&ea=0&frm=23&biw=1585&bih=1200&isw=970&ish=250&oid=3&adxs=308&adys=3239&adks=3392797045&ucis=leex1vh0i2ms&ifi=1&ifk=627720725&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.powerball.com%2F&top=https%3A%2F%2Fwww.powerball.com%2F&dssz=11&icsg=2724&mso=4&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x250&ga_vid=1609336154.1587136144&ga_sid=1587136144&ga_hid=1654872&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

933867bd6c1a5f3632244b79dbf0e57e885cf1f3a3ff28be02a6adecdd1862ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2101
x-xss-protection: 0
google-lineitem-id: 5292730782
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138302678468
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020040702.js Show response
securepubads.g.doubleclick.net/gpt/ Frame DC25 64 KB
23 KB 32ms
31ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

fb30d19bfdc58c092bdabad889657613116021c0d07e936fdb3e9e5dbd669872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Apr 2020 20:25:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 23928
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:04 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame DC25 0
0 6ms
5ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DB32 7 KB
5 KB 18ms
17ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020041602&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afbd026b96697f616afd6c671150669d833854f1b70111487c2772dfe93e1795

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5185
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5562 0
0 37ms
35ms Fetch
image/gif 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstEKTFU86SqwNhbnB1MLY7XYMgQZoUm7oLLTbRYrJY8IKnTijme3WGkvfA83-yag44d6SLZtj6cQjF6nyc0cPjUNEAmgkPEr5QRlptWZbInRVNTLPmAMwcqHblBMrwc2txKWEac9BPisBqiXZtR-0CNl4PbBehm-9tMKre-ny-e2qX-658Cd44zXeuQkkJ0V7cylN-mPamIMgCBfWe14fzNXEtDOL6XfgceN_S9ogpuKzlGSXlTg0QgPP-WI35-4HS2Nr5tJWGCvTNcdhVJGA&sai=AMfl-YTxMROA5Bp2yQr2Qya8hu6KXWAZBkW0bYHtFQa1hE6IKPetA8TNry786xCG9nwh6uIXqY4ev_wNnEnIAvhjsTNUW3idEpde6PwNzXgj&sig=Cg0ArKJSzAQ4KzalGjvqEAE&urlfix=1&adurl=

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 15:09:04 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:04 GMT

GET
H2 200 wowyowdisplay970x250desktop.js Show response
deio3v2go54x9.cloudfront.net/ Frame 5562 442 B
776 B 42ms
14ms Script
application/javascript 2600:9000:2156:7400:e:ff8:b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deio3v2go54x9.cloudfront.net/wowyowdisplay970x250desktop.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:7400:e:ff8:b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cb054ef396639da3beae5388ea312ddeaecb4f736aca87f34a46fa0d5ffde82f

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 07:19:23 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
last-modified: Fri, 31 Jan 2020 15:31:54 GMT
server: AmazonS3
age: 28182
etag: "0e297ff81c777742a00afb6ed54ba7af"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 442
x-amz-cf-id: B0-VqjUOVCjPBtB1rYfeCYXWlg_K7xJqczQ_axs-yUP7cnRf2UHtyg==

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5562 74 KB
28 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b502dbf33a515f9b0fd2a857166c6bb00e41b8dfc07bfa8ef194224fd266b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586950235212681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28756
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:04 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame DB32 74 KB
28 KB 44ms
41ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2565892bc9a7c05ac215b1784631317b1c0a8c7a91986394662768a6d4dab1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586950235212681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28446
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:04 GMT

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 89C6 0
0 41ms
28ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=37a03411-fb12-08c1-3c72-ae693d37c17f|1587136143; pd=v2|1587136143|forsgSj8tKgmkimWjotufcvmsHtlqGgqvtmuiyfQnIsLiSomgemOgusflEnsn0rFgi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=37a03411-fb12-08c1-3c72-ae693d37c17f|1587136143; Version=1; Expires=Sat, 17-Apr-2021 15:09:04 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1587136143|forsgSj8tKgmkimWjotufcvmsHtlqGgqvtmuiyfQnIsLiSomgemOgusflEnsn0rFgi; Version=1; Expires=Sat, 02-May-2020 15:09:04 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.183.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 17 Apr 2020 15:09:04 GMT
content-type: text/html
content-length: 70
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 80DE 0
0 33ms
32ms Fetch
image/gif 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQqH1O7gMq1is1V684Nxm3MlJdLtGBip644GyGfxBehhBHoK02t3RwsCCpQ2pCk0x4xs29nG9r6sM5Vo8Bfa9B2ASp3y2uXe6_RVT2WpSpTtXy9sPF788xlCy3PrGI77yUWoAQdatAPZpPlrCkmNjX8E689R7TR5bTquCiMxnQSPKwKoO2Sop0L-pv21pc342jFukGeapr5aN2V1De4o8ctdkXdq3HKm3kzqjUReMskD2spqUZlYAtwRwU-e4pQF3RDhnJJIoeC6Ue3uNxfQ&sai=AMfl-YRDXpqS78REo9_go0Rws5IBUCCx5I_Rg2zP8fb6i5zI73wJ0LrLhrzCIiLiJUarYCDnIUyaN7UuUWnEDEBzIDk2eJsru3LiJ3IRkYC2&sig=Cg0ArKJSzJR4z7CnAiidEAE&urlfix=1&adurl=

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 15:09:04 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 wowyowdisplay970x250desktop.js Show response
deio3v2go54x9.cloudfront.net/ Frame 80DE 442 B
777 B 12ms
11ms Script
application/javascript 2600:9000:2156:7400:e:ff8:b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deio3v2go54x9.cloudfront.net/wowyowdisplay970x250desktop.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:7400:e:ff8:b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cb054ef396639da3beae5388ea312ddeaecb4f736aca87f34a46fa0d5ffde82f

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 07:19:23 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
last-modified: Fri, 31 Jan 2020 15:31:54 GMT
server: AmazonS3
age: 28182
etag: "0e297ff81c777742a00afb6ed54ba7af"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 442
x-amz-cf-id: SVE6ZLOwlAy3X1HiVWPk3e3P8UjvgfjD3GSrudLeh2rLEazV7WLY2g==

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 80DE 74 KB
28 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914rxmraidlidarcontrol

Requested by

Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b502dbf33a515f9b0fd2a857166c6bb00e41b8dfc07bfa8ef194224fd266b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586950235212681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28756
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:04 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC25 74 KB
28 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2565892bc9a7c05ac215b1784631317b1c0a8c7a91986394662768a6d4dab1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586950235212681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28446
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:04 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DC25 7 KB
5 KB 33ms
19ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020040702&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

043a32043a3ab1d0615a564b665ea79e60c3d9a09874f9f71b5efcb0aca44527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5168
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DB32 14 KB
5 KB 46ms
40ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:04 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DC25 14 KB
5 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:04 GMT

GET
DATA 200
OK truncated
/ Frame 5562 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0972a4592ab35a2f0e4f2e05061ae8f9c385d5afba12d99d4f0697a1d676b809

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK wowyowdisplay970x250desktop.php
wowyowapi.com/ Frame 891B 0
0 803ms
192ms Document
text/html 35.160.156.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wowyowapi.com/wowyowdisplay970x250desktop.php?u=fb243434-6d38-f6b6-4543-c462ef8458dc
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.160.156.47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-156-47.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Host: wowyowapi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.powerball.com/

Response headers

access-control-allow-origin: *
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Fri, 17 Apr 2020 15:09:05 GMT
Server: Apache
Content-Length: 907
Connection: keep-alive

GET
DATA 200
OK truncated
/ Frame 80DE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7e941eb05ff51591e69b2dfd3657e11af53e3f61faaf67f77f29cd630395aa5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK wowyowdisplay970x250desktop.php
wowyowapi.com/ Frame 9325 0
0 744ms
186ms Document
text/html 35.160.156.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wowyowapi.com/wowyowdisplay970x250desktop.php?u=fb243434-6d38-f6b6-4543-c462ef8458dc
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.160.156.47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-156-47.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Host: wowyowapi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.powerball.com/

Response headers

access-control-allow-origin: *
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Fri, 17 Apr 2020 15:09:05 GMT
Server: Apache
Content-Length: 907
Connection: keep-alive

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 44B3 0
0 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.powerball.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 17 Apr 2020 14:28:05 GMT
expires: Sat, 17 Apr 2021 14:28:05 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2459
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame CD0A 0
0 6ms
5ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.powerball.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 17 Apr 2020 14:28:05 GMT
expires: Sat, 17 Apr 2021 14:28:05 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2459
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C0C0 4 KB
2 KB 137ms
136ms XHR
text/plain 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3635007481120431&correlator=3462469179813174&output=ldjh&impl=fifs&adsid=NT&vrg=2020040702&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200417&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DAPST04010385POWB3002__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D300x250_0%252Chb-bid-3dceccbffd3f99&eri=1&cookie=ID%3D5871c096dd45f4c1%3AT%3D1587136143%3AS%3DALNI_Mbt7kn8mtq931eAU9IeOheYELJbew&cdm=www.powerball.com&bc=31&abxe=1&lmt=1587136144&dt=1587136144490&dlt=1587136142860&idt=1314&ea=0&frm=23&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1986902392&ucis=y0scxf3ben4d&ifi=1&ifk=2743823900&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.powerball.com%2F&top=https%3A%2F%2Fwww.powerball.com%2F&dssz=11&icsg=2724&mso=4&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1893390334.1587136144&ga_sid=1587136144&ga_hid=777197686&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

86d6c9053ccfcd97260044360057635d853a766fc33ebcd47c8e849686a58e3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1976
x-xss-protection: 0
google-lineitem-id: 5293712860
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138303009295
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020040702.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C0C0 64 KB
23 KB 31ms
30ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

fb30d19bfdc58c092bdabad889657613116021c0d07e936fdb3e9e5dbd669872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Apr 2020 20:25:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 23928
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:04 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame C0C0 0
0 10ms
6ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0D18 4 KB
2 KB 76ms
76ms XHR
text/plain 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4420084392921107&correlator=1191153371133726&output=ldjh&impl=fifs&adsid=NT&eid=21064369%2C21065516&vrg=2020040702&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200417&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DAPST04010385POWB3001__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D300x250_0%252Chb-bid-376f4c1c45d43a&eri=1&cookie=ID%3D5871c096dd45f4c1%3AT%3D1587136143%3AS%3DALNI_Mbt7kn8mtq931eAU9IeOheYELJbew&cookie_enabled=1&cdm=www.powerball.com&bc=31&abxe=1&lmt=1587136144&dt=1587136144512&dlt=1587136142819&idt=1184&ea=0&frm=23&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1990784575&ucis=xlndhd8x3oxw&ifi=1&ifk=2743823900&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.powerball.com%2F&top=https%3A%2F%2Fwww.powerball.com%2F&dssz=11&icsg=2724&mso=4&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1274205964.1587136145&ga_sid=1587136145&ga_hid=106716548&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

7522d4d9fc4fd8e5cc25a21b496b25f744f38a78f9468a5427c5e39177e8b7ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1985
x-xss-protection: 0
google-lineitem-id: 5293712860
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138303009295
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020040702.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0D18 64 KB
23 KB 34ms
33ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

fb30d19bfdc58c092bdabad889657613116021c0d07e936fdb3e9e5dbd669872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Apr 2020 20:25:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 23928
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:04 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 0D18 0
0 6ms
6ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 329B 4 KB
2 KB 129ms
129ms XHR
text/plain 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2913125493962365&correlator=2274576837948929&output=ldjh&impl=fifs&adsid=NT&vrg=2020040702&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200417&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DAPST04010385POWB3004__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D300x250_0%252Chb-bid-3e84e1b12b211f&eri=1&cookie=ID%3D5871c096dd45f4c1%3AT%3D1587136143%3AS%3DALNI_Mbt7kn8mtq931eAU9IeOheYELJbew&cdm=www.powerball.com&bc=31&abxe=1&lmt=1587136144&dt=1587136144618&dlt=1587136142920&idt=1371&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adxs=853&adys=4211&adks=1443960515&ucis=i5q6q5erew0y&ifi=1&ifk=3672954154&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.powerball.com%2F&top=https%3A%2F%2Fwww.powerball.com%2F&dssz=11&icsg=2724&mso=4&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=377913899.1587136145&ga_sid=1587136145&ga_hid=46332037&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

e012d8fd59703a4ad32c22a9a671dcdc0d2a6f6e4fc994693a1d810629f1f9fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1965
x-xss-protection: 0
google-lineitem-id: 5293712860
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138303009295
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020040702.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 329B 64 KB
23 KB 33ms
32ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

fb30d19bfdc58c092bdabad889657613116021c0d07e936fdb3e9e5dbd669872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Apr 2020 20:25:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 23928
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:04 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 329B 0
0 6ms
6ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 893A 4 KB
2 KB 86ms
86ms XHR
text/plain 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1130117771462326&correlator=4474332194168017&output=ldjh&impl=fifs&adsid=NT&eid=21065889%2C21064170&vrg=2020040702&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200417&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DAPST04010385POWB3003__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D300x250_0%252Chb-bid-349f92a61e6d59&eri=1&cookie=ID%3D5871c096dd45f4c1%3AT%3D1587136143%3AS%3DALNI_Mbt7kn8mtq931eAU9IeOheYELJbew&cookie_enabled=1&cdm=www.powerball.com&bc=31&abxe=1&lmt=1587136144&dt=1587136144650&dlt=1587136142890&idt=1135&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=250&oid=3&adxs=433&adys=4211&adks=1992055404&ucis=lnqlhcl2qsn&ifi=1&ifk=3672954154&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.powerball.com%2F&top=https%3A%2F%2Fwww.powerball.com%2F&dssz=11&icsg=2724&mso=4&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1604406829.1587136145&ga_sid=1587136145&ga_hid=550814636&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js?21065889

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

25a1e0490fc802c729dbbd25c19d620b8ddff8c045a1f2f187fd6b69f6439ee7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1979
x-xss-protection: 0
google-lineitem-id: 5293712860
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138303009295
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.powerball.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020040702.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 893A 64 KB
23 KB 32ms
31ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js?21065889

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

fb30d19bfdc58c092bdabad889657613116021c0d07e936fdb3e9e5dbd669872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Apr 2020 20:25:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 23928
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:04 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 893A 0
0 7ms
6ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3153 0
0 44ms
40ms Fetch
image/gif 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQhKzDPaMqfwjRdBpWCdGGzDZ0pQI15hi6JC0qjDSc6GRCfvsRL5akuR55R8EoCT_sWIbHqDZi96L6HRocngrzrNuQAEfmWj-ztpP6ODW3e7CIsRYsCxX4cRbgWZAtNmOAm9uZtA1gJXRd77jkBFDhybHV27ARuw9oHE8yn8tJTbgbl6D7Asr28apR-02u9ILhfhVZwaMMyX9Ku9834MnLgHlyHgCAqBYgFWSCNPpRBLEw6d4lQ1x-RF5rEqRFQeT5mNmJPl6M_4V5qWKrQg&sig=Cg0ArKJSzJMOzerLBQIzEAE&urlfix=1&adurl=

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 15:09:04 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 wowyowdisplay300x250desktop.js Show response
deio3v2go54x9.cloudfront.net/ Frame 3153 491 B
825 B 44ms
40ms Script
application/javascript 2600:9000:2156:7400:e:ff8:b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deio3v2go54x9.cloudfront.net/wowyowdisplay300x250desktop.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:7400:e:ff8:b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3530e4982843740867978c8817e82e35e005b4175684febd7b85be22c36e17ca

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 04:27:03 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
last-modified: Fri, 13 Mar 2020 23:32:20 GMT
server: AmazonS3
age: 38522
etag: "5a8a0d6f49d51ead0354d652a2082fbe"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 491
x-amz-cf-id: WdT6FSY0GWgmEiczXSC3s4j3twvmjqj7P2ig6yxSjj4Z2-7XW5EBsg==

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3153 74 KB
28 KB 46ms
43ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914rxlidarcontrol

Requested by

Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b502dbf33a515f9b0fd2a857166c6bb00e41b8dfc07bfa8ef194224fd266b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586950235212681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28756
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:04 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D18 74 KB
28 KB 47ms
42ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2565892bc9a7c05ac215b1784631317b1c0a8c7a91986394662768a6d4dab1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586950235212681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28446
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:04 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0D18 7 KB
5 KB 45ms
41ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020040702&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d164e1b7ab05fba016ecda81281f50ab3219479f339017187e8136d7cb12c5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5210
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 40DF 0
0 94ms
54ms Fetch
image/gif 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYT-xFndj_sc92gvFSmo4WZ5nIVfD44kOYPPPvWdb6IrXysBzmIpcJsTW3Ds2s7pigY_DWYEGXpGbPkTiyvpLO4MrYa7JHWJOHzC0VGqFjYOhenZyA0i3zT4nJncPjQ3r69-lUm5WrwASELAVTfc73bKqjqku0qoLknl71Mm4JsGXJg1sijn3PKmhvyEAeGErNTi_okPwctjc6ddg9rhmPpHSVP-h6i5ODgeXWfH_34lfl_MEOQh-PVQVvMMS1WxNxw-UciMU3CsNvqCBbGQ&sig=Cg0ArKJSzMdr_lrTqGquEAE&urlfix=1&adurl=

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 15:09:04 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 wowyowdisplay300x250desktop.js Show response
deio3v2go54x9.cloudfront.net/ Frame 40DF 491 B
826 B 94ms
45ms Script
application/javascript 2600:9000:2156:7400:e:ff8:b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deio3v2go54x9.cloudfront.net/wowyowdisplay300x250desktop.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:7400:e:ff8:b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3530e4982843740867978c8817e82e35e005b4175684febd7b85be22c36e17ca

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 04:27:03 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
last-modified: Fri, 13 Mar 2020 23:32:20 GMT
server: AmazonS3
age: 38522
etag: "5a8a0d6f49d51ead0354d652a2082fbe"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 491
x-amz-cf-id: vYJIF2oT7xIYqxgjr6zfZwan1qQJRhqW7WF1G6JoEtSkHA3nNfzeKA==

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 40DF 74 KB
28 KB 96ms
56ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b502dbf33a515f9b0fd2a857166c6bb00e41b8dfc07bfa8ef194224fd266b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586950235212681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28756
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:04 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame C0C0 74 KB
28 KB 62ms
57ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2565892bc9a7c05ac215b1784631317b1c0a8c7a91986394662768a6d4dab1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586950235212681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28446
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:04 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C0C0 7 KB
5 KB 24ms
18ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020040702&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a5781ca7fa73e3a11168275ef87851b1cc3e38c76333e33d161c26d77b1dedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5220
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame E5F5 0
0 55ms
43ms Fetch
image/gif 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0Czh0PK05WTdLdmO_4cb2QkN0pxGjDjaiUyNchITaGeePjqI3L1OEaH_mEZVaeQ4vuu-uZuWJAJhUQA7P4htmhGn2MdDjya6JEPRk81Cir210kdFFjmQXBrewtnfcHwIy5OTcsUVVZAKYqSBxizU8i940pcjo-jEUc0jxZqZMWnUQC9Zg8YfIZAJ-0yPoEyErMjd3b8r6T8he-42gIZeIBY-PIKn8nUbRGINm7aCOxhl_ESlotTdu6IY6L-V9SgrLNsfCLxeKrownf8BuKg&sig=Cg0ArKJSzDRxyWScZ442EAE&urlfix=1&adurl=

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 15:09:04 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:04 GMT

GET
H2 200 wowyowdisplay300x250desktop.js Show response
deio3v2go54x9.cloudfront.net/ Frame E5F5 491 B
824 B 20ms
9ms Script
application/javascript 2600:9000:2156:7400:e:ff8:b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deio3v2go54x9.cloudfront.net/wowyowdisplay300x250desktop.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:7400:e:ff8:b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3530e4982843740867978c8817e82e35e005b4175684febd7b85be22c36e17ca

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 04:27:03 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
last-modified: Fri, 13 Mar 2020 23:32:20 GMT
server: AmazonS3
age: 38522
etag: "5a8a0d6f49d51ead0354d652a2082fbe"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 491
x-amz-cf-id: 42mFamPiRPO1yH-uTian-PaKmFy7DPHga3mNmnX5S_bC4jD_Bc9fqw==

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame E5F5 74 KB
28 KB 56ms
45ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b502dbf33a515f9b0fd2a857166c6bb00e41b8dfc07bfa8ef194224fd266b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586950235212681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28756
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:04 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 329B 74 KB
28 KB 65ms
56ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2565892bc9a7c05ac215b1784631317b1c0a8c7a91986394662768a6d4dab1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586950235212681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28446
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:04 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 329B 6 KB
5 KB 23ms
18ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020040702&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46262c096e7245f756a7b0c7526201bc8f4f7a9b6e93de5132da020a4e9655a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5056
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame BE39 0
0 83ms
41ms Fetch
image/gif 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfDqVDzC8Dj8sYKi6UjcR2NIYAhxV_L31uSWbFK9SLeismQCAA5NlpJJ3F6pfE3_n9WOlLjBOHGy5zvNbMynCnMX9nWtf9KHhUeuPE2DxV-BVz4LIV74ogfLWjq8d6g278-5b-J3mv879Q8KX-qAusGIEK4lYe6g-LOAN1SvX6bOeA4yGLQoyFM39t7rVT6127LdmaEmYgA1ydirY0H21yHDk8l36MXw_6KIhSj4WMxVqaNJY7P0fewBrH83VOY64JVSStoCsAyRqoUd_-1Q&sig=Cg0ArKJSzPE0WgKSu58yEAE&urlfix=1&adurl=

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 15:09:04 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 wowyowdisplay300x250desktop.js Show response
deio3v2go54x9.cloudfront.net/ Frame BE39 491 B
824 B 51ms
8ms Script
application/javascript 2600:9000:2156:7400:e:ff8:b40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deio3v2go54x9.cloudfront.net/wowyowdisplay300x250desktop.js
Requested by: Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:7400:e:ff8:b40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3530e4982843740867978c8817e82e35e005b4175684febd7b85be22c36e17ca

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 04:27:03 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
last-modified: Fri, 13 Mar 2020 23:32:20 GMT
server: AmazonS3
age: 38522
etag: "5a8a0d6f49d51ead0354d652a2082fbe"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 491
x-amz-cf-id: draFVLE3iGPTryNqFzokCj5dl2LBrmgs8DostUe_BcEt19iHV1_Dbg==

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame BE39 74 KB
28 KB 86ms
45ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b502dbf33a515f9b0fd2a857166c6bb00e41b8dfc07bfa8ef194224fd266b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586950235212681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28756
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:04 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 893A 74 KB
28 KB 57ms
12ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2565892bc9a7c05ac215b1784631317b1c0a8c7a91986394662768a6d4dab1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586950235212681"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28446
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:04 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 893A 7 KB
5 KB 68ms
21ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020040702&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js?21065889

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3eef2eb795e0074ca055a552e2e0f934524f7df5b26a48ccab938420f227ff1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5200
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0D18 14 KB
5 KB 89ms
42ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:04 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DB32 0
69 B 56ms
15ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020041602&jk=2213744346156310&bg=!JySlJDxYFl-uV8P7FZECAAAAwVIAAAAcmQF4LosBr_73wVzwqADLVgBhhzgDPck2I-JVtHKTOQCkT6boHx08avTViHv2hVuGhn50KwwbhpDePpvriQqy4CJcDXG_OW-Vmhwi84nqsxQ54MuVpvFYEXFHTDl6SrQDWQz02DM6kdRIpI3bQpyrm9uatQW3LM-Pohu_cdeo5SjPOt-tCFcc4lh-9SaCfsLptxgv7pCnCssnfRAZiMfgKyEZzI2qB8IuP4M8R4JSTJDzwa83pFejhTxGYdk5Sh8hN81wvkiLHQ1v0ZwAVUJrQmQt4_ZOV1Og0ujY9wO17wrsogw-UeZVwwuY4k3qO5K9HCrlnjZ93Gv04DTH_6kHfGAEeFa-nV3huBv0eG-c0FlRdH5_rtNV2EqUa4_O58KH7rB-iS4vss4V03f-vqTQK8MbS8ZTqa6821uO3y1k-i8wKlJ9xTtVodjg3Z-IcbODWQvctImCTAfg8BqGX7dbgP0BZDqFLfbXnvuG8mHw7L7iYzLG4-Ed-4lFrQ

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C0C0 14 KB
5 KB 79ms
42ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:04 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DC25 0
69 B 57ms
19ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020040702&jk=756865198240663&bg=!3N-l38dY7Dh62raupv8CAAAAxFIAAAA5mQF4N6OT-2dODxJ-9vy9RACDDX-bKIwajGD0FxTSbjZwkz9QSlGLz0uWwQotL0uu86jdgW7cfWeOS5y_Y9XXAmbSA2I0ii9YJKEtbb-Jor-AyOj4d9_1QghlUkN4jRvP7-ITmRdiFMipesT7NO_T2Qv6X41Ab0_ePXI5BRMZtSDLP-UfgqrTVlLWn73hNfcJztHmIweT_elnQ4q85hiDhM36AYJnIxnPaZ50DJ0hMN_TJAZEgbPnAOIETBzxwQrinuP8BHzYF0xSwqM-oU8x7qKX5Wi7oStPIZ8EI2Q3DReZGnYOiDXC44y6coNslvm4icMAGlLwnBTTGv1jc3Tq3L4fY-u1bqtvuC8upKLK1kNVaY3jtHEckq7MZmUYGIKsGLtN1lsBQN2CBdw6CFjvY-JsW4FvNt14AvjsyFo6jGiiV2d2EMdxMiHb3aIvv3ObDXgnhYJKC6tj08c8a3-qXdyD_zeVTtXbZbbQDPSTQLP5JUti2zoclw3z_Q

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 329B 14 KB
5 KB 79ms
42ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:04 GMT

GET
H/1.1 200
OK wowyowdisplay300x250desktop.php
wowyowapi.com/ Frame EF11 0
0 766ms
567ms Document
text/html 35.160.156.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wowyowapi.com/wowyowdisplay300x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.160.156.47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-156-47.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Host: wowyowapi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.powerball.com/

Response headers

access-control-allow-origin: *
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Fri, 17 Apr 2020 15:09:05 GMT
Server: Apache
Content-Length: 862
Connection: keep-alive

GET
H/1.1 200
OK wowyowdisplay300x250desktop.php
wowyowapi.com/ Frame A29D 0
0 746ms
549ms Document
text/html 35.160.156.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wowyowapi.com/wowyowdisplay300x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.160.156.47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-156-47.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Host: wowyowapi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.powerball.com/

Response headers

access-control-allow-origin: *
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Fri, 17 Apr 2020 15:09:05 GMT
Server: Apache
Content-Length: 862
Connection: keep-alive

GET
H/1.1 200
OK wowyowdisplay300x250desktop.php
wowyowapi.com/ Frame 5389 0
0 916ms
562ms Document
text/html 35.160.156.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wowyowapi.com/wowyowdisplay300x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.160.156.47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-156-47.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Host: wowyowapi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.powerball.com/

Response headers

access-control-allow-origin: *
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Fri, 17 Apr 2020 15:09:05 GMT
Server: Apache
Content-Length: 862
Connection: keep-alive

GET
DATA 200
OK truncated
/ Frame E5F5 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08892d4d37bf020508b5c5b982f2c9d5c55e41169d794e2baa731b19221e9152

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 893A 14 KB
5 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 17 Apr 2020 15:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Fri, 17 Apr 2020 15:09:05 GMT

GET
H/1.1 200
OK wowyowdisplay300x250desktop.php
wowyowapi.com/ Frame 5263 0
0 1243ms
573ms Document
text/html 35.160.156.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wowyowapi.com/wowyowdisplay300x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.160.156.47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-156-47.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Host: wowyowapi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.powerball.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.powerball.com/

Response headers

access-control-allow-origin: *
Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Fri, 17 Apr 2020 15:09:05 GMT
Server: Apache
Content-Length: 862
Connection: keep-alive

GET
DATA 200
OK truncated
/ Frame BE39 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 521af3b944d345f2d8dafd65f41ec94ba8e9a0d1bc5baef4884d9c071ab9e00e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame FC74 0
0 6ms
5ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.powerball.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 17 Apr 2020 14:28:05 GMT
expires: Sat, 17 Apr 2021 14:28:05 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2460
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame B46D 0
0 6ms
5ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.powerball.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 17 Apr 2020 14:28:05 GMT
expires: Sat, 17 Apr 2021 14:28:05 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2460
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 7E91 0
0 6ms
5ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.powerball.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 17 Apr 2020 14:28:05 GMT
expires: Sat, 17 Apr 2021 14:28:05 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2460
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 145A 0
0 6ms
5ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.powerball.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 17 Apr 2020 14:28:05 GMT
expires: Sat, 17 Apr 2021 14:28:05 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2460
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D18 0
58 B 28ms
15ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020040702&jk=4420084392921107&bg=!c3ClcGhYNQKnfDHuQ4sCAAAAnVIAAAAwmQF4c7p-tPOAUrxSiWugEA23GuDl-vzqqVQs_Q8yk9bfWwDdOYguV_oRzMJkRPRWJQsmji-UKWQM3GkZPTUtVbyFlerwvN_NSLsE48jr4MZBzlvtF6WoEla9WcHrqWzgf5tVdRw9wtxUncaI2E46n7XBJ1Pp9IEYwfe_LoZZzNDi1S_iLMVC7mGCJWPunFr2hgyA-S-cKZuCCQH13IA30uYlB4thduhWBDRaroIIM-upd7O6Z9GQkz81UyMD6c_go1UG6MtH6nvrDocn1TaIh0BHYjyAXefcYb1r5XsPs9wG4TTDn-lRg87U95yz9zsfRY9b1CwEuy6QprVS1MEOuUeK5dIXM1gdAIjn0LrcpNA2aShj3oP3wre_xZaEZSG6QZ4Kc2V3TkJ3ZDPoJdsF4WAcwGTFkZl7Vuivtokg1LVuoa10VMrD4w_gtyTEdf6gC8_6FkfVGPkk7DlWNtVHWZzhyaVNgk2YgFm3phJDI9tsF1dxDxtHti8jtA

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame D3D4 0
0 27ms
26ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.powerball.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=37a03411-fb12-08c1-3c72-ae693d37c17f|1587136143; pd=v2|1587136143|forsgSj8tKgmkimWjotufcvmsHtlqGgqvtmuiyfQnIsLiSomgemOgusflEnsn0rFgi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.powerball.com/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=37a03411-fb12-08c1-3c72-ae693d37c17f|1587136143; Version=1; Expires=Sat, 17-Apr-2021 15:09:05 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1587136143|forsgSj8tKgmkimWjotufcvmsHtlqGgqvtmuiyfQnIsLiSomgemOgusflEnsn0rFgi; Version=1; Expires=Sat, 02-May-2020 15:09:05 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.183.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 17 Apr 2020 15:09:05 GMT
content-type: text/html
content-length: 70
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C0C0 0
728 B 19ms
14ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020040702&jk=3635007481120431&bg=!ycqlytJYLhMJjd7v3WgCAAAA1FIAAAArmQF47mYOE7h04AHO0_-7NdEuUpESTOQnxRw7N5UBo42rGOcCgVf0YLqEgGHNUmj_r7sOTR7LVTOY5hiFFcm1b_9VdIJa3CxE8PVjI3EWc3yaO-t7UeFbhiQeHz0H2XGwJhmJad2dz8IpmhNRVCAWRRQ_1lbkgsR65by-FCuu6pyCS1NxdjuiJD0mfkPV5AMm8KgVvrWB0wLk0rFnppOS7IF0zyD7H0C9w_Elk28Y-G0MwgbPnTr7chtBhbZ-v9t0RVARq_2q5s3otI_-C1HxFgjxyQWjMxS6TI3gWzMwXS_ZeqC960lsewKQRmr829Z0W2Dik_BHyfr-XaRvbyKIqcSwr1wfMgPbHCvOmmnsFWUIjE6tmvGdWo3hLzsKgKJa2lW7WzuPw_fWXx8-MAgsAbPcq2nMg3CiQbpCq8BzXPvAjXMJkrCvArKkkp8A6QLVwmc8aDuy8gWv26iDSnySbvYtbAet1rNhwcvA-POWYNItGD9R2xW0824bPQ

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 329B 0
58 B 17ms
16ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020040702&jk=2913125493962365&bg=!fn2lfWVYQE6KEPrJW2ACAAAAyVIAAABQmQF4ru3-bOXCwW2gSco6tEQ-oKZ1iH4kLLjOIS110oORxcVZGyx5Og84sVpOWQNY9C-saawk92DCbfWT6fjHwpRCyrRq_MSNQIJFeUYjo0jiOicT79LuLvWjN6lmB2iJLVl8Y51Hz9bwdh7d8Ajgf50ctai2xU8R9jwKkOZUvjOMH6HPsm3bJSJ2ll7kpN6iH5GAuSgG_FHT3p-KKyZ80yYTbDksdpivyke86wwHtyeDLXlRIY8ZZCbfJZDKpLn8p7Ely_iVfERJMxYe0lx2LONyve7RFtJ7R11LIJ-3PDTghYdkaDeLHFgAzrpg-yC3x8pQD0rKpUqOwOd2HV_8f7kAnhm-gh3sMdD8t-MpodTbqxSycA3aApe-LhLTXaS87dL-MXzU42YBKviTF46qlZquF9tVEAJSIfMf9NJXFM4vs4WS8oXsMGKDRrdlN9mnsTBUcHnuEhIZtNlhLeQAXBCvej0sM5Va7Ll716gY2qU6xIMl0EgPFFB-GQ

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 893A 0
58 B 16ms
15ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020040702&jk=1130117771462326&bg=!ZWalZn5YElRJokamp88CAAAAlVIAAAAtmQF4DjlzldDHXnykwIbsNVZMuELG5JIa1RSFhWdbVJ1xep0wiYxvZIBi4NXuKR2PczzuwfOPVa_Z86tYdLJ1j3nbTsfxJ6XHmRfEKKJ_y9TNehcfBiLwjh3XT59KjWs8AR4V1cl7I0qqyMbhFwo5KZXQua66FpBBWRnSnFNdm2ApNPEVokkjGEuGnjvPlHvd3S11mPgUpX0SuLyjB5F03oaSk6REeZY5LumrzsHeKVnbqZeUtQLB854JV3HILxR67feGZzEppihOOwDz4xghCblmJyqCIZilsT9Jvd--1j0vkgVVxLw72ldZnQmznWSkOPrLwPmW73Aqa8vyFCUxsfDwmz6QdmkyeaubTNczu3UVrvX54kQTy820XzCtunKR5S3yqp5cgRK_hZ8z-W5KRS1r66DwJFXE5X-S3Y95mAhfGdZ1JelwotMW4SHebSTuKs0CAPqi2gSpPsrbpo3x4X8mR7RN7f7LAJWJBuk7ZYTGz3G2j0mmTl2cYw

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5562 42 B
115 B 19ms
18ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumZ_BF6Cp0PzUzCjJMYyVVROX4CvL9-lao9tnxUokgMV2D6gGjX38oDRnaNbi91Mmr5nJLVpb3k3RXAv93qg0q4mZr4BfRWh1NnusS868&sig=Cg0ArKJSzEHL2o_MDZrSEAE&adk=3386903054&tt=-1&bs=1585%2C1200&mtos=0,0,1099,1099,1099&tos=0,0,1099,0,0&p=0,0,250,970&mcvt=1099&rs=0&ht=0&tfs=253&tls=1343&mc=0.56&lte=0&bas=0&bac=0&met=ce&la=1&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1587136144158&dlt&rpt=326&isd=0&msd&ext&xdi=0&ps=1585%2C5448&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-27-11-11-0-0-0&tvt=1318&is=970%2C250&iframe_loc=https%3A%2F%2Fwww.powerball.com%2F&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200415

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame DC25
Redirect Chain

https://eb2.3lift.com/sync?px=1&src=prebid&
https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1
https://eb2.3lift.com/xuid?mid=3658&xuid=bd520d03-0256-4a15-9f1c-d308490ba072&dongle=0cfd

37 B
353 B

23ms
23ms

Image
image/gif

52.58.189.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=bd520d03-0256-4a15-9f1c-d308490ba072&dongle=0cfd
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.189.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-189-189.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 17 Apr 2020 15:09:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:06 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://eb2.3lift.com/xuid?mid=3658&xuid=bd520d03-0256-4a15-9f1c-d308490ba072&dongle=0cfd
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 209

GET
H2

200

xuid
eb2.3lift.com/ Frame DB32
Redirect Chain

https://eb2.3lift.com/sync?px=1&src=prebid&
https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1
https://eb2.3lift.com/xuid?mid=3658&xuid=f0432aad-e68a-433c-9865-ae418d5faa3d&dongle=0cfd

37 B
353 B

23ms
23ms

Image
image/gif

52.58.189.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=f0432aad-e68a-433c-9865-ae418d5faa3d&dongle=0cfd
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.189.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-189-189.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 17 Apr 2020 15:09:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:06 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://eb2.3lift.com/xuid?mid=3658&xuid=f0432aad-e68a-433c-9865-ae418d5faa3d&dongle=0cfd
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 209

GET
H2

200

xuid
eb2.3lift.com/ Frame C0C0
Redirect Chain

https://eb2.3lift.com/sync?px=1&src=prebid&
https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1
https://eb2.3lift.com/xuid?mid=3658&xuid=691aa5f3-1942-49ad-aafa-93b852f0b5da&dongle=0cfd

37 B
353 B

24ms
24ms

Image
image/gif

52.58.189.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=691aa5f3-1942-49ad-aafa-93b852f0b5da&dongle=0cfd
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.189.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-189-189.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 17 Apr 2020 15:09:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:07 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://eb2.3lift.com/xuid?mid=3658&xuid=691aa5f3-1942-49ad-aafa-93b852f0b5da&dongle=0cfd
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 209

GET
H2 204 sync
pixel.advertising.com/ups/56465/ Frame C0C0 0
124 B 65ms
22ms Image
text/plain 54.93.143.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.143.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-143-252.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Fri, 17 Apr 2020 15:09:07 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
pixel.advertising.com/ups/55965/ Frame C0C0
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=ECJ0UkZxdFgIf3UJESFgU0cjew8IJngNQHQxFI0b

0
124 B

22ms
22ms

Image
text/plain

54.93.143.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=ECJ0UkZxdFgIf3UJESFgU0cjew8IJngNQHQxFI0b

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.143.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-143-252.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Fri, 17 Apr 2020 15:09:07 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Pragma: no-cache
Date: Fri, 17 Apr 2020 15:09:07 GMT
Server: QS
Strict-Transport-Security: max-age=86400
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Location: https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=ECJ0UkZxdFgIf3UJESFgU0cjew8IJngNQHQxFI0b
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame C0C0 70 B
264 B 37ms
37ms Image
image/gif 52.16.238.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.238.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-238-200.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:07 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 0D18 70 B
264 B 38ms
37ms Image
image/gif 52.16.238.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.238.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-238-200.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:07 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H2

200

xuid
eb2.3lift.com/ Frame 0D18
Redirect Chain

https://eb2.3lift.com/sync?px=1&src=prebid&
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&google_tc=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMIDg7FtFObViQAImruHV_k&dongle=c627&google_cver=1

37 B
353 B

23ms
23ms

Image
image/gif

52.58.189.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMIDg7FtFObViQAImruHV_k&dongle=c627&google_cver=1
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.189.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-189-189.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 17 Apr 2020 15:09:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:07 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMIDg7FtFObViQAImruHV_k&dongle=c627&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 303
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sync
pixel.advertising.com/ups/56465/ Frame 0D18 0
124 B 21ms
20ms Image
text/plain 54.93.143.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=

Requested by

Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.143.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-143-252.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Fri, 17 Apr 2020 15:09:07 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
pixel.advertising.com/ups/55965/ Frame 0D18
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=7q6Iwrj9iMj289fOva-czrj-hc_28tPKualicDl7

0
124 B

20ms
20ms

Image
text/plain

54.93.143.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=7q6Iwrj9iMj289fOva-czrj-hc_28tPKualicDl7

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.143.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-143-252.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Fri, 17 Apr 2020 15:09:07 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Pragma: no-cache
Date: Fri, 17 Apr 2020 15:09:07 GMT
Server: QS
Strict-Transport-Security: max-age=86400
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Location: https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=7q6Iwrj9iMj289fOva-czrj-hc_28tPKualicDl7
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

c.gif
c.bing.com/ Frame 329B
Redirect Chain

https://eb2.3lift.com/sync?px=1&src=prebid&
https://eb2.3lift.com/getuid?redir=%2F%2Fc.bing.com%2Fc.gif%3Fxid%3D%24UID%26Red3%3DTLMS_pd%0A
https://c.bing.com/c.gif?xid=11783488391130053194&Red3=TLMS_pd

42 B
445 B

46ms
29ms

Image
image/gif

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=11783488391130053194&Red3=TLMS_pd
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:07 GMT
etag: "34b3153dd9d61:0"
last-modified: Fri, 03 Apr 2020 17:28:44 GMT
x-msedge-ref: Ref A: 6706F0DBDB994FDE869D628B541C0098 Ref B: FRAEDGE0212 Ref C: 2020-04-17T15:09:07Z
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
status: 200
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

status: 302
date: Fri, 17 Apr 2020 15:09:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: https://c.bing.com/c.gif?xid=11783488391130053194&Red3=TLMS_pd
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 329B 70 B
264 B 38ms
37ms Image
image/gif 52.16.238.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.238.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-238-200.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:07 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H2

204

sync
pixel.advertising.com/ups/55965/ Frame 329B
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=7q6Iwrj9iMj289fOva-czrj-hc_28tPKualicDl7

0
124 B

21ms
21ms

Image
text/plain

54.93.143.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=7q6Iwrj9iMj289fOva-czrj-hc_28tPKualicDl7

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.143.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-143-252.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Fri, 17 Apr 2020 15:09:07 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Pragma: no-cache
Date: Fri, 17 Apr 2020 15:09:07 GMT
Server: QS
Strict-Transport-Security: max-age=86400
Location: https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=7q6Iwrj9iMj289fOva-czrj-hc_28tPKualicDl7
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 sync
pixel.advertising.com/ups/56465/ Frame 329B 0
124 B 22ms
21ms Image
text/plain 54.93.143.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.143.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-143-252.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Fri, 17 Apr 2020 15:09:07 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
pixel.advertising.com/ups/55965/ Frame 893A
Redirect Chain

https://pixel.quantserve.com/pixel/p-NcBg8UA4xqUFp.gif?idmatch=0&gdpr=1&gdpr_consent=
https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=7q6Iwrj9iMj289fOva-czrj-hc_28tPKualicDl7

0
124 B

21ms
21ms

Image
text/plain

54.93.143.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=7q6Iwrj9iMj289fOva-czrj-hc_28tPKualicDl7

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.143.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-143-252.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Fri, 17 Apr 2020 15:09:07 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Pragma: no-cache
Date: Fri, 17 Apr 2020 15:09:07 GMT
Server: QS
Strict-Transport-Security: max-age=86400
Location: https://pixel.advertising.com/ups/55965/sync?_origin=0&gdpr=1&uid=7q6Iwrj9iMj289fOva-czrj-hc_28tPKualicDl7
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 893A 70 B
264 B 38ms
37ms Image
image/gif 52.16.238.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=1&gdpr_consent=
Requested by: Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.238.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-238-200.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Apr 2020 15:09:07 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 893A
Redirect Chain

https://eb2.3lift.com/sync?px=1&src=prebid&
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&dcc=t

0
0

226ms
125ms

Image
text/html

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&dcc=t
Requested by: Host: www.powerball.com
URL: https://www.powerball.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Fri, 17 Apr 2020 15:09:08 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 sync
pixel.advertising.com/ups/56465/ Frame 893A 0
124 B 22ms
21ms Image
text/plain 54.93.143.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=

Requested by

Host: www.powerball.com
URL: https://www.powerball.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.143.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-143-252.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.powerball.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Fri, 17 Apr 2020 15:09:07 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.openx.net/	1970-01-19 17:37:52	Name: i Value: a150e644-cf12-4a51-9231-91c0c347ccde\|1587136151

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://static.criteo.net/js/ld/publishertag.js(Line 1) Message: %cPubTag color: #fff; background: #ff8f1c; display: inline-block; padding: 1px 4px; border-radius: 3px; ERROR: Error onError: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js(Line 6) Message: jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at setupWhereToPlay (https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js:429:21581) at HTMLDocument.<anonymous> (https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js:429:30302) at j (https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js:6:29999) at k (https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_Px_30xzhLHwnUPgHJrcOgAUt-oQ3AqXsEHE0O_Aq3qA.js:6:30313) at https://d2si3hiz85fm4q.cloudfront.net/script.js:1:66682 undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adserver.adtech.advertising.com
adserver.adtechus.com
adservice.google.com
adservice.google.de
api.lanistaads.com
as-sec.casalemedia.com
bidder.criteo.com
c.bing.com
cm.g.doubleclick.net
code.ionicframework.com
d2si3hiz85fm4q.cloudfront.net
d2tbmvllb55wxq.cloudfront.net
deio3v2go54x9.cloudfront.net
dmx.districtm.io
dw7nrwnn2bkh1.cloudfront.net
eb2.3lift.com
eu-u.openx.net
fastlane.rubiconproject.com
fonts.googleapis.com
fs.gweini.com
hbopenbid.pubmatic.com
i.clean.gg
lanista-bidder-d.openx.net
match.adsrvr.org
pagead2.googlesyndication.com
pixel.advertising.com
pixel.quantserve.com
s.amazon-adsystem.com
s.gweini.com
s3.amazonaws.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tlx.3lift.com
tpc.googlesyndication.com
wowyowapi.com
www.google-analytics.com
www.googletagservices.com
www.powerball.com
dmx.districtm.io
13.224.186.107
13.224.194.99
152.199.21.35
172.217.21.194
172.217.23.162
178.250.0.165
185.64.189.112
23.213.15.82
2600:9000:2156:7400:e:ff8:b40:21
2600:9000:21f3:3e00:6:266a:9940:21
2600:9000:21f3:cc00:15:3f44:b280:21
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:4700:20::681a:6ad
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::200a
2a00:1450:4001:819::200e
2a00:1450:4001:81b::2002
2a00:1450:400c:c00::9a
2a02:2638::3
3.94.236.166
34.95.120.147
34.95.69.49
35.156.227.32
35.160.156.47
52.16.238.200
52.216.238.21
52.45.243.84
52.58.189.189
54.239.17.112
54.87.126.121
54.93.143.252
69.173.144.143
91.228.74.144
03bdd68a1e549bf59bc419d1842bec52628885efc75ed8a58a7d1f7671d6c4d7
043a32043a3ab1d0615a564b665ea79e60c3d9a09874f9f71b5efcb0aca44527
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0667b1b862f025d909a0300a29c929f610d6a3c8d5571e823de15b49cf55918a
06ef905faafedcc71b11e25d395607fb6fef70fdbdaceb87c744255c67624799
08892d4d37bf020508b5c5b982f2c9d5c55e41169d794e2baa731b19221e9152
0972a4592ab35a2f0e4f2e05061ae8f9c385d5afba12d99d4f0697a1d676b809
0b502dbf33a515f9b0fd2a857166c6bb00e41b8dfc07bfa8ef194224fd266b7e
0deb441d23abe9d2318838b90204bd333ad5f5b8a2b0983f33689f62569bca93
13ed0f2dd3b4dbead8efdfb7fd12e558021ed61b92284a23fc0fb1926914d100
1420a12b947dc5da81d2df97b3d29695b90c5761699c5edde2855f070607e7ad
16bc74e3ebb6ef6cc2c56565701502e39ea269aa665dd74da5742d371f3b2939
1a5781ca7fa73e3a11168275ef87851b1cc3e38c76333e33d161c26d77b1dedc
1b1d51840695cebf90274b527443cd64945cd9dfc5d2b785b0a772996ec588fc
24b709c45e552f0e040b42e812896b0fae2d0680b450e503191fbc76da075535
24c4489c10d338b7d4a1d34931746b78f1cf18f4d57e5f963b3b7458da44c6d5
2565892bc9a7c05ac215b1784631317b1c0a8c7a91986394662768a6d4dab1d9
258879e40983ed7fd3b3f5e2bf6e48762658266e3e1ce0f6bf0842e37abde7c3
25a1e0490fc802c729dbbd25c19d620b8ddff8c045a1f2f187fd6b69f6439ee7
28ad86ec6078f4c1a45d2eeea28bc10ef5b948823da7bcd7608bb5bc21faa3c3
2ae2901f146e2e0eb83648fdfc19c78aca16e1674313e164bc93c3739bba5d36
2b8973ca8134a9207d9d0c448820cfd79d66ba0ac8d1a6425ad6ec1699d39ffc
325cee8a45b452b68fe28fb92173f63a7f19967dbe3bf794bf4e3211772150c9
32af50ae4f601d5c57dad4ab9074440aaca36e42b00ed43f5ee23b2ccde38436
3530e4982843740867978c8817e82e35e005b4175684febd7b85be22c36e17ca
3668f6bc8dd86f6690ad159eed9c3020cf6af81084e29712995005ecc7176aff
37cc0451eec571b22864bfac29a3766ccebe2d1e48ac4a552a8e9b8e6f9be02f
3a17d610434c8447f9f2a3cf3d7635e060e18a93aed5c5a64e05d73cd5206b16
3f1ff7d31ce12c7c2750f80726b70e80052dfa843702a5ec1071343bf02adea0
4266325a01fe2566fd77a4c1c061f8f05b73b07e498ebca7597942c9bd1d4fa0
42c8d1ff84aad5d2eb1d589e1cccf07c16987c465e07e59a30c6926818d09cb5
46262c096e7245f756a7b0c7526201bc8f4f7a9b6e93de5132da020a4e9655a2
47a3d1d29044a5086d50d45f66600b612cdd16df4893eaf01571c8d2d714f42c
4d164e1b7ab05fba016ecda81281f50ab3219479f339017187e8136d7cb12c5a
51f45c89e5baf365e97a33c12bcd2a8bd365f5e156a519eb3c6db4a270ef0d1a
521af3b944d345f2d8dafd65f41ec94ba8e9a0d1bc5baef4884d9c071ab9e00e
52fe2f0394335dab93ffb9cac2bea65d4460b5d24cbc3861e62392194b11bfff
59ff4e9457a98e72723231e1ad962b8c2a77c67f6c025dc6464843931d061c0f
5d1765ca16cb96e4294a5c96b2084b580e200a2743b1ff7805d18bd8348825e9
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2
60d9368fc1deb5a275b3786195a53ef1272fc24b05a313aa52b1bfcc0a0356a3
62a6c980b8be129cceb54b1c6e63cbf6be73035a0580640635096fb0df2d51ec
62e689a409cf95da6685bd4f3f001e5c45749904e66475af5540fda2b3c73d9b
6572a5c9d30eb6f8d2424be69ae3f8f4b8816cb46fbdbfe3fb0f94863c8ad922
682e1c3944f2acd146a08bb5ce46251291b4dfed92500006a46acf5f6ba432f0
6b3422c0bf088fb098d4cf5a1e63791c8eecdcb4d3ab1dc0c36f19a30b171e36
6bac28b40c710514ce42fda86320277f18b0c22a4ddb3091748cfe6493359a78
6d891777771aa5f97eacda90fbd16004957c0784475110611a4f7493bad8a9b5
740078cb1778d885689a3108d2ca696b01fd80cb73437528af4ed0dd6e7466b7
7522d4d9fc4fd8e5cc25a21b496b25f744f38a78f9468a5427c5e39177e8b7ea
765633bbc0cb875ba0d7df231b6b90c5f9fbcf38268e1901d776d02395d991f6
77e253f505244807bb3b20519289552308191f98fee3bf62a5ed216ef0027bbf
786d8b9b4a813f8b34eb2279ba7cb16a38f47085fbe53d8c92d48c20112ff43f
805229b65e273163e8ba5a227376d6f3e02d1470e76e0d6f3c46bb0a3e5c2bfd
82bbd04adfca6dbbc54fbcff55f4db8bc1f66d7ccfe36820480be504d94d905d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a6dfafb8b570c6e953a44b0e01063219aaeb57b54be6b2e004d72905588f02
86d6c9053ccfcd97260044360057635d853a766fc33ebcd47c8e849686a58e3a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91822d970ea4cb3dbae6039431aaebfd36c46997c43a53a507518eed6dc230b2
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
933867bd6c1a5f3632244b79dbf0e57e885cf1f3a3ff28be02a6adecdd1862ba
946a4a92ed1abe0bc69dabb3125912b3214b7545ef0b69abb8d531047dd326ac
951f0742dfc017e17d73e323e26ae0dba4e3f03528ce47bac11a88302d9ac005
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b0e415f742585b82139fb7076506657dde225088247e2ac0fba6f88a3d19588
a24afc0f61d08f8171459d9ca3a5a735ef11fbf0c4b1e817d44cdb58f7837336
a2b3fc2929f834a2a22450475944ed1146a14f8e159f8b138dfc70334c0c49c8
a2ef194ebea955025ec930aaa5c9adfb4bb5169751962ef42720c95982827d76
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a723be196fc269545e2aa4ed8cc2e19d246170e36f58dee42b57215c0d541a8a
a8a47578ef37048e38dc641b0dae27ef14cf59744c98cd95c93baba71de272b0
ab0dc6c4a4f355cf028114ff40468c515c964cc062789d234a2b7adf85d5ebb9
ab793043cb972f4dd3fbfa9053138a3b8e68ac67e861bcf2b9c8759bb98e6349
aee8f6c904d21fb3cd41ea1db98629c28a18b0f86543cc2a3d1d31280bfbb589
afbd026b96697f616afd6c671150669d833854f1b70111487c2772dfe93e1795
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2572769deea7987c997c3f55c251b9fd9527c109f081e794c72fe93de6316aa
b5abf5b778d2b365d80d73fe19360dc9d79b037de4533335716e3a10cb02a19e
b758f60ab7ad38a56bdff71e6464b146312ea575f56ab7f6b05ed7f157f5bc48
b7e941eb05ff51591e69b2dfd3657e11af53e3f61faaf67f77f29cd630395aa5
b9b9103c60ef2c61de42660d6cd67a82d9816426f2b0f0c0a8fa3a1deae3538c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd4c78cb4cd5c2c87a907794076f7a7f7392f9df50958389afbec8c40eb5da8a
be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4
becfbf498f3cc9647d8fc8a70816cb1f3f73803a9fa293735cb9059c77854409
c01fa660f5e3a79aee33f24fac394cc5f333632e26cdb380744ebac41d871b92
c3eef2eb795e0074ca055a552e2e0f934524f7df5b26a48ccab938420f227ff1
c58a203c7c9b9677ff60318d0d66bcc4496de6783db3c6957eb4493a2664b068
c60536e1387fd63f18755c87e9028bc138c1cb11fc77a64a159777aae49a12b5
cb054ef396639da3beae5388ea312ddeaecb4f736aca87f34a46fa0d5ffde82f
cd9c139673051af705b80d8eb599aa53d534b8d51674f0f8d4dea65a449e51e2
d134107061dcfaad34af3db635f5ca3b3e368bdeeada543ac4b2b6e183c6ecb8
d5ff44821e16661e64cb8f336248f282c85d7cf990b67074fbe8baf742f44da0
d67eaa6e32c34eea44a3f90b36561f63181ed3d0407665e4e7dc48d54e5b266d
df255e2f7f9fd8c86ec6b227d9b3d2f8b3501188802e75a5009cbf9ba6f4eab7
e012d8fd59703a4ad32c22a9a671dcdc0d2a6f6e4fc994693a1d810629f1f9fe
e03925061ffc4e98cda3a842d70a4e1955c9c129e45ddd942038a48370e0804c
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e713c9c395d61560a1c6ab6ad9e1d71247bd9867f8b0fd66c59613b7e8e27785
e7ce71d068a3ee78a2c1b7059a01ad65457811d8938ead8f26b7ee9015244890
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2a662560caa0db8776136728583ce0c1d1b6785ca588d4184cf4a2f5bbe139
fb30d19bfdc58c092bdabad889657613116021c0d07e936fdb3e9e5dbd669872
fce2e621636dc5add7667aa87cd861ea9ad3c7494035fc74a5b209f790ed7e8e
fed88ada1fa70feeb7d88d7a9d2dd28aeff49928ecd0ae83d18cae26746d2186
ff5e5f296b0ef16c2c0d6fbc4f47680335eac8b0a452f413e032531e9788238a
ff9531bd6e48e9975cd7ff3f6054333899de35965398fcc4c1387c32d8c82d4c
ffd2b669b1e9644f9c9173f577c545125cd4424a599f3c6068f57299cc2f5368

www.powerball.com Open in urlscan Pro 54.87.126.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

232 Requests

97 %HTTPS

37 %IPv6

29 Domains

39 Subdomains

33 IPs

6 Countries

5696 kBTransfer

8450 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

232 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.powerball.com Open in urlscan Pro
54.87.126.121 Public Scan

Screenshot
Live screenshot

Full Image

232
Requests

97 %
HTTPS

37 %
IPv6

29
Domains

39
Subdomains

33
IPs

6
Countries

5696 kB
Transfer

8450 kB
Size

1
Cookies

232 HTTP transactions
4 data transactions