urlscan.io logo urlscan.io
SecurityTrails logo

powerball.com Open in urlscan Pro
3.212.145.131  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://powerball.com/
Effective URL: https://powerball.com/
Submission: On September 15 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 32 IPs in 4 countries across 24 domains to perform 232 HTTP transactions. The main IP is 3.212.145.131, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is powerball.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on December 11th 2020. Valid for: a year.
This is the only time powerball.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 23 3.212.145.131 14618 (AMAZON-AES)
1 65.9.191.54 16509 (AMAZON-02)
26 52.217.38.166 16509 (AMAZON-02)
1 172.217.169.74 15169 (GOOGLE)
2 104.26.7.173 13335 (CLOUDFLAR...)
3 178.250.0.130 44788 (ASN-CRITE...)
1 52.3.107.81 14618 (AMAZON-AES)
2 172.217.169.14 15169 (GOOGLE)
2 34.95.69.49 15169 (GOOGLE)
2 178.250.2.131 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
1 74.125.206.157 15169 (GOOGLE)
1 104.219.254.16 63214 (MUSL-RANGE1)
1 54.230.206.51 16509 (AMAZON-02)
1 11 35.244.159.8 15169 (GOOGLE)
6 65.9.191.90 16509 (AMAZON-02)
6 34.98.126.214 15169 (GOOGLE)
18 142.250.179.226 15169 (GOOGLE)
6 104.16.68.69 13335 (CLOUDFLAR...)
4 204.237.133.116 62713 (AS-PUBMATIC)
4 23.218.208.246 16625 (AKAMAI-AS)
4 69.173.144.141 26667 (RUBICONPR...)
24 142.250.200.34 15169 (GOOGLE)
6 142.250.187.194 15169 (GOOGLE)
6 172.217.169.65 15169 (GOOGLE)
6 52.222.179.33 16509 (AMAZON-02)
2 52.38.151.252 16509 (AMAZON-02)
25 172.217.169.66 15169 (GOOGLE)
12 172.217.16.225 15169 (GOOGLE)
6 142.250.180.4 15169 (GOOGLE)
8 184.30.24.22 16625 (AKAMAI-AS)
232 32
23    3.212.145.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-145-131.compute-1.amazonaws.com
powerball.com
1    65.9.191.54 (United States)

ASN16509 (AMAZON-02, US)
d2si3hiz85fm4q.cloudfront.net
26    52.217.38.166 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    172.217.169.74 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s09-in-f10.1e100.net
fonts.googleapis.com
2    104.26.7.173 (United States)

ASN13335 (CLOUDFLARENET, US)
code.ionicframework.com
3    178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    52.3.107.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-107-81.compute-1.amazonaws.com
s.gweini.com
2    172.217.169.14 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s26-in-f14.1e100.net
www.google-analytics.com
2    34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    74.125.206.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f157.1e100.net
stats.g.doubleclick.net
1    104.219.254.16 (United States)

ASN63214 (MUSL-RANGE1, US)
PTR: muslapi.musl.com
muslapi.musl.com
1    54.230.206.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-206-51.ham50.r.cloudfront.net
fs.gweini.com
11    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
lanista-bidder-d.openx.net
6    65.9.191.90 (United States)

ASN16509 (AMAZON-02, US)
d2tbmvllb55wxq.cloudfront.net
6    34.98.126.214 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 214.126.98.34.bc.googleusercontent.com
api.lanistaads.com
18    142.250.179.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s31-in-f2.1e100.net
www.googletagservices.com
6    104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
4    204.237.133.116 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    23.218.208.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
4    69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
24    142.250.200.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s30-in-f2.1e100.net
securepubads.g.doubleclick.net
6    142.250.187.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s33-in-f2.1e100.net
adservice.google.com
6    172.217.169.65 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s09-in-f1.1e100.net
916693ab03439e93d624fe507e0d2f15.safeframe.googlesyndication.com
d4def9e2e11117645526dee7c32eb0cf.safeframe.googlesyndication.com
16f1fb10e2815876b42d3363e4a9c2bf.safeframe.googlesyndication.com
ece0d945c35ade9a565930132320e707.safeframe.googlesyndication.com
9fa7d11b8a39dbc63582fa64dd157d29.safeframe.googlesyndication.com
bdb11cd5f0bac12a7dd71badee449487.safeframe.googlesyndication.com
6    52.222.179.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-179-33.ham50.r.cloudfront.net
deio3v2go54x9.cloudfront.net
2    52.38.151.252 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-151-252.us-west-2.compute.amazonaws.com
wowyowapi.com
25    172.217.169.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s09-in-f2.1e100.net
pagead2.googlesyndication.com
12    172.217.16.225 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s28-in-f1.1e100.net
tpc.googlesyndication.com
6    142.250.180.4 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s32-in-f4.1e100.net
www.google.com
8    184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com
contextual.media.net
lg3.media.net
Apex Domain
Subdomains		 Transfer
43 googlesyndication.com
916693ab03439e93d624fe507e0d2f15.safeframe.googlesyndication.com
d4def9e2e11117645526dee7c32eb0cf.safeframe.googlesyndication.com
16f1fb10e2815876b42d3363e4a9c2bf.safeframe.googlesyndication.com
ece0d945c35ade9a565930132320e707.safeframe.googlesyndication.com
9fa7d11b8a39dbc63582fa64dd157d29.safeframe.googlesyndication.com
bdb11cd5f0bac12a7dd71badee449487.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
196 KB
26 amazonaws.com
s3.amazonaws.com
3 MB
25 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
746 KB
23 powerball.com
powerball.com
177 KB
18 googletagservices.com
www.googletagservices.com
536 KB
13 cloudfront.net
d2si3hiz85fm4q.cloudfront.net
d2tbmvllb55wxq.cloudfront.net
deio3v2go54x9.cloudfront.net
2 MB
12 google.com
adservice.google.com
www.google.com
6 KB
11 openx.net
lanista-bidder-d.openx.net
eu-u.openx.net Failed
345 KB
8 media.net
contextual.media.net
lg3.media.net
182 KB
6 districtm.io
dmx.districtm.io
461 B
6 lanistaads.com
api.lanistaads.com
4 rubiconproject.com
fastlane.rubiconproject.com
6 KB
4 casalemedia.com
as-sec.casalemedia.com
2 KB
4 pubmatic.com
hbopenbid.pubmatic.com
288 B
4 criteo.com
bidder.criteo.com
gum.criteo.com
6 KB
3 criteo.net
static.criteo.net
39 KB
2 wowyowapi.com
wowyowapi.com
2 KB
2 clean.gg
i.clean.gg
104 B
2 google-analytics.com
www.google-analytics.com
20 KB
2 gweini.com
s.gweini.com
fs.gweini.com
24 KB
2 ionicframework.com
code.ionicframework.com
115 KB
1 musl.com
muslapi.musl.com
984 B
1 googleapis.com
fonts.googleapis.com
2 KB
0 adtechus.com Failed
adserver.adtechus.com Failed
232 24
Domain Requested by
26 s3.amazonaws.com powerball.com
s3.amazonaws.com
25 pagead2.googlesyndication.com securepubads.g.doubleclick.net
powerball.com
tpc.googlesyndication.com
24 securepubads.g.doubleclick.net powerball.com
securepubads.g.doubleclick.net
23 powerball.com 1 redirects powerball.com
s3.amazonaws.com
18 www.googletagservices.com powerball.com
d2si3hiz85fm4q.cloudfront.net
12 tpc.googlesyndication.com powerball.com
11 lanista-bidder-d.openx.net 1 redirects powerball.com
lanista-bidder-d.openx.net
6 www.google.com powerball.com
6 deio3v2go54x9.cloudfront.net d2si3hiz85fm4q.cloudfront.net
6 adservice.google.com powerball.com
6 dmx.districtm.io d2tbmvllb55wxq.cloudfront.net
6 api.lanistaads.com powerball.com
6 d2tbmvllb55wxq.cloudfront.net d2si3hiz85fm4q.cloudfront.net
4 lg3.media.net wowyowapi.com
contextual.media.net
4 contextual.media.net wowyowapi.com
contextual.media.net
4 fastlane.rubiconproject.com d2tbmvllb55wxq.cloudfront.net
4 as-sec.casalemedia.com d2tbmvllb55wxq.cloudfront.net
4 hbopenbid.pubmatic.com d2tbmvllb55wxq.cloudfront.net
3 static.criteo.net powerball.com
2 wowyowapi.com powerball.com
2 gum.criteo.com d2si3hiz85fm4q.cloudfront.net
gum.criteo.com
2 bidder.criteo.com static.criteo.net
2 i.clean.gg d2si3hiz85fm4q.cloudfront.net
2 www.google-analytics.com powerball.com
www.google-analytics.com
2 code.ionicframework.com powerball.com
code.ionicframework.com
1 bdb11cd5f0bac12a7dd71badee449487.safeframe.googlesyndication.com powerball.com
1 9fa7d11b8a39dbc63582fa64dd157d29.safeframe.googlesyndication.com powerball.com
1 ece0d945c35ade9a565930132320e707.safeframe.googlesyndication.com powerball.com
1 16f1fb10e2815876b42d3363e4a9c2bf.safeframe.googlesyndication.com powerball.com
1 d4def9e2e11117645526dee7c32eb0cf.safeframe.googlesyndication.com powerball.com
1 916693ab03439e93d624fe507e0d2f15.safeframe.googlesyndication.com powerball.com
1 fs.gweini.com d2si3hiz85fm4q.cloudfront.net
1 muslapi.musl.com s3.amazonaws.com
1 stats.g.doubleclick.net www.google-analytics.com
1 s.gweini.com powerball.com
1 fonts.googleapis.com powerball.com
1 d2si3hiz85fm4q.cloudfront.net powerball.com
0 eu-u.openx.net Failed powerball.com
0 adserver.adtechus.com Failed d2tbmvllb55wxq.cloudfront.net
232 39

This site contains no links.

Subject Issuer Validity Valid
*.powerball.com
Go Daddy Secure Certificate Authority - G2		 2020-12-11 -
2022-01-12		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
ionicframework.com
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
gweini.com
Amazon		 2020-12-08 -
2022-01-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2021-08-25 -
2021-11-23		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.musl.com
Go Daddy Secure Certificate Authority - G2		 2020-08-07 -
2022-10-06		 2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
api.lanistaads.com
GTS CA 1D4		 2021-08-28 -
2021-11-26		 3 months crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
wowyowapi.com
Amazon		 2021-08-10 -
2022-09-08		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh

This page contains 36 frames:

Primary Page: https://powerball.com/
Frame ID: F923B2271E3BDB0DD47BF2C085ACE469
Requests: 70 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=powerball.com
Frame ID: DD36032D4971617AACF904F90B3FEE20
Requests: 2 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: BE74DB4DDC096A3BCC3742839FD789C6
Requests: 17 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: 95489D978F45D7333A2F458828BA1B0E
Requests: 16 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: 5DE2C0039F01C55D822AB2B18690E66F
Requests: 20 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: F1392FF4C3D542056312C7DF2651B6BA
Requests: 20 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: 74743E6F6AE9D88174E2EFB4CB4F9FA9
Requests: 21 HTTP requests in this frame

Frame: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Frame ID: A483BB612415118E0B1A971B1599A092
Requests: 21 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=0
Frame ID: 20E07F122D11D584C66075F0F28DC37C
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=0
Frame ID: 6DFB23836029CA7114AE505D51EA2816
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: 364C5C63299D37B13FA82F8DAFD92FAF
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=0
Frame ID: 9765F012ECF31DCE76BC80E2BC1F5CDD
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: B768D551BAC3BECAF36D698DD335BCFD
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=0
Frame ID: 3AEC7F692D5582A9D33E349816E72DE5
Requests: 1 HTTP requests in this frame

Frame: https://916693ab03439e93d624fe507e0d2f15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 295BC6D08B5C1A3BF07D1C6FE8DBAA40
Requests: 1 HTTP requests in this frame

Frame: https://d4def9e2e11117645526dee7c32eb0cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: C00EFDC8A63F2A83DD5B9A91104F32BD
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: 347459A5DB74FE9230490FDED638C441
Requests: 1 HTTP requests in this frame

Frame: https://16f1fb10e2815876b42d3363e4a9c2bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 42FED8EE955B036F6071C53AE2F0A81A
Requests: 1 HTTP requests in this frame

Frame: https://ece0d945c35ade9a565930132320e707.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 183A2D9B1A1AC6C3E4553E6D84CD902F
Requests: 1 HTTP requests in this frame

Frame: https://9fa7d11b8a39dbc63582fa64dd157d29.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: A7C41F6FA01451B356D2D23C7D9509C0
Requests: 1 HTTP requests in this frame

Frame: https://bdb11cd5f0bac12a7dd71badee449487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 2A7573FD7B038EFBFEF2A19056A3382F
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Frame ID: 281859EB3A01B7E7BCEBF18FCD5D752F
Requests: 1 HTTP requests in this frame

Frame: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=powerball.com
Frame ID: C92A9590362B8A83B33507C1E16E5C85
Requests: 5 HTTP requests in this frame

Frame: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=powerball.com
Frame ID: 459DAA4A7B4EBC994A706CEF53830504
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 0CECC9E729343BF58E2C36D29DB6D463
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1509297334A414D56030ED9124906F64
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 07491199398D3E4701FE1E4FD71F7E19
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4DBB50D536AF5560D361D6A862FFFE23
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C81FB11697DBE7082F2B7D7496008307
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ACF7B58C8B71A6A88CC3D74C571D0A6F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 9F037B45FC29BBBD38BAFDC316C39A2A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D29B98497FF13BCF7B4C361F1E199780
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: B5B75F41C735D5787D56B70E14FAF654
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7CEFEBAE948DA1047C8E6706C37DDE48
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A0D6CA593C8292E0E936CE304C575789
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 443C5C4ED476BC6552ADBEDC91FFDB63
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home | Powerball

Page URL History Show full URLs

  1. http://powerball.com/ HTTP 302
    https://powerball.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+ionicons(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

232
Requests

95 %
HTTPS

0 %
IPv6

24
Domains

39
Subdomains

32
IPs

4
Countries

7076 kB
Transfer

11255 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://powerball.com/ HTTP 302
    https://powerball.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85
  • https://lanista-bidder-d.openx.net/w/1.0/acj?ai=beedc28e-76a1-4fde-a78b-fb1e3fad8a16&o=2ce133e201fabc&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ifr=1&tws=1600x1200 HTTP 302
  • https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=beedc28e-76a1-4fde-a78b-fb1e3fad8a16&o=2ce133e201fabc&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ifr=1&tws=1600x1200

232 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
powerball.com/
Redirect Chain
  • http://powerball.com/
  • https://powerball.com/
96 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.145.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-145-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e7365c368e00e50181f5a1928278918afd89a19c7b31d86219248f0d4385d9a6
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
powerball.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 15 Sep 2021 13:50:21 GMT
content-type
text/html; charset=UTF-8
server
Apache
x-content-type-options
nosniff nosniff
cache-control
max-age=86400, public
x-drupal-dynamic-cache
HIT
link
<http://powerball.com/>; rel="canonical", <http://powerball.com/>; rel="shortlink" <http://powerball.com/games/home>; rel="alternate"; hreflang="en" <http://powerball.com/es/games/home>; rel="alternate"; hreflang="es" <http://powerball.com/games/home>; rel="revision"
x-ua-compatible
IE=edge
content-language
en
x-frame-options
SAMEORIGIN
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Tue, 14 Sep 2021 23:36:37 GMT
etag
"1631662597"
vary
Cookie,Accept-Encoding
x-generator
Drupal 8 (https://www.drupal.org)
x-drupal-cache
HIT
content-encoding
gzip

Redirect headers

Date
Wed, 15 Sep 2021 13:50:21 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
206
Connection
keep-alive
Server
Apache
X-Content-Type-Options
nosniff
Location
https://powerball.com/
Cache-Control
max-age=1209600
Expires
Wed, 29 Sep 2021 13:50:21 GMT
script.js
d2si3hiz85fm4q.cloudfront.net/ 		116 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2si3hiz85fm4q.cloudfront.net/script.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.191.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4216276d265d6d92418db268707729a185cffb5111785badaa8afc9870baffaa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:49:04 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 12:46:42 GMT
server
AmazonS3
age
78
etag
W/"a2dfdd561d706a8ae9931a3566459073"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a65cc3f0f56427b7099c895c026d63f0.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
4oGZpz5-HN5JF3zKoMerqo-Ru_i2H8kx6TA3yEiiKrMVDlYhQuIG0Q==
css_gJQsCrcNl-LKyMES-fk5dO5R3YFVgoJu8jC_EgOSBeQ.css
s3.amazonaws.com/cdn.powerball.com/drupal/files/css/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_gJQsCrcNl-LKyMES-fk5dO5R3YFVgoJu8jC_EgOSBeQ.css
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
80942c0ab70d97e2cac8c112f9f93974ee51dd815582826ef230bf12039205e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:23 GMT
Last-Modified
Thu, 19 Aug 2021 06:51:50 GMT
Server
AmazonS3
x-amz-request-id
1NEQ8R3METQ8VJ0M
ETag
"601f710b964059b7280163b4aff80a66"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
7313
x-amz-id-2
Xse0HP3Mf8uKNXu+CWhbmyOkRQSDty2dfhvC7avWkkUPKrFMNad4uKDBlxLAC6YCazq+/7kS8jI=
css
fonts.googleapis.com/ 		27 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,300i,700|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.169.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f10.1e100.net
Software
ESF /
Resource Hash
83d8061755b2af258116569fa45f2acb43146776c825029a87dc6dee9f533fb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 13:01:40 GMT
server
ESF
date
Wed, 15 Sep 2021 13:50:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Sep 2021 13:50:21 GMT
ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 		50 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-fastly-request-id
9b722797dc08566e90050c0555aba3590f41a1b0
date
Wed, 15 Sep 2021 13:50:21 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
77530
x-cache
HIT
x-cache-hits
1
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19128-FRA
last-modified
Thu, 29 Apr 2021 18:50:21 GMT
server
cloudflare
x-github-request-id
BE6C:F8F9:A5036:151133:613EE4DC
x-timer
S1631636291.282262,VS0,VE1
etag
W/"608affed-c854"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ounFxcs8ZSBHDZ4%2Bbn9cGvaNmOESplkt0MwWGYSFsTah6ILUMC%2FYxdJLZtXiLVXld058voWGmMRvmYtxggbYgZqhgLmP9kdvHSEc2DnjwtEWR6flMeiCROxwv6PiIQd3ajb%2B8r9hhGZb"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-proxy-cache
MISS
cf-ray
68f252dacc174138-PRG
x-origin-cache
HIT
expires
Mon, 13 Sep 2021 05:52:52 GMT
css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
s3.amazonaws.com/cdn.powerball.com/drupal/files/css/ 		189 KB
189 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
36e9174f85bb9bbe4d46667ddec90e57d48afa42af4f632b43dfecb2ea9b0b65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:23 GMT
Last-Modified
Mon, 23 Aug 2021 16:15:44 GMT
Server
AmazonS3
x-amz-request-id
1NER7PN83ZP8KF3C
ETag
"0586ba954e68650daf478e6d2f9935d6"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
193419
x-amz-id-2
QnCL+OpP6zR0kTdtZqxxKVGtxMYNNnaFSQ3K1NeeQ1+IWnHgnubmHfYhHFwsX8gExfl1URsBFJM=
publishertag.js
static.criteo.net/js/ld/ 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
4c4f262a6ae9b7b845b3db15e23fc65f39db970be6e1e59fb3fd2d2f9ca191cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:22 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 12:50:31 GMT
server
nginx
etag
W/"6138b197-1dce0"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 16 Sep 2021 13:50:22 GMT
gweiniClientV1.php
s.gweini.com/ 		91 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.gweini.com/gweiniClientV1.php?ClientID=PUB_ID&group=GPPowerball
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.107.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-107-81.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
084fd154266692bdc0410bb5e3a74dbd35c4c544b7e84ce52dd4643a0c49b97e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:22 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Content-Length
7941
Content-Type
text/html; charset=UTF-8
powerball-power-play-logo_0.png
s3.amazonaws.com/cdn.powerball.com/drupal/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/powerball-power-play-logo_0.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c0f02a3ba3b3498d9ff3243cd2185bbf9f9c961f1373b2b463dfa025c2d57c5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:23 GMT
Last-Modified
Tue, 28 Apr 2020 05:17:42 GMT
Server
AmazonS3
x-amz-request-id
1NEY4RTT0DWV59AG
ETag
"954a0848710c5224685722e2621e667e"
Content-Type
image/png
Cache-Control
public, max-age=2419200
Accept-Ranges
bytes
Content-Length
26090
x-amz-id-2
4pMLVjk4GMQU4Ux4Ce9QDkB67Ce1wUzNUknjcXNw4yHH0F7wesQKNdMjb5inz8sv3wmlhbpKAVI=
powerball-logo-alternate.png
powerball.com/themes/rapid/images/shared/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/shared/powerball-logo-alternate.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.145.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-145-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
5111b3af3c37b8466db90632f3cdb79670a1af92835aa85a510260b52f045a71
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/shared/powerball-logo-alternate.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 11:19:52 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
46618
expires
Wed, 29 Sep 2021 13:50:22 GMT
down-arrow-mobile.png
powerball.com/themes/rapid/images/shared/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/shared/down-arrow-mobile.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.145.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-145-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
cbc8abcf771fbe0106242a5f0fb5c6abcee8f5e2eb295bd5099999bafe14f446
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/shared/down-arrow-mobile.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 11:19:52 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
8371
expires
Wed, 29 Sep 2021 13:50:22 GMT
down-arrow.png
powerball.com/themes/rapid/images/shared/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/shared/down-arrow.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.145.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-145-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
3cde3dc0691b364cf1af3f233269802b8b4d566b962c107fc49966e839222f1e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/shared/down-arrow.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 11:19:52 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
12466
expires
Wed, 29 Sep 2021 13:50:22 GMT
icon%20-%20suitcase.png
s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-11/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-11/icon%20-%20suitcase.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
62a6c980b8be129cceb54b1c6e63cbf6be73035a0580640635096fb0df2d51ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:23 GMT
Last-Modified
Mon, 03 Jun 2019 18:45:42 GMT
Server
AmazonS3
x-amz-request-id
1NETVKTB1S90P4SN
ETag
"10fafcb681743db4bdf20e94bd570fe6"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1339
x-amz-id-2
IZhNsCt32mY327+9ChAn4OAqtJiKe8aurE03TMvWD0wTLVWnvYaNLqE99iZnxDjHzAZf693lNs8=
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.169.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
493
date
Wed, 15 Sep 2021 13:42:09 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 15 Sep 2021 15:42:09 GMT
plap-icon-how.png
powerball.com/themes/rapid/images/home/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/home/plap-icon-how.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.145.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-145-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
51f45c89e5baf365e97a33c12bcd2a8bd365f5e156a519eb3c6db4a270ef0d1a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/home/plap-icon-how.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 11:19:52 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
9192
expires
Wed, 29 Sep 2021 13:50:22 GMT
plap-icon-where.png
powerball.com/themes/rapid/images/home/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/home/plap-icon-where.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.145.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-145-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
946a4a92ed1abe0bc69dabb3125912b3214b7545ef0b69abb8d531047dd326ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/home/plap-icon-where.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 11:19:52 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1976
expires
Wed, 29 Sep 2021 13:50:22 GMT
plap-icon-powerplay.png
powerball.com/themes/rapid/images/home/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/home/plap-icon-powerplay.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.145.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-145-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ffd2b669b1e9644f9c9173f577c545125cd4424a599f3c6068f57299cc2f5368
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/home/plap-icon-powerplay.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 11:19:52 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
3385
expires
Wed, 29 Sep 2021 13:50:22 GMT
plap-icon-multidraw.png
powerball.com/themes/rapid/images/home/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/home/plap-icon-multidraw.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.145.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-145-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
bd4c78cb4cd5c2c87a907794076f7a7f7392f9df50958389afbec8c40eb5da8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/home/plap-icon-multidraw.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 11:19:52 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
4817
expires
Wed, 29 Sep 2021 13:50:22 GMT
monument-smithsonian-1.png
powerball.com/themes/rapid/images/home/how-tall/ 		273 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/home/how-tall/monument-smithsonian-1.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.145.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-145-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b9b9103c60ef2c61de42660d6cd67a82d9816426f2b0f0c0a8fa3a1deae3538c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/home/how-tall/monument-smithsonian-1.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 11:19:52 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
273
expires
Wed, 29 Sep 2021 13:50:22 GMT
monument-liberty2.png
powerball.com/themes/rapid/images/home/how-tall/ 		927 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/home/how-tall/monument-liberty2.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.145.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-145-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
2ae2901f146e2e0eb83648fdfc19c78aca16e1674313e164bc93c3739bba5d36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/home/how-tall/monument-liberty2.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 11:19:52 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
927
expires
Wed, 29 Sep 2021 13:50:22 GMT
monument-pyramid-3.png
powerball.com/themes/rapid/images/home/how-tall/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/home/how-tall/monument-pyramid-3.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.145.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-145-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
52fe2f0394335dab93ffb9cac2bea65d4460b5d24cbc3861e62392194b11bfff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/home/how-tall/monument-pyramid-3.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 11:19:52 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2432
expires
Wed, 29 Sep 2021 13:50:22 GMT
monument-bloomberg4.png
powerball.com/themes/rapid/images/home/how-tall/ 		326 B
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/home/how-tall/monument-bloomberg4.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.145.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-145-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
d67eaa6e32c34eea44a3f90b36561f63181ed3d0407665e4e7dc48d54e5b266d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/home/how-tall/monument-bloomberg4.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 11:19:52 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
326
expires
Wed, 29 Sep 2021 13:50:22 GMT
monument-eiffel-5.png
powerball.com/themes/rapid/images/home/how-tall/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/home/how-tall/monument-eiffel-5.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.145.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-145-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
becfbf498f3cc9647d8fc8a70816cb1f3f73803a9fa293735cb9059c77854409
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/home/how-tall/monument-eiffel-5.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 11:19:52 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2378
expires
Wed, 29 Sep 2021 13:50:22 GMT
monument-tradecenter-6.png
powerball.com/themes/rapid/images/home/how-tall/ 		806 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/home/how-tall/monument-tradecenter-6.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.145.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-145-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
a2ef194ebea955025ec930aaa5c9adfb4bb5169751962ef42720c95982827d76
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/home/how-tall/monument-tradecenter-6.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 11:19:52 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
806
expires
Wed, 29 Sep 2021 13:50:22 GMT
monument-burj-7.png
powerball.com/themes/rapid/images/home/how-tall/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/home/how-tall/monument-burj-7.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.145.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-145-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
47a3d1d29044a5086d50d45f66600b612cdd16df4893eaf01571c8d2d714f42c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/home/how-tall/monument-burj-7.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 11:19:52 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1545
expires
Wed, 29 Sep 2021 13:50:22 GMT
monument-sears-8.png
powerball.com/themes/rapid/images/home/how-tall/ 		619 B
825 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/themes/rapid/images/home/how-tall/monument-sears-8.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.145.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-145-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
06ef905faafedcc71b11e25d395607fb6fef70fdbdaceb87c744255c67624799
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/themes/rapid/images/home/how-tall/monument-sears-8.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:22 GMT
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 11:19:52 GMT
server
Apache
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
619
expires
Wed, 29 Sep 2021 13:50:22 GMT
odds.png
s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/odds.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ff5e5f296b0ef16c2c0d6fbc4f47680335eac8b0a452f413e032531e9788238a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:23 GMT
Last-Modified
Mon, 03 Jun 2019 18:45:58 GMT
Server
AmazonS3
x-amz-request-id
1NEKG6CTG13M8JY7
ETag
"31e28e1ff8717ae89c4787ce8930a8bc"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
20304
x-amz-id-2
6ssr2If0KDwmr6xoMy6q01zEk9XxFmQ0Zfvw0wHoWoUmjFpbfTSukpBgPJgyRlbuqOyCfJRa8LM=
payments.png
s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/payments.png
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
1b1d51840695cebf90274b527443cd64945cd9dfc5d2b785b0a772996ec588fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:23 GMT
Last-Modified
Mon, 03 Jun 2019 18:45:58 GMT
Server
AmazonS3
x-amz-request-id
1NEXNVQHHMY0AMAM
ETag
"7f93eb9bb1be1c208734e209e3ed1f8d"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
20330
x-amz-id-2
s6rNl1UfdOJhjewm7UYQ63MWtrrcLdr8cFmgX69x8sq1GWDZYhN8MAtef1tq2gMTxiSfrBZd2pI=
js_sQSf5fLzSqBmTuq-XU24eiv3d4AsXF_nkI8fpynYQbA.js
s3.amazonaws.com/cdn.powerball.com/drupal/files/js/ 		476 KB
476 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_sQSf5fLzSqBmTuq-XU24eiv3d4AsXF_nkI8fpynYQbA.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b1049fe5f2f34aa0664eeabe5d4db87a2bf777802c5c5fe7908f1fa729d841b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:23 GMT
Last-Modified
Mon, 23 Aug 2021 16:15:45 GMT
Server
AmazonS3
x-amz-request-id
1NESP2RJHC8E4K7T
ETag
"f2bfb11c7bddf9a8c12a22cfc753c28e"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
487157
x-amz-id-2
3pYJBE8KVYqgqtQWkh0BY40LWmTWl+fA1OYVeJG1tzUtl0kpxch0pIoMoHEqZPiMsJAkc42BViI=
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://powerball.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.4
date
Wed, 15 Sep 2021 13:50:22 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
via
1.1 google
alt-svc
clear
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 15 Sep 2021 13:50:22 GMT
via
1.1 google
server
nginx/1.17.4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
clear
content-length
0
header-rep.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/header-rep.jpg
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
cd9c139673051af705b80d8eb599aa53d534b8d51674f0f8d4dea65a449e51e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:23 GMT
Last-Modified
Mon, 03 Jun 2019 18:42:36 GMT
Server
AmazonS3
x-amz-request-id
1NEX0GD45M35QR3K
ETag
"0e973dffc15bf2796e8b24b0a1dead33"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
3922
x-amz-id-2
5kauxDbfpWBWAIarP15yz8YFD4twGSky7GeEJ4H1Fg+7lEWD8XQB3EGxagybvOuVls9+H9eAaMg=
ProximaNova-Regular.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Regular/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Regular/ProximaNova-Regular.woff
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5d1765ca16cb96e4294a5c96b2084b580e200a2743b1ff7805d18bd8348825e9

Request headers

Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
Origin
https://powerball.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:23 GMT
Last-Modified
Tue, 04 Jun 2019 03:53:18 GMT
Server
AmazonS3
x-amz-request-id
1NENQWBWZDT0SKZ3
ETag
"78adc015dc4ffc4db6e237fefddcf605"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
https://powerball.com
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Length
40260
x-amz-id-2
sjwUILQXm579s8lYEMg/UEsHP2MXjEDb7zy78wyzfPkCk6wPLjtijghNkqI1N3wd7qp1ewliDIc=
beach-couple.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/beach-couple.jpg
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
821e02b7009ed37828e3acf4c71ae2f7949acd106935854e5e668d75c07e8d37

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:23 GMT
Last-Modified
Tue, 28 Apr 2020 04:52:42 GMT
Server
AmazonS3
x-amz-request-id
1NERTGQK0NRXWE0W
ETag
"16fdf0e0990ae659f8dad6eb3183738d"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
108307
x-amz-id-2
4ZxyIVOLR+cJZ98af1Mt7/UORberz4md8AYX+Cn/JOE5kr96YiiR4kjg80GgldtXQZeN+25WLXk=
chapter-sections-digits.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 		134 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/chapter-sections-digits.png
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
03bdd68a1e549bf59bc419d1842bec52628885efc75ed8a58a7d1f7671d6c4d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:23 GMT
Last-Modified
Mon, 03 Jun 2019 18:42:35 GMT
Server
AmazonS3
x-amz-request-id
1NEPJ7SNNYW2PYJ6
ETag
"463652a321bd08768e5436662ab77a65"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
137704
x-amz-id-2
sin3KyxM7Oi7z8rQPbM6yboyq+r+yKql2tTZCaXBeltMKM1Rc2QR/Wpi1VfLB1sbaob4tmgGzOU=
chapter-icon-digits.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/chapter-icon-digits.png
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
325cee8a45b452b68fe28fb92173f63a7f19967dbe3bf794bf4e3211772150c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:23 GMT
Last-Modified
Mon, 03 Jun 2019 18:42:34 GMT
Server
AmazonS3
x-amz-request-id
1NETW737XKXZA0NK
ETag
"941ef7347e719b3dd272745a601be5ca"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
4711
x-amz-id-2
NTWH4vYMxSjExq3d0g04R8CS4xrYNEGkqopdgrdB+mPValoypKdzl9QmIfuCO7xEA0sE8vDbBZc=
selected-tab.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 		358 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/selected-tab.png
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
60d9368fc1deb5a275b3786195a53ef1272fc24b05a313aa52b1bfcc0a0356a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:23 GMT
Last-Modified
Mon, 03 Jun 2019 18:42:37 GMT
Server
AmazonS3
x-amz-request-id
1NEWD3P5FPF5F4VZ
ETag
"a534365977f2b2e499d219861587f18f"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
358
x-amz-id-2
w2UME74Hha84M2AYyh6i9nByFYo7sIRl6k9sQI+JqpGeh4yvFpg3Qyzwf93cC/BwvPnFBx+c5xk=
ball-powerball-red.svg
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/home/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/home/ball-powerball-red.svg
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
9b0e415f742585b82139fb7076506657dde225088247e2ac0fba6f88a3d19588

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:24 GMT
Last-Modified
Mon, 03 Jun 2019 18:42:32 GMT
Server
AmazonS3
x-amz-request-id
9KYCSM7NBXSX46MM
ETag
"b51736b050323703cfdd1b2dea37359b"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
1539
x-amz-id-2
sI5BTT1PQ4z4S/bdDUvNW2ukBbDmdGrn3/lydkRcR5Y3/Gf+9YsCwxqsthQ+lZvDD66mJ4Nn2/Q=
chapter-sections-plap.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/chapter-sections-plap.png
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d134107061dcfaad34af3db635f5ca3b3e368bdeeada543ac4b2b6e183c6ecb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:24 GMT
Last-Modified
Mon, 03 Jun 2019 18:42:35 GMT
Server
AmazonS3
x-amz-request-id
9KY6K24JYZ2M92WP
ETag
"919037d9f382c51cc1f7a8315a0fba30"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
130339
x-amz-id-2
U157rvjkc/pGh2LS82xnuXLyApwnwxfHaioF5/wK49gTR1O/nlovXQbu/vfsriC6/+DC7hstRXY=
chapter-icon-plap.png
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/images/shared/chapter-icon-plap.png
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b5abf5b778d2b365d80d73fe19360dc9d79b037de4533335716e3a10cb02a19e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:24 GMT
Last-Modified
Mon, 03 Jun 2019 18:42:34 GMT
Server
AmazonS3
x-amz-request-id
9KY9SZY0FBA6DCPN
ETag
"dbf5cfdb8c71d88c4763528d7d7746d8"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2674
x-amz-id-2
0Xmp57U06BMHc2cCDat94S/Oj32v361hsuTKY2QbCU5AXUbplKHeD8Ly2Gn7N1ahdyO8cPZGafM=
how-tall-desktop_0.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2017-12/how-tall-desktop_0.jpg
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
77e253f505244807bb3b20519289552308191f98fee3bf62a5ed216ef0027bbf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:24 GMT
Last-Modified
Mon, 03 Jun 2019 18:45:54 GMT
Server
AmazonS3
x-amz-request-id
9KYBTTYNFG0879Z2
ETag
"d94fd880ae887e896b75c3a3992f6572"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
9768
x-amz-id-2
6sBByWt2tLPPDOY/L/WDsSfZTNj+Y2uFIdVlQuXHPfQEliRCvPT8kqVVB/N7PYnc7e0Vqy4sOBI=
ionicons.ttf
code.ionicframework.com/ionicons/2.0.1/fonts/ 		184 KB
106 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://code.ionicframework.com/ionicons/2.0.1/fonts/ionicons.ttf?v=2.0.1
Requested by
Host: code.ionicframework.com
URL: https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.7.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2

Request headers

Referer
https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Origin
https://powerball.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-fastly-request-id
220638d6d64d56fa9021e363b8f4adac626fcd46
date
Wed, 15 Sep 2021 13:50:22 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
74299
x-cache
HIT
x-cache-hits
4
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19177-FRA
last-modified
Thu, 29 Apr 2021 18:50:21 GMT
server
cloudflare
x-github-request-id
D98E:5B2E:C70565:CCCA83:613A9850
x-timer
S1631639524.935153,VS0,VE0
etag
W/"608affed-2e05c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59%2BnU8%2FgPueL76wlE%2BPh3vHwWYbFKN7oIrLMheb5ZmmcN5LQKF0guu4jm07CmvwLzu4qlW7HHwon8ETRhDVb%2BiO03uA9odhDkIv42fzwIyX61mQVB14uAI9Z%2FN06Xc3Rbb4mo8fmyqhE"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
access-control-allow-origin
*
cache-control
max-age=31536000
x-proxy-cache
MISS
cf-ray
68f252df7848412b-PRG
x-origin-cache
HIT
expires
Thu, 09 Sep 2021 23:37:12 GMT
ProximaNova-Bold.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Bold/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Bold/ProximaNova-Bold.woff
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
37cc0451eec571b22864bfac29a3766ccebe2d1e48ac4a552a8e9b8e6f9be02f

Request headers

Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
Origin
https://powerball.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:23 GMT
Last-Modified
Tue, 04 Jun 2019 03:53:14 GMT
Server
AmazonS3
x-amz-request-id
1NEZJATVJ659M2BR
ETag
"e05ada7ee5a2d1e5a50c5305ce23de68"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
https://powerball.com
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Length
40836
x-amz-id-2
dP299cVWhkRyc74prqTtVFyycz27J5CbwIxJdXaBmizPVvONHSLVWVFhs57O95J7FiYWZ7ppfTw=
ProximaNova-Semibold.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Semibold/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Semibold/ProximaNova-Semibold.woff
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
16bc74e3ebb6ef6cc2c56565701502e39ea269aa665dd74da5742d371f3b2939

Request headers

Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
Origin
https://powerball.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:23 GMT
Last-Modified
Tue, 04 Jun 2019 03:53:19 GMT
Server
AmazonS3
x-amz-request-id
1NEVNYSW733W6VWY
ETag
"cc1a6c632152a90dfa994a7280496cb3"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
https://powerball.com
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Length
40304
x-amz-id-2
fFvbHiocDXPsj86I3tXRaIstrt199V08H9dRd1Ib8LeerXeEqfXjbkaLncRiR/Q5cEi/JeJ44iQ=
ProximaNova-Extrabld.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Extrabld/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Extrabld/ProximaNova-Extrabld.woff
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6bac28b40c710514ce42fda86320277f18b0c22a4ddb3091748cfe6493359a78

Request headers

Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
Origin
https://powerball.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:23 GMT
Last-Modified
Tue, 04 Jun 2019 03:53:15 GMT
Server
AmazonS3
x-amz-request-id
1NENHNE2T3PGYDJQ
ETag
"dbce0260a4c434e83703edda344b0329"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
https://powerball.com
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Length
40852
x-amz-id-2
f9SyI0rDMgYFIlTywvGQ3y09DV9MWgmDCbm25exEB7u7yODjN8In7xhCtA8LthNMlvpjclkLwyk=
ProximaNova-Light.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Light/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-Light/ProximaNova-Light.woff
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
91822d970ea4cb3dbae6039431aaebfd36c46997c43a53a507518eed6dc230b2

Request headers

Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
Origin
https://powerball.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:23 GMT
Last-Modified
Tue, 04 Jun 2019 03:53:17 GMT
Server
AmazonS3
x-amz-request-id
1NER0VPR9VM9EY73
ETag
"0b903f87bae9c87f54243c90469294ee"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
https://powerball.com
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Length
40260
x-amz-id-2
Z/wV4Ir3XvrnqCF5bWrOBSMrOn+lcSQfI6av4HVLrCosDae8xBa65GEJU4qVxS7PfTtTyEvIHZs=
ProximaNova-RegularIt.woff
s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-RegularIt/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/themes/rapid/fonts/ProximaNova-RegularIt/ProximaNova-RegularIt.woff
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
59ff4e9457a98e72723231e1ad962b8c2a77c67f6c025dc6464843931d061c0f

Request headers

Referer
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/css/css_NukXT4W7m75NRmZ93skOV9SK-kKvT2MrQ9_ssuqbC2U.css
Origin
https://powerball.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:23 GMT
Last-Modified
Tue, 04 Jun 2019 03:53:19 GMT
Server
AmazonS3
x-amz-request-id
1NEZQEAQXTEZPFKH
ETag
"24d85649dddd19938b718e8d57ddb2bf"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
https://powerball.com
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Length
40116
x-amz-id-2
NNFrhlM3gLr7b03Co2jCyyjr3PPReMuYtEXCCjq3HYwge2D1leTQwPupZ4aY8x6tgYIV+n0h07M=
cdb
bidder.criteo.com/ 		0
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=113&profileId=206&cb=3609437421
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://powerball.com
date
Wed, 15 Sep 2021 13:50:22 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=655640975&t=pageview&_s=1&dl=https%3A%2F%2Fpowerball.com%2F&ul=en-us&de=UTF-8&dt=Home%20%7C%20Powerball&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=325855800&gjid=2085660303&cid=1087763819.1631713823&tid=UA-29233419-1&_gid=541123781.1631713823&_r=1&_slc=1&z=1796958014
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s26-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 13:50:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://powerball.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
bidder.criteo.com/csm/ 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://powerball.com
date
Wed, 15 Sep 2021 13:50:22 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
pixel.gif
static.criteo.net/images/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:22 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 10 Sep 2022 13:50:22 GMT
pixel.gif
static.criteo.net/images/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:22 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 10 Sep 2022 13:50:22 GMT
syncframe
gum.criteo.com/ Frame DD36 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=powerball.com
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=powerball.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1833
set-cookie
uid=66a3bc05-886d-4166-a85d-e9c5dedcf55f; expires=Mon, 10 Oct 2022 13:50:22 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Wed, 15 Sep 2021 13:50:21 GMT
content-length
4666
collect
stats.g.doubleclick.net/j/ 		1 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-29233419-1&cid=1087763819.1631713823&jid=325855800&gjid=2085660303&_gid=541123781.1631713823&_u=YGBACEAABAAAAC~&z=1579690849
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 15 Sep 2021 13:50:22 GMT
content-type
text/plain
access-control-allow-origin
https://powerball.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
recent
powerball.com/api/v1/numbers/powerball/ 		301 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://powerball.com/api/v1/numbers/powerball/recent?_format=json
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_sQSf5fLzSqBmTuq-XU24eiv3d4AsXF_nkI8fpynYQbA.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.145.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-145-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
85b2c561e2ee75165affc9dbe2fc1619f89ca6f8aeb654d441edfa462a2c108e
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.1087763819.1631713823; _gid=GA1.2.541123781.1631713823; _gat=1
:path
/api/v1/numbers/powerball/recent?_format=json
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://powerball.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff nosniff
x-drupal-dynamic-cache
MISS
content-length
144
x-ua-compatible
IE=edge
last-modified
Wed, 15 Sep 2021 02:36:03 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"1631673363"
vary
Cookie,Accept-Encoding
content-language
en
x-generator
Drupal 8 (https://www.drupal.org)
cache-control
max-age=86400, public
content-type
application/json
x-drupal-cache
HIT
expires
Sun, 19 Nov 1978 05:00:00 GMT
powerball
powerball.com/api/v1/estimates/ 		162 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://powerball.com/api/v1/estimates/powerball?_format=json
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_sQSf5fLzSqBmTuq-XU24eiv3d4AsXF_nkI8fpynYQbA.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.145.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-145-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
59ef9066fda9ca8321be862f345abff089ac1bf3391bbf96970f35e36127326f
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.1087763819.1631713823; _gid=GA1.2.541123781.1631713823; _gat=1
:path
/api/v1/estimates/powerball?_format=json
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://powerball.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff nosniff
x-drupal-dynamic-cache
MISS
content-length
140
x-ua-compatible
IE=edge
last-modified
Wed, 15 Sep 2021 02:36:03 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"1631673363"
vary
Cookie,Accept-Encoding
content-language
en
x-generator
Drupal 8 (https://www.drupal.org)
cache-control
max-age=86400, public
content-type
application/json
x-drupal-cache
HIT
expires
Sun, 19 Nov 1978 05:00:00 GMT
recent10
powerball.com/api/v1/numbers/powerball/ 		1001 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://powerball.com/api/v1/numbers/powerball/recent10?_format=json
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_sQSf5fLzSqBmTuq-XU24eiv3d4AsXF_nkI8fpynYQbA.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.145.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-145-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
3a04c03bc96ce2c771f7a564205e19d5681693d6545f0563c80f68bfe6e05e02
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.1087763819.1631713823; _gid=GA1.2.541123781.1631713823; _gat=1
:path
/api/v1/numbers/powerball/recent10?_format=json
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://powerball.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff nosniff
x-drupal-dynamic-cache
MISS
content-length
246
x-ua-compatible
IE=edge
last-modified
Wed, 15 Sep 2021 02:36:03 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"1631673363"
vary
Cookie,Accept-Encoding
content-language
en
x-generator
Drupal 8 (https://www.drupal.org)
cache-control
max-age=86400, public
content-type
application/json
x-drupal-cache
HIT
expires
Sun, 19 Nov 1978 05:00:00 GMT
powerball-hero-concept3_desktop_full.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2020-04/ 		334 KB
334 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2020-04/powerball-hero-concept3_desktop_full.jpg
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e6e69ae9133bcc7f46c03b0b6608b525ed2cf440c9a218649f9525368093836a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:23 GMT
Last-Modified
Tue, 28 Apr 2020 03:58:01 GMT
Server
AmazonS3
x-amz-request-id
1NEW9AJBZ1FDM0AP
ETag
"6bc941bff6153e985cccf26af80a4414"
Content-Type
image/jpeg
Cache-Control
public, max-age=2419200
Accept-Ranges
bytes
Content-Length
341523
x-amz-id-2
sqzA6Xwz9OXvnlyzYa46/IksS+x01NbRM/v5iLRSH9uH1RRBaQjiRGoy400rG7sbDtu2ieUYi4U=
/
powerball.com/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://powerball.com/
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.145.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-145-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/
pragma
no-cache
cookie
_ga=GA1.2.1087763819.1631713823; _gid=GA1.2.541123781.1631713823; _gat=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff nosniff
x-drupal-dynamic-cache
HIT
vary
Cookie,Accept-Encoding
x-ua-compatible
IE=edge
last-modified
Tue, 14 Sep 2021 23:36:37 GMT
server
Apache
etag
"1631662597"
x-frame-options
SAMEORIGIN
content-language
en
x-generator
Drupal 8 (https://www.drupal.org)
cache-control
max-age=86400, public
content-type
text/html; charset=UTF-8
link
<http://powerball.com/>; rel="canonical", <http://powerball.com/>; rel="shortlink" <http://powerball.com/games/home>; rel="alternate"; hreflang="en" <http://powerball.com/es/games/home>; rel="alternate"; hreflang="es" <http://powerball.com/games/home>; rel="revision"
x-drupal-cache
HIT
expires
Sun, 19 Nov 1978 05:00:00 GMT
New-Monday-Drawing-Slider_PERM_PC_0.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2021-08/ 		218 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2021-08/New-Monday-Drawing-Slider_PERM_PC_0.jpg
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b78572d6e55b45054a090026984daf46b05a13ce30e447ce9a5b7c69770cb632

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:24 GMT
Last-Modified
Mon, 23 Aug 2021 17:46:48 GMT
Server
AmazonS3
x-amz-request-id
9KY6GYM1PSX3H4RG
ETag
"ce0493bc33c05635810b496c23c732f9"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
223735
x-amz-id-2
i+U9QTkm1kYUs6x/r0eD3kKnlkg2V1IJoFacFjq9qBvJyCgB1qo41aZPMNjrjuNE01FF6aIsJKI=
Powerball%20Hero%202020%20Live_PC-revised-MWS.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2021-08/ 		550 KB
550 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2021-08/Powerball%20Hero%202020%20Live_PC-revised-MWS.jpg
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f305db2d4af7b28e5a52e4d3bb69b5cf0d232ac3c741743941621f6bccccce31

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:24 GMT
Last-Modified
Mon, 23 Aug 2021 17:36:35 GMT
Server
AmazonS3
x-amz-request-id
9KY1H0C5M4YXMYNS
ETag
"36c777b0ddf79f6010d50d2755b5b5d0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
563090
x-amz-id-2
4USPT0BIu2s6OFBMbMi3/xsGK8GgAfV7bGFMQCdlghwVWj1RDwE7UWrdZJK7Y3+p+i+q1vA9UI4=
divider-img-home-9ways.jpg
s3.amazonaws.com/cdn.powerball.com/drupal/files/2018-01/ 		486 KB
486 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/cdn.powerball.com/drupal/files/2018-01/divider-img-home-9ways.jpg
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.38.166 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b758f60ab7ad38a56bdff71e6464b146312ea575f56ab7f6b05ed7f157f5bc48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 15 Sep 2021 13:50:24 GMT
Last-Modified
Mon, 03 Jun 2019 18:46:23 GMT
Server
AmazonS3
x-amz-request-id
9KY5A9B78X0Z5AWK
ETag
"02dfd34fecf8640a24d1123ca8a81313"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
497334
x-amz-id-2
KOSZX/9MofIeMsdU7kVrSwJdmqBN8Zgqn5iFWj/MiYi/h8sFmwX3NKYzk25Vo8uM4c9kV7Njzt8=
powerball
powerball.com/api/v1/estimates/ 		162 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://powerball.com/api/v1/estimates/powerball?_format=json
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_sQSf5fLzSqBmTuq-XU24eiv3d4AsXF_nkI8fpynYQbA.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.145.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-145-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
59ef9066fda9ca8321be862f345abff089ac1bf3391bbf96970f35e36127326f
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.1087763819.1631713823; _gid=GA1.2.541123781.1631713823; _gat=1
:path
/api/v1/estimates/powerball?_format=json
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://powerball.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff nosniff
x-drupal-dynamic-cache
MISS
content-length
140
x-ua-compatible
IE=edge
last-modified
Wed, 15 Sep 2021 02:36:03 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"1631673363"
vary
Cookie,Accept-Encoding
content-language
en
x-generator
Drupal 8 (https://www.drupal.org)
cache-control
max-age=86400, public
content-type
application/json
x-drupal-cache
HIT
expires
Sun, 19 Nov 1978 05:00:00 GMT
GetWinners
muslapi.musl.com/GameService.svc/ 		741 B
984 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://muslapi.musl.com/GameService.svc/GetWinners?gamename=Powerball
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_sQSf5fLzSqBmTuq-XU24eiv3d4AsXF_nkI8fpynYQbA.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.219.254.16 , United States, ASN63214 (MUSL-RANGE1, US),
Reverse DNS
muslapi.musl.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6b5f06f4c416c2ce194d302d93cfbfec6d5ba65dfc8a46eba7e7409b76cbac4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://powerball.com
cache-control
NO-CACHE
date
Wed, 15 Sep 2021 13:50:16 GMT
content-length
741
powerball
powerball.com/api/v1/draw-summary/ 		181 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://powerball.com/api/v1/draw-summary/powerball?_format=json
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.powerball.com/drupal/files/js/js_sQSf5fLzSqBmTuq-XU24eiv3d4AsXF_nkI8fpynYQbA.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.145.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-145-131.compute-1.amazonaws.com
Software
Apache /
Resource Hash
66696a676a1388595854580c9ae3c394b97940d8a3ad16a233b36eb3a2954eab
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_ga=GA1.2.1087763819.1631713823; _gid=GA1.2.541123781.1631713823; _gat=1
:path
/api/v1/draw-summary/powerball?_format=json
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
powerball.com
referer
https://powerball.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://powerball.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff nosniff
x-drupal-dynamic-cache
UNCACHEABLE
content-length
126
x-ua-compatible
IE=edge
last-modified
Wed, 15 Sep 2021 02:36:03 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"1631673363"
vary
Cookie,Accept-Encoding
content-language
en
x-generator
Drupal 8 (https://www.drupal.org)
cache-control
max-age=86400, public
content-type
application/json
x-drupal-cache
HIT
expires
Sun, 19 Nov 1978 05:00:00 GMT
json
gum.criteo.com/sid/ Frame DD36 		435 B
523 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=powerball.com&sn=ChromeSyncframe&so=0&topUrl=powerball.com&cw=1&lsw=1
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=powerball.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
9c51263cec535a55fc11ef3d999ea77f33b818fdf86eec0f9c5bde38d843c401
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=powerball.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 15 Sep 2021 13:50:22 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3326
expires
0
gweiniV1_6_1.min.js
fs.gweini.com/ 		15 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fs.gweini.com/gweiniV1_6_1.min.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.206.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-206-51.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c60536e1387fd63f18755c87e9028bc138c1cb11fc77a64a159777aae49a12b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 18:55:44 GMT
via
1.1 20997ca80e84f6ddda445ba948f015bd.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jan 2020 19:47:21 GMT
server
AmazonS3
age
68080
etag
"e7bb56484553f1223fea5d70ca7104f4"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
content-length
15682
x-amz-cf-id
BdcQ9JiePyV7uw6au4_2oiTabw04D_M72nv05juXDYPK9jkpv4qz5w==
jstag
lanista-bidder-d.openx.net/w/1.0/ Frame BE74 		168 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
e174741c49c2a66a942b06181db94e005fdafa269cf97ff47ae892a598b7053a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
content-encoding
gzip
server
OXGW/16.216.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
max-age=3600
content-type
text/javascript
alt-svc
clear
content-length
58337
expires
Wed, 15 Sep 2021 14:50:23 GMT
prebid2.27.0.js
d2tbmvllb55wxq.cloudfront.net/pb/ Frame BE74 		277 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.191.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 23:00:08 GMT
Via
1.1 35262001a2ae8da534143b9a1e14d8fe.cloudfront.net (CloudFront)
Last-Modified
Mon, 20 Jan 2020 21:18:36 GMT
Server
AmazonS3
Age
53416
ETag
"e68bd028eaaff6c766a2630c72373b02"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
Content-Length
283302
X-Amz-Cf-Id
BroKpDtJ-66Yf807myB4I0_TUC-L8FUS4O1eC47pys8dta_68rRt-w==
jstag
lanista-bidder-d.openx.net/w/1.0/ Frame 9548 		168 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
831d4939d5a0ace858101f59431aa789e9716504db702f0585994e3f5fd5e301

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
content-encoding
gzip
server
OXGW/16.216.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
max-age=3600
content-type
text/javascript
alt-svc
clear
content-length
58336
expires
Wed, 15 Sep 2021 14:50:23 GMT
prebid2.27.0.js
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 9548 		277 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.191.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 23:00:08 GMT
Via
1.1 924bf9febd74cef2bda62c15c8441e00.cloudfront.net (CloudFront)
Last-Modified
Mon, 20 Jan 2020 21:18:36 GMT
Server
AmazonS3
Age
53416
ETag
"e68bd028eaaff6c766a2630c72373b02"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
Content-Length
283302
X-Amz-Cf-Id
-gyZoVip9D1OdVyxAwqUeLczBCcrNMku8iMEY_7i_6w0cjI0u7Crbw==
jstag
lanista-bidder-d.openx.net/w/1.0/ Frame 5DE2 		168 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
9047eb71a12fed19b726ab21eb53954d07ef00ee0487987fbb56eff36d27c73d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
content-encoding
gzip
server
OXGW/16.216.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
max-age=3600
content-type
text/javascript
alt-svc
clear
content-length
58341
expires
Wed, 15 Sep 2021 14:50:23 GMT
prebid2.27.0.js
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 5DE2 		277 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.191.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 23:00:08 GMT
Via
1.1 c1caf5d327c9eee53d26ab7b7a8235f0.cloudfront.net (CloudFront)
Last-Modified
Mon, 20 Jan 2020 21:18:36 GMT
Server
AmazonS3
Age
53416
ETag
"e68bd028eaaff6c766a2630c72373b02"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
Content-Length
283302
X-Amz-Cf-Id
6zB29OsqhXECTpUL1Ljp7qnMnphVKLyKeocxIGSR2PHp85mwFWlOYA==
jstag
lanista-bidder-d.openx.net/w/1.0/ Frame F139 		168 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
53d8a71ff124686db541291edba4d41f1d75a5dc901661662398628521497753

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
content-encoding
gzip
server
OXGW/16.216.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
max-age=3600
content-type
text/javascript
alt-svc
clear
content-length
58332
expires
Wed, 15 Sep 2021 14:50:23 GMT
prebid2.27.0.js
d2tbmvllb55wxq.cloudfront.net/pb/ Frame F139 		277 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.191.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 23:00:08 GMT
Via
1.1 35262001a2ae8da534143b9a1e14d8fe.cloudfront.net (CloudFront)
Last-Modified
Mon, 20 Jan 2020 21:18:36 GMT
Server
AmazonS3
Age
53416
ETag
"e68bd028eaaff6c766a2630c72373b02"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
Content-Length
283302
X-Amz-Cf-Id
SLAqKDEFnjO0GVLWhLk6v7zJPSQ_Xw0mjB7rPya1iCEVxcRlpAhS5Q==
jstag
lanista-bidder-d.openx.net/w/1.0/ Frame 7474 		168 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
3cd1f55c8002f39d824d6fa0a4cd362e8b76317b81176a7b271471e651858409

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
content-encoding
gzip
server
OXGW/16.216.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
max-age=3600
content-type
text/javascript
alt-svc
clear
content-length
58343
expires
Wed, 15 Sep 2021 14:50:23 GMT
prebid2.27.0.js
d2tbmvllb55wxq.cloudfront.net/pb/ Frame 7474 		277 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.191.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 23:00:08 GMT
Via
1.1 e9ebe38de33a70557cf9d9c1d7e5d11f.cloudfront.net (CloudFront)
Last-Modified
Mon, 20 Jan 2020 21:18:36 GMT
Server
AmazonS3
Age
53416
ETag
"e68bd028eaaff6c766a2630c72373b02"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
Content-Length
283302
X-Amz-Cf-Id
ddqY8BNhSr0j98WRtS-BGKbthfUqR9aeBfF6Cp-49Qiv6C1yJgiuDA==
jstag
lanista-bidder-d.openx.net/w/1.0/ Frame A483 		168 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
608aafbb729ffdf0badf441cfa10a5ea7ddd36c581366e2111e72e7be7ab56b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
content-encoding
gzip
server
OXGW/16.216.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
max-age=3600
content-type
text/javascript
alt-svc
clear
content-length
58337
expires
Wed, 15 Sep 2021 14:50:23 GMT
prebid2.27.0.js
d2tbmvllb55wxq.cloudfront.net/pb/ Frame A483 		277 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.191.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 14 Sep 2021 23:00:08 GMT
Via
1.1 35262001a2ae8da534143b9a1e14d8fe.cloudfront.net (CloudFront)
Last-Modified
Mon, 20 Jan 2020 21:18:36 GMT
Server
AmazonS3
Age
53416
ETag
"e68bd028eaaff6c766a2630c72373b02"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
ZAG50-C1
Accept-Ranges
bytes
Content-Length
283302
X-Amz-Cf-Id
bB5niaWroHVejfw6QHhMtcBdZq9hQ5Zh8kNsGfcE4dntu1gKPPxvVg==
ServeAd
api.lanistaads.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.lanistaads.com/ServeAd?s=t&AdSize=970x250&SiteID=APST09010385POWB9701&Zone=ATF&g=327
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.126.214 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.126.98.34.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 15 Sep 2021 13:50:23 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-headers
Content-Type
alt-svc
clear
content-type
image/png
ServeAd
api.lanistaads.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.lanistaads.com/ServeAd?s=t&AdSize=970x250&SiteID=APST09010385POWB9702&Zone=ATF&g=538
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.126.214 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.126.98.34.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 15 Sep 2021 13:50:23 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-headers
Content-Type
alt-svc
clear
content-type
image/png
ServeAd
api.lanistaads.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3001&Zone=ATF&g=910
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.126.214 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.126.98.34.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 15 Sep 2021 13:50:23 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-headers
Content-Type
alt-svc
clear
content-type
image/png
ServeAd
api.lanistaads.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3002&Zone=ATF&g=289
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.126.214 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.126.98.34.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 15 Sep 2021 13:50:23 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-headers
Content-Type
alt-svc
clear
content-type
image/png
ServeAd
api.lanistaads.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3003&Zone=ATF&g=880
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.126.214 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.126.98.34.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 15 Sep 2021 13:50:23 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-headers
Content-Type
alt-svc
clear
content-type
image/png
ServeAd
api.lanistaads.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3004&Zone=ATF&g=54
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.126.214 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.126.98.34.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 15 Sep 2021 13:50:23 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-headers
Content-Type
alt-svc
clear
content-type
image/png
gpt.js
www.googletagservices.com/tag/js/ Frame BE74 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.179.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f2.1e100.net
Software
sffe /
Resource Hash
b9794414a44c1039237fcb2a43cd8d05375467b69c4d127db58e7271d6b39293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"987 / 550 of 1000 / last-modified: 1631704234"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24992
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Sep 2021 13:50:23 GMT
acj
lanista-bidder-d.openx.net/w/1.0/ Frame F139
Redirect Chain
  • https://lanista-bidder-d.openx.net/w/1.0/acj?ai=beedc28e-76a1-4fde-a78b-fb1e3fad8a16&o=2ce133e201fabc&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lani...
  • https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=beedc28e-76a1-4fde-a78b-fb1e3fad8a16&o=2ce133e201fabc&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c...
325 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=beedc28e-76a1-4fde-a78b-fb1e3fad8a16&o=2ce133e201fabc&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ifr=1&tws=1600x1200
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
be248a59e429cb9ff72564243af19177a7f1dc84b381cd91016d419b9578605d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 13:50:23 GMT
content-encoding
gzip
server
OXGW/16.216.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://powerball.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
227
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Wed, 15 Sep 2021 13:50:23 GMT
via
1.1 google
server
OXGW/16.216.0
location
https://lanista-bidder-d.openx.net/w/1.0/acj?cc=1&ai=beedc28e-76a1-4fde-a78b-fb1e3fad8a16&o=2ce133e201fabc&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ifr=1&tws=1600x1200
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://powerball.com
access-control-allow-credentials
true
alt-svc
clear
content-length
0
gpt.js
www.googletagservices.com/tag/js/ Frame 9548 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.179.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f2.1e100.net
Software
sffe /
Resource Hash
25ec9c81545b9436bd74bf33526893ac074ca45876cdd7ec001ad196eb31db51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"987 / 787 of 1000 / last-modified: 1631704234"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25033
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Sep 2021 13:50:23 GMT
acj
lanista-bidder-d.openx.net/w/1.0/ Frame 7474 		325 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lanista-bidder-d.openx.net/w/1.0/acj?ai=1e6ea745-d582-4e31-860d-74d930eb2d88&o=240c712859a68d&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=300x250&ifr=1&tws=1600x1200
Requested by
Host: lanista-bidder-d.openx.net
URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
e432a19e1b3956f866dab718842316e9eebb0ee2726455be5d941371ee7d2f05

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 13:50:23 GMT
content-encoding
gzip
server
OXGW/16.216.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://powerball.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
227
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
acj
lanista-bidder-d.openx.net/w/1.0/ Frame 5DE2 		325 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lanista-bidder-d.openx.net/w/1.0/acj?ai=7df2c0e0-c681-463d-a782-836086fe644a&o=26f43813dacb4b&ju=https%3A//powerball.com/&jr=&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ifr=1&tws=1600x1200
Requested by
Host: lanista-bidder-d.openx.net
URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
3a8cdc917fb78ed814b9ac97b1414fc553e90db71b622070224a5140a465e0ce

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 13:50:23 GMT
content-encoding
gzip
server
OXGW/16.216.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://powerball.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
227
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
dmx.districtm.io/b/ Frame BE74 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://powerball.com
access-control-allow-credentials
true
cf-ray
68f252e609bf412c-PRG
access-control-allow-headers
Content-Type, Origin
v1
dmx.districtm.io/b/ Frame 9548 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://powerball.com
access-control-allow-credentials
true
cf-ray
68f252e609c2412c-PRG
access-control-allow-headers
Content-Type, Origin
translator
hbopenbid.pubmatic.com/ Frame F139 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://powerball.com
date
Wed, 15 Sep 2021 13:50:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ADTECH;v=2;cmd=bid;cors=yes;alias=11b0be21ca66069;misc=1631713823628;bidfloor=0.3;
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame F139 		0
0
cygnus
as-sec.casalemedia.com/ Frame F139 		24 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=398900&v=7.2&r=%7B%22id%22%3A%2255b6dcca9a1529%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2268e3273642d76e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22398900%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpowerball.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3359b4144b82f3b6da112c3f4363579c07c18d30269e624fdc96700e87fd2c22

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Sep 2021 13:50:23 GMT
Content-Encoding
gzip
X-AK-INITIAL-GEO
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.241], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://powerball.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
44
X-AK-CLIENT-GEO
12
Expires
Wed, 15 Sep 2021 13:50:23 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame F139 		238 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=https%3A%2F%2Fpowerball.com%2F&tk_flint=pbjs_lite_v2.44.3&x_source.tid=f3a68f3f-10b8-4071-bb4f-708fe5cf4cc7&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.17368183531092174
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
9c84848eabb78f797efc390c56a1c455e25a0db2ff008aa94001e921f4b26eb6

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Sep 2021 13:50:23 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://powerball.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
238
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
dmx.districtm.io/b/ Frame F139 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://powerball.com
access-control-allow-credentials
true
cf-ray
68f252e609c4412c-PRG
access-control-allow-headers
Content-Type, Origin
translator
hbopenbid.pubmatic.com/ Frame 5DE2 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://powerball.com
date
Wed, 15 Sep 2021 13:50:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
dmx.districtm.io/b/ Frame 5DE2 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://powerball.com
access-control-allow-credentials
true
cf-ray
68f252e609c3412c-PRG
access-control-allow-headers
Content-Type, Origin
cygnus
as-sec.casalemedia.com/ Frame 5DE2 		24 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=398900&v=7.2&r=%7B%22id%22%3A%225abeedc4826f94%22%2C%22imp%22%3A%5B%7B%22id%22%3A%226438a9400e456c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22398900%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpowerball.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4f3247afd79f589a87853bcc1a47384fe4355feb6faddd6a53a94394f770227c

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Sep 2021 13:50:23 GMT
Content-Encoding
gzip
X-AK-INITIAL-GEO
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.241], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://powerball.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
44
X-AK-CLIENT-GEO
12
Expires
Wed, 15 Sep 2021 13:50:23 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5DE2 		238 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=https%3A%2F%2Fpowerball.com%2F&tk_flint=pbjs_lite_v2.44.3&x_source.tid=d50ea807-3127-4515-a678-26b763e7282c&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.07181469418271336
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
3cabc2ef173e2197ebf22984c8559180917e2e062017db2219241cfb9e45515b

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Sep 2021 13:50:23 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://powerball.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
238
Expires
Wed, 17 Sep 1975 21:32:10 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=113fbcfe1c49758;misc=1631713823641;bidfloor=0.3;
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 5DE2 		0
0
translator
hbopenbid.pubmatic.com/ Frame 7474 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://powerball.com
date
Wed, 15 Sep 2021 13:50:23 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 7474 		238 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=https%3A%2F%2Fpowerball.com%2F&tk_flint=pbjs_lite_v2.44.3&x_source.tid=561aa807-4942-4e72-b61a-122096f39b40&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5134557037743623
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
e448116e10103fac5b8d2792eb69913f5af49e5df0bab64f0393ba1c806967dd

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Sep 2021 13:50:23 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://powerball.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
238
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
as-sec.casalemedia.com/ Frame 7474 		24 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=398900&v=7.2&r=%7B%22id%22%3A%2251b41dd7213a59%22%2C%22imp%22%3A%5B%7B%22id%22%3A%226d24c055815e97%22%2C%22ext%22%3A%7B%22siteID%22%3A%22398900%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpowerball.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e9cb184a26e5fdc110bd95c79ac2b2d1f392b741c9a4158ef3b653b31b37c75c

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Sep 2021 13:50:23 GMT
Content-Encoding
gzip
X-AK-INITIAL-GEO
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.241], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://powerball.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
44
X-AK-CLIENT-GEO
12
Expires
Wed, 15 Sep 2021 13:50:23 GMT
v1
dmx.districtm.io/b/ Frame 7474 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://powerball.com
access-control-allow-credentials
true
cf-ray
68f252e609c6412c-PRG
access-control-allow-headers
Content-Type, Origin
ADTECH;v=2;cmd=bid;cors=yes;alias=118b0ae19cc2b8e;misc=1631713823651;bidfloor=0.3;
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame 7474 		0
0
pd
eu-u.openx.net/w/1.0/ Frame 20E0 		0
0
gpt.js
www.googletagservices.com/tag/js/ Frame 7474 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f2.1e100.net
Software
sffe /
Resource Hash
75ec3e404e4c328842025d951ad5eaed550d51c72c5ac4deb8832150482ac113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"987 / 274 of 1000 / last-modified: 1631704115"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25030
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Sep 2021 13:50:23 GMT
pd
eu-u.openx.net/w/1.0/ Frame 6DFB 		0
0
gpt.js
www.googletagservices.com/tag/js/ Frame 5DE2 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f2.1e100.net
Software
sffe /
Resource Hash
75ec3e404e4c328842025d951ad5eaed550d51c72c5ac4deb8832150482ac113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"987 / 964 of 1000 / last-modified: 1631704115"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25030
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Sep 2021 13:50:23 GMT
cygnus
as-sec.casalemedia.com/ Frame A483 		24 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=398900&v=7.2&r=%7B%22id%22%3A%221229c2d9e85a91%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2224ef8e71678024%22%2C%22ext%22%3A%7B%22siteID%22%3A%22398900%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpowerball.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d535f757e7ced792995e6376472d1100df0a2a917079594c0fb8b36fbd4606b3

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Sep 2021 13:50:23 GMT
Content-Encoding
gzip
X-AK-INITIAL-GEO
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.241], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://powerball.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
44
X-AK-CLIENT-GEO
12
Expires
Wed, 15 Sep 2021 13:50:23 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=119c850fa4a32ad;misc=1631713823698;bidfloor=0.3;
adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ Frame A483 		0
0
v1
dmx.districtm.io/b/ Frame A483 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://powerball.com
access-control-allow-credentials
true
cf-ray
68f252e629fb412c-PRG
access-control-allow-headers
Content-Type, Origin
translator
hbopenbid.pubmatic.com/ Frame A483 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://powerball.com
date
Wed, 15 Sep 2021 13:50:23 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame A483 		238 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9204&site_id=20319&zone_id=588936&size_id=15&rf=https%3A%2F%2Fpowerball.com%2F&tk_flint=pbjs_lite_v2.44.3&x_source.tid=2f7ee095-b4ef-4e55-9636-ab0e679e8957&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9927804740425012
Requested by
Host: d2tbmvllb55wxq.cloudfront.net
URL: https://d2tbmvllb55wxq.cloudfront.net/pb/prebid2.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
1215136d60c1e4ef811820846a4cd9077e547adc1c1d66ef32513a69a8c810c1

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 15 Sep 2021 13:50:23 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://powerball.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
238
Expires
Wed, 17 Sep 1975 21:32:10 GMT
pd
eu-u.openx.net/w/1.0/ Frame 364C 		0
0
pd
eu-u.openx.net/w/1.0/ Frame 9765 		0
0
gpt.js
www.googletagservices.com/tag/js/ Frame F139 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f2.1e100.net
Software
sffe /
Resource Hash
7b0508a8b415486a1bacdf0ed343e084263f32b72be8fb86cd26d013065d845e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"987 / 838 of 1000 / last-modified: 1631704234"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25031
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Sep 2021 13:50:23 GMT
acj
lanista-bidder-d.openx.net/w/1.0/ Frame A483 		325 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lanista-bidder-d.openx.net/w/1.0/acj?ai=f51ed2ab-d0de-4271-ba43-6414e0b274be&o=2d17c74d747a2d&ju=https%3A//powerball.com/&jr=&nl=17%252C19%252C18&ul=107%252C115%252C201&be=1&prf=0&auid=538738919&aus=300x250&bc=hb_2api&bt=1000&c.lanista_floor=0.30&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=300x250&ifr=1&tws=1600x1200
Requested by
Host: lanista-bidder-d.openx.net
URL: https://lanista-bidder-d.openx.net/w/1.0/jstag?nc=22803534-Lanista%20Bidder
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
72cd2d8c7b057f29808829a9a8854a9058f8e904e31e9d706461cb107f616ad2

Request headers

Referer
https://powerball.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 13:50:23 GMT
content-encoding
gzip
server
OXGW/16.216.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://powerball.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
228
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
pd
eu-u.openx.net/w/1.0/ Frame B768 		0
0
pubads_impl_2021090801.js
securepubads.g.doubleclick.net/gpt/ Frame BE74 		332 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090801.js?31062520
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
sffe /
Resource Hash
4e6bb09533b37582ebceb3511809da00c29b70a68b68525d1b59ce970e9eefbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118669
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 08:41:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Sep 2021 13:50:23 GMT
pubads_impl_2021091301.js
securepubads.g.doubleclick.net/gpt/ Frame 9548 		334 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091301.js?31062553
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
sffe /
Resource Hash
84498695ecbb07321191e331c2aecadeec5e2ba73f44f3b4ed7442dbbf1c5c37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119426
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 08:37:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Sep 2021 13:50:23 GMT
pd
eu-u.openx.net/w/1.0/ Frame 3AEC 		0
0
gpt.js
www.googletagservices.com/tag/js/ Frame A483 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f2.1e100.net
Software
sffe /
Resource Hash
0671e24e54ea99d9569a6edf540cfd1f833585638d8fa41273e17f244783a2a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"987 / 349 of 1000 / last-modified: 1631704234"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24992
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Sep 2021 13:50:23 GMT
pubads_impl_2021091001.js
securepubads.g.doubleclick.net/gpt/ Frame 5DE2 		333 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
sffe /
Resource Hash
7345db8b8745d32b70fbbb0867ab8488760e99ce94aa40a78e73ad7fcba15866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119453
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 19:52:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Sep 2021 13:50:23 GMT
pubads_impl_2021091001.js
securepubads.g.doubleclick.net/gpt/ Frame 7474 		333 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
sffe /
Resource Hash
7345db8b8745d32b70fbbb0867ab8488760e99ce94aa40a78e73ad7fcba15866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119453
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 19:52:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Sep 2021 13:50:23 GMT
pubads_impl_2021091001.js
securepubads.g.doubleclick.net/gpt/ Frame F139 		333 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js?31062552
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
sffe /
Resource Hash
7345db8b8745d32b70fbbb0867ab8488760e99ce94aa40a78e73ad7fcba15866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119453
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 19:52:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Sep 2021 13:50:23 GMT
pubads_impl_2021090801.js
securepubads.g.doubleclick.net/gpt/ Frame A483 		332 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090801.js?31062510
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
sffe /
Resource Hash
4e6bb09533b37582ebceb3511809da00c29b70a68b68525d1b59ce970e9eefbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118669
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 08:41:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Sep 2021 13:50:23 GMT
integrator.js
adservice.google.com/adsid/ Frame BE74 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=powerball.com
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame BE74 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3888033112839442&correlator=274723196904953&output=ldjh&impl=fifs&eid=31062367%2C31062520%2C44749397%2C31062093&vrg=2021090801&ptt=17&sc=1&sfv=1-0-38&ecs=20210915&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&prev_scp=hb_name%3DAPST09010385POWB9701__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D970x250_t&eri=1&cookie_enabled=1&cdm=powerball.com&bc=31&abxe=1&lmt=1631713823&dt=1631713823972&dlt=1631713823163&idt=774&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=3&adxs=315&adys=960&adks=3386903054&ucis=ufdps4hu2pye&ifi=1&ifk=2413875652&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fpowerball.com%2F&top=https%3A%2F%2Fpowerball.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x0&ga_vid=1087763819.1631713823&ga_sid=1631713824&ga_hid=776894278&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090801.js?31062520
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
cafe /
Resource Hash
da54811903f321582bdd2c6372118cecd91633df420dd4d284040b1fcd82853e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8083
x-xss-protection
0
google-lineitem-id
5292730782
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138302678468
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://powerball.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
916693ab03439e93d624fe507e0d2f15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 295B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://916693ab03439e93d624fe507e0d2f15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.169.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
916693ab03439e93d624fe507e0d2f15.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 15 Sep 2021 13:50:24 GMT
expires
Thu, 15 Sep 2022 13:50:24 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ Frame 9548 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=powerball.com
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 9548 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1995013131318588&correlator=470681643825077&output=ldjh&impl=fifs&eid=31062553&vrg=2021091301&ptt=17&sc=1&sfv=1-0-38&ecs=20210915&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&prev_scp=hb_name%3DAPST09010385POWB9702__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D970x250_t&eri=1&cookie_enabled=1&cdm=powerball.com&bc=31&abxe=1&lmt=1631713824&dt=1631713824019&dlt=1631713823209&idt=780&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=3&adxs=315&adys=3139&adks=3392797045&ucis=i20wkzya0zfx&ifi=1&ifk=2413875652&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fpowerball.com%2F&top=https%3A%2F%2Fpowerball.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x0&ga_vid=1087763819.1631713823&ga_sid=1631713824&ga_hid=1996792903&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091301.js?31062553
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
cafe /
Resource Hash
732f871d22887c308ef5703fed91a3ec6c54bc21741d3620f4f6b16dfbb091da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8085
x-xss-protection
0
google-lineitem-id
5292730782
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138302678468
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://powerball.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d4def9e2e11117645526dee7c32eb0cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C00E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d4def9e2e11117645526dee7c32eb0cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.169.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
d4def9e2e11117645526dee7c32eb0cf.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 15 Sep 2021 13:50:24 GMT
expires
Thu, 15 Sep 2022 13:50:24 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pd
eu-u.openx.net/w/1.0/ Frame 3474 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame BE74 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvml1UWXJV5jIyr_pDXwWie2Pn8w5P-vq4A6EqV8sJROZ6M4ty2vzM0fNGPhSZISp0aKggl_iMKsHFttFWSF4susBwgKWgiivlb4JCrj9LNSRaAKfahFHjqHP9ltQafKF3eHT2k4ai6Vp2L-3gVNrAc-Hf39CqpSiFhUEIi4hqgzy2Je6IAiw6q68LZzn5YyFX_SaQE3dAN69_1bQr1bHacHV1n4MinBUXA179jb4BUnJQHIKBQGQ2LyTaQHZ5Dr9npw2BM6ydZNj_fexB5TLpQ1RDx7VgRmIgLhJOfkJ_ObZLgV-mBq2EkPDp-&sai=AMfl-YRRqEYQLjemxCVGMY1y_Lzcnf6QzZkKts9HikQN6SZuKMbTFyccJBNMB7Uy52jNiJkIeR2hudVz1Ffnm0jlftd-OfkEdxoebEyHe-P7xaBoW98iUzWPZlcp2uyTAquA&sig=Cg0ArKJSzH-2qvB5c8APEAE&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:50:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 15 Sep 2021 13:50:24 GMT
wowyowdisplay970x250desktop.js
deio3v2go54x9.cloudfront.net/ Frame BE74 		795 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deio3v2go54x9.cloudfront.net/wowyowdisplay970x250desktop.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-33.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df3317fe7031ec742daeed002d97da566a8648fbacb939fce19093f17a79d5c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 19:56:07 GMT
via
1.1 5fbb28bff7a0b15518cded51f089f259.cloudfront.net (CloudFront)
last-modified
Fri, 15 May 2020 00:11:29 GMT
server
AmazonS3
age
64458
etag
"3003337c564f4ca4358edc2761ee81a6"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
content-length
795
x-amz-cf-id
WOoI893yleOZuBG11jFtWE9O6b76w_dTnZFoPxo4Pli6sEMPPLOuSA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BE74 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f2.1e100.net
Software
sffe /
Resource Hash
f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38646
x-xss-protection
0
server
sffe
etag
"1631547526571764"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 15 Sep 2021 13:50:24 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame BE74 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f2.1e100.net
Software
sffe /
Resource Hash
aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27627
x-xss-protection
0
server
sffe
etag
"1631547519045135"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 15 Sep 2021 13:50:24 GMT
integrator.js
adservice.google.com/adsid/ Frame 5DE2 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=powerball.com
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5DE2 		16 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2721376231387374&correlator=4237693465913151&output=ldjh&impl=fifs&eid=44748390&vrg=2021091001&ptt=17&sc=1&sfv=1-0-38&ecs=20210915&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DAPST04010385POWB3001__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D300x250_0%252Chb-bid-386e6b8e241b9c&eri=1&cookie=ID%3Db778d90276e43951-222ffed43ccb0039%3AT%3D1631713823%3AS%3DALNI_MbETNxQA2GqAQMRee2E9W5i5_Rn5Q&cdm=powerball.com&bc=31&abxe=1&lmt=1631713824&dt=1631713824174&dlt=1631713823251&idt=782&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1990784575&ucis=femi78od0rmi&ifi=1&ifk=1468573323&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fpowerball.com%2F&top=https%3A%2F%2Fpowerball.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1087763819.1631713823&ga_sid=1631713824&ga_hid=1621850875&ga_fc=true&fws=256&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
cafe /
Resource Hash
2107c8494ce94c0062eb31f0df774575e349ca830829c94459e08f16865c20f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7559
x-xss-protection
0
google-lineitem-id
5293712860
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138303009295
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://powerball.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
16f1fb10e2815876b42d3363e4a9c2bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 42FE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://16f1fb10e2815876b42d3363e4a9c2bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.169.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
16f1fb10e2815876b42d3363e4a9c2bf.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 15 Sep 2021 13:50:24 GMT
expires
Thu, 15 Sep 2022 13:50:24 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ Frame F139 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=powerball.com
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F139 		16 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2085055848051550&correlator=2110765473514792&output=ldjh&impl=fifs&eid=31062552&vrg=2021091001&ptt=17&sc=1&sfv=1-0-38&ecs=20210915&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DAPST04010385POWB3002__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D300x250_0%252Chb-bid-33754ff3983c8d&eri=1&cookie=ID%3Db778d90276e43951-222ffed43ccb0039%3AT%3D1631713823%3AS%3DALNI_MbETNxQA2GqAQMRee2E9W5i5_Rn5Q&cdm=powerball.com&bc=31&abxe=1&lmt=1631713824&dt=1631713824201&dlt=1631713823291&idt=755&ea=0&frm=23&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1986902392&ucis=hobfo5d7rtix&ifi=1&ifk=1468573323&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fpowerball.com%2F&top=https%3A%2F%2Fpowerball.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1087763819.1631713823&ga_sid=1631713824&ga_hid=1413331136&ga_fc=true&fws=256&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js?31062552
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
cafe /
Resource Hash
6a4b335db1e6827fdfc3e0959b53794ea979623174eb24a38399700945d37a86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7578
x-xss-protection
0
google-lineitem-id
5293712860
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138303009295
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://powerball.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ece0d945c35ade9a565930132320e707.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 183A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ece0d945c35ade9a565930132320e707.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.169.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ece0d945c35ade9a565930132320e707.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 15 Sep 2021 13:50:24 GMT
expires
Thu, 15 Sep 2022 13:50:24 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ Frame A483 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=powerball.com
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame A483 		16 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=169616103166330&correlator=1273682564923413&output=ldjh&impl=fifs&eid=31062510&vrg=2021090801&ptt=17&sc=1&sfv=1-0-38&ecs=20210915&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DAPST04010385POWB3004__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D300x250_0%252Chb-bid-36423998e598ab&eri=1&cookie=ID%3Db778d90276e43951-222ffed43ccb0039%3AT%3D1631713823%3AS%3DALNI_MbETNxQA2GqAQMRee2E9W5i5_Rn5Q&cdm=powerball.com&bc=31&abxe=1&lmt=1631713824&dt=1631713824227&dlt=1631713823381&idt=695&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=860&adys=4111&adks=1443960515&ucis=gu320n876h7w&ifi=1&ifk=672433107&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fpowerball.com%2F&top=https%3A%2F%2Fpowerball.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x0&ga_vid=1087763819.1631713823&ga_sid=1631713824&ga_hid=1119840716&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090801.js?31062510
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
cafe /
Resource Hash
a7430448bde3c859ac03ab1fe90fe0fa8eb2aed198ea7ce7ed0f680d60211ddb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7572
x-xss-protection
0
google-lineitem-id
5293712860
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138303009295
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://powerball.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9fa7d11b8a39dbc63582fa64dd157d29.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A7C4 		6 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9fa7d11b8a39dbc63582fa64dd157d29.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.169.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9fa7d11b8a39dbc63582fa64dd157d29.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 15 Sep 2021 13:50:24 GMT
expires
Thu, 15 Sep 2022 13:50:24 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ Frame 7474 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=powerball.com
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.187.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s33-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 7474 		16 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4151954087584424&correlator=767064870949920&output=ldjh&impl=fifs&eid=31060888%2C21065725&vrg=2021091001&ptt=17&sc=1&sfv=1-0-38&ecs=20210915&iu_parts=22803534%2CHB_DEFAULT_ADUNIT&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_name%3DAPST04010385POWB3003__54%26passback_pb%3D0.30%26hb_factor%3D1.5%26rscust%3Dpool1%26oxb%3D300x250_0%252Chb-bid-3e2d1862069506&eri=1&cookie=ID%3Db778d90276e43951-222ffed43ccb0039%3AT%3D1631713823%3AS%3DALNI_MbETNxQA2GqAQMRee2E9W5i5_Rn5Q&cdm=powerball.com&bc=31&abxe=1&lmt=1631713824&dt=1631713824243&dlt=1631713823334&idt=733&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=440&adys=4111&adks=1992055404&ucis=2kwkpn9v8kef&ifi=1&ifk=672433107&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fpowerball.com%2F&top=https%3A%2F%2Fpowerball.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x0&ga_vid=1087763819.1631713823&ga_sid=1631713824&ga_hid=954981865&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
cafe /
Resource Hash
2e9b8d1846540b011537938bde6ffbaf1f72b1729873345a7b4a6802aaca1a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7565
x-xss-protection
0
google-lineitem-id
5293712860
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138303009295
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://powerball.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bdb11cd5f0bac12a7dd71badee449487.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2A75 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bdb11cd5f0bac12a7dd71badee449487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.169.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
bdb11cd5f0bac12a7dd71badee449487.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 15 Sep 2021 13:50:24 GMT
expires
Thu, 15 Sep 2022 13:50:24 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pd
eu-u.openx.net/w/1.0/ Frame 2818 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 9548 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjpeUCo_0j5VViYtRiPQuVsSjRFAf0RML3-OJozQNEEZ3s-wdTsppYn0crIQb_bKzFWjm1C62iCEFmc6g4vKjIqvI0o0pTpxzdWjGndgRqU0CoPnagxbJNKCwBpGeFWIb1S5zWqaSH8cr_7Fd_Da4PuWEhXCk3UyhsaVo5lyf7Rdg66hE8lHTR0d0Y41D2GOrcOs1oDgyQD0XAnZkugTIqlaDUnKK1X0Ao-tRsY7RxXUccFcpmWCX57ktW_bzglUPgj3v094nDphdR2pV-lym6A1reNjraQsIHz45esZuKcrnmj5JYg9L0Carr&sai=AMfl-YTf00LEezQFiLJZDugE5osPE83zaEjVHcUJjKkVLzx7lAHxfwLrWXJ6tNFRXXbBrG5tPnF5csynlR4i9pM-mOswtUehQkgyqIGvpEC0f_O8F6cwLj3BlTML6uaU1Csm&sig=Cg0ArKJSzB-o46pVNxgnEAE&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:50:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
wowyowdisplay970x250desktop.js
deio3v2go54x9.cloudfront.net/ Frame 9548 		795 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deio3v2go54x9.cloudfront.net/wowyowdisplay970x250desktop.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-33.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df3317fe7031ec742daeed002d97da566a8648fbacb939fce19093f17a79d5c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 19:56:07 GMT
via
1.1 5fbb28bff7a0b15518cded51f089f259.cloudfront.net (CloudFront)
last-modified
Fri, 15 May 2020 00:11:29 GMT
server
AmazonS3
age
64458
etag
"3003337c564f4ca4358edc2761ee81a6"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
content-length
795
x-amz-cf-id
NGXQ1BVAj_wF-QHsLWDCWnBDqKcegvSFuqmpCrpY5iNqvXA1E0Q4Xg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9548 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f2.1e100.net
Software
sffe /
Resource Hash
f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38646
x-xss-protection
0
server
sffe
etag
"1631547526571764"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 15 Sep 2021 13:50:24 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 9548 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f2.1e100.net
Software
sffe /
Resource Hash
aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27627
x-xss-protection
0
server
sffe
etag
"1631547519045135"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 15 Sep 2021 13:50:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5DE2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_1YY_VLxuJoqxp4rPiOfiQ3krnxJkx7iKbwUZ0PMqnWNRYkdKa9SwYTXlmdNkVxOcgA_ve00l6fIwayAeQoD8CGmK0pndMlpEmcCe58U2j9t4z8jQjWo8_80JiOb5si1lApkQP-bD94SvkQwOJp33hJrj4d-EQBu13ZW6B99k-4h4F9ZUi-T6VC_LISWWZbCWTxgA_lwgDXR1A4io5ev23QGR6AvqwbNsBE0r3EwwKcGnhYmP6Awz3p97RXumKPnkDDKYybbTnoiab53gTat4YV6cIBwd5q5LW7wfc62TRV8efRpIrysof1yw&sig=Cg0ArKJSzB675GHo1i36EAE&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:50:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
wowyowdisplay300x250desktop.js
deio3v2go54x9.cloudfront.net/ Frame 5DE2 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deio3v2go54x9.cloudfront.net/wowyowdisplay300x250desktop.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-33.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
676788eac82d90570b7eb37cbe79b56ddb61b3884014e19515ed5d0b175518d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 15:14:17 GMT
via
1.1 5fbb28bff7a0b15518cded51f089f259.cloudfront.net (CloudFront)
last-modified
Tue, 02 Jun 2020 23:48:25 GMT
server
AmazonS3
age
81368
etag
"09141670283bfe88eea14b5bd03b90c3"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
content-length
1038
x-amz-cf-id
_HVoRUhqo8GwX7sAoEHUd2Mw4vnYHYlm1gcw7P_MJ_m9BufDncOrxQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5DE2 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f2.1e100.net
Software
sffe /
Resource Hash
f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38646
x-xss-protection
0
server
sffe
etag
"1631547526571764"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 15 Sep 2021 13:50:24 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 5DE2 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f2.1e100.net
Software
sffe /
Resource Hash
aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27627
x-xss-protection
0
server
sffe
etag
"1631547519045135"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 15 Sep 2021 13:50:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F139 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstsr44q9WSoIszi0IwfM8kvIo-Z5TWamor1d3X05aFHqcA1hYxAvhNwIacw9VrJvpmQtj5QfX0bj5KZ9dN_RDg8prMigi0sPZEezSVzIV7WEWn_zBu27XWpusHsWMH6RZaQy9jAQ2P0ozb2U5Zxidp28C4SA9cPfQSBj1OCe6Incv3w9IMoM1H7JccgpQjyFzIRhfT-kN6v9ZRokktH-A1dBaiQ8jdrBDa0uOLG9tZf-qBSHf9T3H2Ob2KL3CpLBBWkcZ1OEyJsaYOGR6a-41epTZMjMZXg0DVFNiyBHmRiW7FzH-tPJ1Zh0yNR&sig=Cg0ArKJSzFOEu4AwrIHxEAE&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:50:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
wowyowdisplay300x250desktop.js
deio3v2go54x9.cloudfront.net/ Frame F139 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deio3v2go54x9.cloudfront.net/wowyowdisplay300x250desktop.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-33.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
676788eac82d90570b7eb37cbe79b56ddb61b3884014e19515ed5d0b175518d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 15:14:17 GMT
via
1.1 5fbb28bff7a0b15518cded51f089f259.cloudfront.net (CloudFront)
last-modified
Tue, 02 Jun 2020 23:48:25 GMT
server
AmazonS3
age
81368
etag
"09141670283bfe88eea14b5bd03b90c3"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
content-length
1038
x-amz-cf-id
vBQjv1zeyIenrp7rusU8RjjCr7nlyFeY2-kIpZYFKOVaL9ELSbYkQg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F139 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f2.1e100.net
Software
sffe /
Resource Hash
f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38646
x-xss-protection
0
server
sffe
etag
"1631547526571764"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 15 Sep 2021 13:50:24 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame F139 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f2.1e100.net
Software
sffe /
Resource Hash
aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27627
x-xss-protection
0
server
sffe
etag
"1631547519045135"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 15 Sep 2021 13:50:24 GMT
wowyowdisplay970x250desktop.php
wowyowapi.com/ Frame C92A 		907 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=powerball.com
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.38.151.252 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-151-252.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
8459ce8cedefe43c38e7a0a53975193615fbb687d5a928257ea4a24c90aaf9ae

Request headers

Host
wowyowapi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://powerball.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/

Response headers

access-control-allow-origin
*
Cache-Control
no-cache, must-revalidate
Content-Type
text/html; charset=UTF-8
Date
Wed, 15 Sep 2021 13:50:25 GMT
Server
Apache
Content-Length
907
Connection
keep-alive
view
securepubads.g.doubleclick.net/pcs/ Frame 7474 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSjo7exPAO1zpDzSZHLuilOttE2bbNTr4PUn5mUVcvfxFCGowKO1bI8PtE_lqjrYrsrC4pszu2kXxJCK-Dc16gl6VauHxJuyiZiHBAmkDWr_pLOAoCsId8FRVXUN7tWRpTir0PpsoALipwsFDFw7AQ8y9X5NDx8NYNCLn8gkeifqmjan3q0dT5e04q9tae_rHvYumRX0uhByQuJQh-8xXafaQZI03kYVE1nG0Bfb8uy7PHnlFKAMQWIvjGdpVviMFDxuZPJ636kDKhA-i7eLkMnOfLdX7PubdOyf0Xl7j4PB1NbYG10tIqFEij&sig=Cg0ArKJSzDiYfoYOZgEZEAE&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:50:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
wowyowdisplay300x250desktop.js
deio3v2go54x9.cloudfront.net/ Frame 7474 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deio3v2go54x9.cloudfront.net/wowyowdisplay300x250desktop.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-33.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
676788eac82d90570b7eb37cbe79b56ddb61b3884014e19515ed5d0b175518d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 15:14:17 GMT
via
1.1 5fbb28bff7a0b15518cded51f089f259.cloudfront.net (CloudFront)
last-modified
Tue, 02 Jun 2020 23:48:25 GMT
server
AmazonS3
age
81368
etag
"09141670283bfe88eea14b5bd03b90c3"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
content-length
1038
x-amz-cf-id
MjfvWcM515FdOCpihV19YZsYvfEWNUrfjeLALIpwmRNVoMgcdkE2yw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7474 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f2.1e100.net
Software
sffe /
Resource Hash
f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38646
x-xss-protection
0
server
sffe
etag
"1631547526571764"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 15 Sep 2021 13:50:24 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame 7474 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f2.1e100.net
Software
sffe /
Resource Hash
aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27627
x-xss-protection
0
server
sffe
etag
"1631547519045135"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 15 Sep 2021 13:50:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A483 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvaV8SPuDObbpYGMeVVbr7bz905LPRAziR0_37XSsL8dNU9S5rBARi6SkJsE7Equk1bC9yJODg63_oBirwQZityqkztf-HuoTmjMjYFPCE5xfMGXQq8fRXz24-b9Lf-RcFd0FbWiV8l-4gPGMwbB0O8LAgw7LEBslG_TVz9NBZZ0w4Ul1BaMdT_x5rxY1HIf6g48GLVvUjB8weZP_ey40JPrHjQeqymlljNvqsHrkXkWK8YDpEOiOr7Q6XrdFQmynzosKvJCQCN9BNNcaiaLz3jX8UTHqM-6SR43H0yqqAripbxq0uT4ACoSKCB&sig=Cg0ArKJSzOq0ub9d_2fpEAE&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:50:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
wowyowdisplay300x250desktop.js
deio3v2go54x9.cloudfront.net/ Frame A483 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deio3v2go54x9.cloudfront.net/wowyowdisplay300x250desktop.js
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-33.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
676788eac82d90570b7eb37cbe79b56ddb61b3884014e19515ed5d0b175518d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 15:14:17 GMT
via
1.1 5fbb28bff7a0b15518cded51f089f259.cloudfront.net (CloudFront)
last-modified
Tue, 02 Jun 2020 23:48:25 GMT
server
AmazonS3
age
81368
etag
"09141670283bfe88eea14b5bd03b90c3"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
content-length
1038
x-amz-cf-id
Wykbhi_A3G6hyAp-YhvOYot_sFXD6SoeHsNxjVX9UH8rm3JNxqReeg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A483 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d2si3hiz85fm4q.cloudfront.net
URL: https://d2si3hiz85fm4q.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f2.1e100.net
Software
sffe /
Resource Hash
f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38646
x-xss-protection
0
server
sffe
etag
"1631547526571764"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 15 Sep 2021 13:50:24 GMT
osd.js
www.googletagservices.com/activeview/js/current/ Frame A483 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.179.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s31-in-f2.1e100.net
Software
sffe /
Resource Hash
aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27627
x-xss-protection
0
server
sffe
etag
"1631547519045135"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 15 Sep 2021 13:50:24 GMT
wowyowdisplay970x250desktop.php
wowyowapi.com/ Frame 459D 		907 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=powerball.com
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.38.151.252 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-151-252.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
8459ce8cedefe43c38e7a0a53975193615fbb687d5a928257ea4a24c90aaf9ae

Request headers

Host
wowyowapi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://powerball.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/

Response headers

access-control-allow-origin
*
Cache-Control
no-cache, must-revalidate
Content-Type
text/html; charset=UTF-8
Date
Wed, 15 Sep 2021 13:50:25 GMT
Server
Apache
Content-Length
907
Connection
keep-alive
view
securepubads.g.doubleclick.net/pcs/ Frame BE74 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxl8g5w_pGM5tPFthpr6L0AtwID1L9EdqgTapTPvrqozhyhpByAGkStNGqrQbiaFhAvjphKOoe2SChhmNb3-Bt5QYaWcXaUb6SUXlW0ad2uAqpfc7kES1vTRiGymeDzluZlAJAvmJBkDqsiMdg-tOgoH5pdtVM8K9Etb9Tb1JKE2QAmIRmMRvsYUxgGKDxBAbGxBnhkikgQ-NVnefhfxbBG9Oxz62drWHZvnq6239_d69HNnrTNlWeFK1TsY7xEc_3mCqmgStj75hM04JQEJHYD6jraLBjh7PBkxovwvgXVp-dZBg3JqDpyFT0FyI&sai=AMfl-YRbxp76G2b0YEGULMvNWKWqW3xfng6PqYe9YKQgHuTqtxBbb5B0kjDAiVwpt7eTjIvsAJBWZ64KehOdU60wxND96-w0ksqJ2ifJ0RyfZSkMaqEocA9rLoqXtoIaz4x7&sig=Cg0ArKJSzFUhnPlpxjf9EAE&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:50:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 15 Sep 2021 13:50:24 GMT
truncated
/ Frame BE74 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8454ce9694f1185fb10b621e30ef236af8d829f1509e09c1a40cba39ed5bbbb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 9548 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCNKAGF-PMK4uMNO4kcJGX9jJ-0jADWhYHDymfyewfKfsmZ8w7WUViMdDtHU8VyEJFReHcShOFSFGachfQ6uTM5sL7Bq4TA3ykwJH6lnyKlORf3prn1NxNNEIiPFa6m_2ZLDB6bYLK1Z7KmjFnQJjZd1yDGEHlq_wq2y9E2yb2CYyER1paZNQMG6fyWS_mrN8a6Gc7HwYVNdkXDeIRCsVn9GxL90G5zvleiIWnzoUekThEmo9aKJvtdL9uOKzLJ3GSW3WcjOtuhixT-CFingx7dqDUvIJEInuDJl05HEi-pJvHnn4HR-kQ_fnF6Hk&sai=AMfl-YSCcJy5mSrX0l9H7pS-uW4O6vGKMjjX4LLpLKH7tMiWXrOIORfePxx3GKnzEJFttXvYe7QfvZ4p4htoL32PJgAjdnaPVdwAoBzJCO9CGt5-B79L0DAXrMFYkpRFaMR2&sig=Cg0ArKJSzDAzd7AuDKlMEAE&urlfix=1&adurl=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:50:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 15 Sep 2021 13:50:24 GMT
truncated
/ Frame 9548 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d67612453471d92625a9b63c34bccd8df52b73db03240d4f276e99816dd2fbf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7474 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5bfa7a1f9b011ff9eeec5012c1d3febbd4eccc5fbcd4c37fac09f7e418f68c77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A483 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c437174c8a07289020634f58f5a6c88b8338aaec20a4043cc3bd4fd11b7098d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5DE2 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021091001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
abad800eef4590318ce848a32308654a8560d116fc60cb05b1df59520850a0b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8470
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 5DE2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0phnohcRG_5DwfTV_4t94gF6uqlIYQ__81oE1_1zNu_DlRmOMNpMhsZe2-KhsNQVTmG4ZST28CjOpi4oiw3zGHbRzFRN_upOeVS78Nr1obzaCTRo9I5ElPKX6ICwaS3CnwOfdhaovlL4uA9eah5bJe2Un2H2sc7gIn6s6vtkh3eyEyLauAHzn79DfuXDHbV0IrYPTLmkn-xLaDkVs4zcueojuY3mrvusHcvAG2haUpZczGVk07cVZuLTEzFUCQxQLDJPmamaBDwgluyYJrIF4fw1L19Suj8VYU2LFQ5YML32qM914OaDwPJKx9j0&sig=Cg0ArKJSzPflCYYy-73LEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:50:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 15 Sep 2021 13:50:24 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F139 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021091001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js?31062552
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
57071f2bab2e1cf206029d4d3c6a0d769c41c1b883d0c8f3977d5225084fd577
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:50:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8553
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame F139 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMqNjRQEh1esVlo4YDVN8uaer-neh_gtf-otIi0HnfvUVaUQ3XJCoKvuFMZYEQP4XHOLrLe8J6hHKXbFVHMKMJ7P4wSg7na3P60yuphh6jypqzw6ju3k2nh0LOe4kJ8rC26QrV5OMvX1v1Kz8RspZps3PmBXeThrCSMMPvA_so5tnHqHqj0qNaWJEeVtNnbMuDpcTQLqZcKQVqLfa7IUItj-bX31SVR7Y6-UB6NKuqDDwxflcbBeUIHcgUG0y5ScqC8Up9hQwVdHflT-GHBGVTOGszseC4-fuEM2Ukg-cy6gvQeQu6W-jtQaCrCy8&sig=Cg0ArKJSzMZMcNK0ktxoEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:50:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 15 Sep 2021 13:50:25 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7474 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021091001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
9965a16489395bdc3ae5837024e3ca3a4c7db0a8fa7bfc489bb213f59f524d57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:50:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8382
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 7474 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCNjWYRSXqZSk9sZXeqdJEyrmPfjpSSH-d81JctBMXPS_3H95DfimUYdCHs8e4GJtkimjHqEQ1JV80GpAZgyIYt--dfngAvQHMdvLlGty6Gv4hxF_RRPZKYXe8mdWmpEXD4cAvp5xfUc5hDImpvfcPhiRHvf60hfgcFAUDiIkSchIvqSU1BKt67JlFyb7wSJsRPfQ8Q8aYKiTS8MkwePq54xnZ5wrAXaTl_9gUITDYr6yC18IK1cyjIVX_K7uyNSw1BFP3JfAlt0GPaW88Ay21fIil6p_JhR0qlRpW50dUT_rLUdzozxDvmNk1Jls&sig=Cg0ArKJSzFqrrQNTJ0qjEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:50:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 15 Sep 2021 13:50:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5DE2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 15 Sep 2021 13:50:25 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A483 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021090801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090801.js?31062510
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
43a626a5197b1ecf722bbd4be1d36aa7802aac0968d2951a02330f6ccbab03b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:50:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8544
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame A483 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJjhXtpQcmYSf0tGH9CPINHZDWYdPNFOXF94Y7gR09XNzkHhPcgZqVPGf2kE4F00prsosqpy9EjIo1h66Eye53r6ErY8IA2QjIExRqhyj4JeX90vvs-K6GcGmOPHS_H4CV7xjfVHUf1xjyjEA36qx6U2eV1KG_3cxM_4eJZwxfY0lNC3TVSQ3d_vWs3GDtvoyuQ32WhafVHJ2Qsen6GfrPP-nUyomN-4t9TYKULEKUEpJgEr8Gz3oiihYg7vxLZLP7qzoAkmQjPw7PbyBNn9P-723xaETOLwtIQsUkNDq0c5QfRO5Cf69q3z-Vh-o&sig=Cg0ArKJSzESEn7q59NxPEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.200.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s30-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:50:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 15 Sep 2021 13:50:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7474 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 15 Sep 2021 13:50:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A483 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 15 Sep 2021 13:50:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F139 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 15 Sep 2021 13:50:25 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0CEC 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 13 Sep 2021 21:28:47 GMT
expires
Tue, 13 Sep 2022 21:28:47 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
145298
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1509 		783 B
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f4.1e100.net
Software
GSE /
Resource Hash
9a82a4d48a1c343596c8810b3f872aef15d18e37a7d61e08fc78e6b1b891c739
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AH0yDYoJGANS2OHOfn9N6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 15 Sep 2021 13:50:25 GMT
date
Wed, 15 Sep 2021 13:50:25 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-AH0yDYoJGANS2OHOfn9N6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dmedianet.js
contextual.media.net/ Frame C92A 		267 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/dmedianet.js?cid=8CU2R40WC
Requested by
Host: wowyowapi.com
URL: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=powerball.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
605978486b6329be34c14251e67da55bcaf74cccfca0cff8f6c2af0c5d01efdf
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wowyowapi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-mnt-h
10-2
content-encoding
gzip
server
Apache
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag
"8da604b19407897d5397bee087bf8c36"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Wed, 15 Sep 2021 13:50:25 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-31
expires
Wed, 15 Sep 2021 13:55:25 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0749 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 13 Sep 2021 21:28:47 GMT
expires
Tue, 13 Sep 2022 21:28:47 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
145298
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 4DBB 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f4.1e100.net
Software
GSE /
Resource Hash
65155ddf8de00bbf50c46ba24cd573be47010cca2f6cbc9da004ff4be85d7a8b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pyyBRqd2hiQjuMa+n8DQdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/

Response headers

expires
Wed, 15 Sep 2021 13:50:25 GMT
date
Wed, 15 Sep 2021 13:50:25 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-pyyBRqd2hiQjuMa+n8DQdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C81F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 13 Sep 2021 21:28:47 GMT
expires
Tue, 13 Sep 2022 21:28:47 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
145298
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame ACF7 		783 B
933 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f4.1e100.net
Software
GSE /
Resource Hash
cb2d6cb819c3cc59956fa818cb6533576ea181f4414502dcb088c5066ceaad78
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mM3G1RKlrruga4LoOkFN8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 15 Sep 2021 13:50:25 GMT
date
Wed, 15 Sep 2021 13:50:25 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-mM3G1RKlrruga4LoOkFN8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 9F03 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 13 Sep 2021 21:28:47 GMT
expires
Tue, 13 Sep 2022 21:28:47 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
145298
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame D29B 		783 B
734 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f4.1e100.net
Software
GSE /
Resource Hash
7c762af386248c7ad03c1f5ea770168f0c37d96af76fe8f25d18584305450c3c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QrbVqb0/THFryw6UYfyOPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/

Response headers

expires
Wed, 15 Sep 2021 13:50:25 GMT
date
Wed, 15 Sep 2021 13:50:25 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-QrbVqb0/THFryw6UYfyOPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dmedianet.js
contextual.media.net/ Frame 459D 		267 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/dmedianet.js?cid=8CU2R40WC
Requested by
Host: wowyowapi.com
URL: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=powerball.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
52df59d1b76a211157c4ea14d0fbcb243011c92760b754b0511769a986a563ce
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wowyowapi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-mnt-h
10-2
content-encoding
gzip
server
Apache
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
etag
"8da604b19407897d5397bee087bf8c36"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Wed, 15 Sep 2021 13:50:25 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-32
expires
Wed, 15 Sep 2021 13:55:25 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4DBB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021091001&jk=4151954087584424&rc=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame ACF7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021090801&jk=169616103166330&rc=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
pagead2.googlesyndication.com/bg/ Frame 0CEC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
sffe /
Resource Hash
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 19:25:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
66286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13196
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 19:25:39 GMT
N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
pagead2.googlesyndication.com/bg/ Frame 0749 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
sffe /
Resource Hash
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 19:25:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
66286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13196
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 19:25:39 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1509 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021091001&jk=2721376231387374&rc=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
pagead2.googlesyndication.com/bg/ Frame C81F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
sffe /
Resource Hash
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 19:25:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
66286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13196
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 19:25:39 GMT
N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
pagead2.googlesyndication.com/bg/ Frame 9F03 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
sffe /
Resource Hash
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 19:25:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
66286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13196
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 19:25:39 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D29B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021091001&jk=2085055848051550&rc=
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
fcmain.js
contextual.media.net/1017354394/ Frame C92A 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/1017354394/fcmain.js?cb=window._mNDetails.initAd&&gdpr=1&cid=8CU2R40WC&cpcd=S0QoxJjx8zdgMjrOCDQAOA%3D%3D&crid=964576456&size=970x250&cc=DE&https=1&vif=2&requrl=https%3A%2F%2Fpowerball.com%2F&nse=5&vi=1631713825872389640&ugd=4&nb=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU2R40WC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7ecee3d17bdfd84907b2c17706a97263ffc2c8319a9f054a26f02b2e0fef45f5
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wowyowapi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
x-mnt-hl2
8-1
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=262
date
Wed, 15 Sep 2021 13:50:25 GMT
content-length
1525
expires
Wed, 15 Sep 2021 13:54:47 GMT
bping.php
lg3.media.net/ Frame C92A 		35 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CU2R40WC&crid=964576456&vi=1631713825872389640&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=2886993991&r=1631713825507&requrl=https%3A%2F%2Fpowerball.com%2F&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=33438&vgd_rakh=1631713825124581224&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pbcm=1&vgd_pgid=p0859727040t202109151350&vgd_pgids=1&vgd_uspa=0&hvsid=00001631713825500036324930565337&gdpr=1&vgd_end=1
Requested by
Host: wowyowapi.com
URL: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=powerball.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wowyowapi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Wed, 15 Sep 2021 13:50:25 GMT
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 15 Sep 2021 13:50:25 GMT
fcmain.js
contextual.media.net/1017354394/ Frame 459D 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/1017354394/fcmain.js?cb=window._mNDetails.initAd&&gdpr=1&cid=8CU2R40WC&cpcd=S0QoxJjx8zdgMjrOCDQAOA%3D%3D&crid=964576456&size=970x250&cc=DE&https=1&vif=2&requrl=https%3A%2F%2Fpowerball.com%2F&nse=5&vi=1631713825258349218&ugd=4&nb=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU2R40WC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
70d84fb2488de452b5fb4c72b46862817164e29fe4fca402d678dfbe9516ce49
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wowyowapi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
x-mnt-hl2
8-1
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300
date
Wed, 15 Sep 2021 13:50:25 GMT
content-length
1532
expires
Wed, 15 Sep 2021 13:55:25 GMT
bping.php
lg3.media.net/ Frame 459D 		35 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?&gdpr=1&prid=8PRHGG6T9&cid=8CU2R40WC&crid=964576456&vi=1631713825258349218&ugd=4&lf=6&cc=DE&sc=HE&lper=100&wsip=2886995206&r=1631713825549&requrl=https%3A%2F%2Fpowerball.com%2F&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=33438&vgd_rakh=1631713825120735138&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fdmedianet.js&vgd_pbcm=1&vgd_pgid=p0859727040t202109151350&vgd_pgids=1&vgd_uspa=0&hvsid=00001631713825545036324930562564&gdpr=1&vgd_end=1
Requested by
Host: wowyowapi.com
URL: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=powerball.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wowyowapi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Wed, 15 Sep 2021 13:50:25 GMT
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 15 Sep 2021 13:50:25 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BE74 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcSFJtmdJGDjsekwZymyhwHJp3qMR1E3kJ96RgZ_S0k68nro7ssKX3dyntoy1UFSnLc7R7xk6uZBBRbs5hCJk3ZXoOxDbA63GxWam9d7IoDAw85w__&sig=Cg0ArKJSzN9eoUzqfXHCEAE&id=lidar2&mcvt=1039&p=0,0,250,970&asp=960,315,1210,1285&mtos=0,1039,1039,1039,1039&tos=0,1039,0,0,0&v=20210913&bin=7&avms=nio&bs=1600,1200&mc=0.96&app=0&itpl=19&adk=3386903054&rs=4&met=ie&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1631713823163&rpt=1396&isd=0&lsd=0&r=v
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 13:50:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
flping.php
lg3.media.net/ Frame C92A 		35 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/flping.php?reason=6&action=4&cme=zT-S6NDeNRdhC0GhFj_l-9Y5RSmcUsUmJWyDFBt1aSPjZZKWfQ0e9FIVEP_rX0eWTIUmQY2mN2FL4pCeDghJprAqtUnTPY4xSZgCoQqDUknXYTQRlChAYFZN6kvmMoUzojYWHXnDxWfbonQeigczqiJpYtIsA7DvlOEWhLkmEfZiacgGM4_U2O9M_0F_mwaNl2RfbZFQungOjWdGZn0LApsgk9eFiRVLQfzAn1zB4C4xyQtVVpJQ1AB3tl9zjaodYIMis95WLl6__yYrdp-s1i9sLVHKjKiP7LuPfzPRWP790yL5HZrAQYw7UFWTx0TrMO3juN3BCFci8b0UbGy5rZRNZXeyH-GPACZwo9mDuNw2H37qwq93C7nrSDud7TycEHusbDYzwbY6YQyZw6-X3e1Mtsj5iLybQVHiE8eIrnA3JGmWobl-DRMncMyQNdN3yQ8m78mZlGYcnZ46dcdD2zx83rRzHq1ZbpOyKcQUJZnPPXZUs1ksNeyiuffTiGoCRarEIlTfp00ogLyvRSa1_JZMyiAgBvBueCVEHGm5iRF6Np7mzwZ0kHZ5De7bzf76aW9LU_8J1CNyIW3Zy6FHjg%3D%3D%7C%7C&gdpr=1&vgd_xrw=
Requested by
Host: wowyowapi.com
URL: https://wowyowapi.com/wowyowdisplay970x250desktop.php?l=null&u=fb243434-6d38-f6b6-4543-c462ef8458dc&c=null&d=powerball.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wowyowapi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Wed, 15 Sep 2021 13:50:25 GMT
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 15 Sep 2021 13:50:25 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame BE74 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021090801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090801.js?31062520
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
3d2094843cff85a4eac2b1d7e17bd1a4d6362ac6fc648ad6cd0a03aa1b1bf7a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:50:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8475
x-xss-protection
0
flping.php
lg3.media.net/ Frame 459D 		35 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/flping.php?reason=6&action=4&cme=zT-S6NDeNRdhC0GhFj_l-9Y5RSmcUsUmJWyDFBt1aSPjZZKWfQ0e9FIVEP_rX0eWTIUmQY2mN2FL4pCeDghJprAqtUnTPY4xSZgCoQqDUknXYTQRlChAYFZN6kvmMoUzojYWHXnDxWfbonQeigczqiJpYtIsA7DvlOEWhLkmEfZiacgGM4_U2O9M_0F_mwaNl2RfbZFQungOjWdGZn0LApsgk9eFiRVLQfzAn1zB4C4xyQtVVpJQ1AB3tl9zjaodYIMis95WLl6__yYrdp-s1i9sLVHKjKiP7LuPfzPRWP790yL5HZrAQYw7UFWTx0TrMO3juN3BCFci8b0UbGy5rZRNZXeyH-GPACZwo9mDuNw2H37qwq93C7nrSDud7TycEHusbDYzwbY6YQyZw6-X3e1Mtsj5iLybQVHiE8eIrnA3JGmWobl-DRMncMyQNdN3yQ8m78mZlGYcnZ46dcdD2zx83rRzHq1ZbpOyKcQUJZnPPXZUs1ksNeyiuffTiGoCRarEIlTfp00ogLyvRSa1_JZMyiAgBvBueCVEHGm5iRF6Np7mzwZ0kHZ5De7bzf76aW9LU_8J1CNyIW3Zy6FHjg%3D%3D%7C%7C&gdpr=1&vgd_xrw=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/dmedianet.js?cid=8CU2R40WC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wowyowapi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
server
Apache
date
Wed, 15 Sep 2021 13:50:25 GMT
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 15 Sep 2021 13:50:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BE74 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 15 Sep 2021 13:50:25 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9548 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021091301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091301.js?31062553
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
9c645679176592c99db214d128163dfe65bb4f8709c344b0222c4767815a00b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Sep 2021 13:50:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8515
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame B5B7 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 13 Sep 2021 21:28:47 GMT
expires
Tue, 13 Sep 2022 21:28:47 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
145298
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 7CEF 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f4.1e100.net
Software
GSE /
Resource Hash
e81de8bc1c4751db1794e59e65f7eaa3c7868a0873e669f609896d1cfd441a59
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9Os4wlIc3UkyGB530Z41Ug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 15 Sep 2021 13:50:26 GMT
date
Wed, 15 Sep 2021 13:50:26 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-9Os4wlIc3UkyGB530Z41Ug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame A483 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021090801&jk=169616103166330&bg=!c3ClcDTNAAYT0U73E9E7ACkAdvg8WnfOJ0O8DNWxmROXIbZ23e2zmwax-wL_V5TAKZsvnar4VqZ6_AIAAAIeUgAAABZoAQcKAC0zZkuWQbO8gZvZHyO00CAD5eMWIRUWo1uTTtQFK6c40xtLViDNVlUESiQnLiWZApcaF4N3faL2b819hISdMGQW_klI1gnJitiipc7qiXOd-196G7RB0Bl6F0HJqkNAXtqPepCJAkFisc2GKWakNI-2STi3RAiVGgJtX4ziwN7JLE66AafHmgVNj5x_7uswbXTLKO7dZsaFKy2rlUsHySIkQETBjPieONCHBXCLjgSxyJk-TOTYqtRGwEJblBDmn1FlBmjY3KUy0IdqPETpOt3lwvee-7mkAenojMmTbI72vMY4TysaVFNh3XYp3_k_DF0nqnYKsbAlZcfkBmJgWVqrLDFjaWPVCLmPi5iOnkbt25JqdiM4yWM1tsZYWL9i0IKWW1rU5bDcThzWELv_k8ePa8U23BjJDeg-1UwpqK4yn5Z7nf4JGr3-KDPoCoPw-Zd4WjZJBa49vd0nYcwYx28wU8tp7pjsKwWtsnUdSJc49Hsdi1jvhpfQJOv3r0aTYq4f0jW-a-cnAa-6wiBQpM1GwgKk7VPN_95_HeTrf9AxykyHQpoKg50ZzE9jrYYZJnSk9HBCy5Kb6r2aSBphqI9SeBDLBwj2GkmVEBHx316iysyiRThKC5Nr7oFoBC2q0MepeiyhXi8iI4N7sw0gaKWy1CeaovTGHczILp1KRDspilzxCRzDp5WmKkySo-am_FDRvkTjCUCIXF7jh2AGtC0lkbJhi1HfmOp2C3SRyoN9_dVHoxWRMKkcPXj9rCw4JWn44VNfhbe9cqTF8SXTJSeyzeIOPXFR9tikFtnNpmB0__6fZM0AXoZsG5Xm-3JIE360PVTOxbeIdyC2S3dXLmNA_dThNMpFGxy2J0UZBWruWDHZxBoHLq0PAxd7eAeKmruQHvknl4CXKU8a_TZSjVpySIR9eWc6Em9Wy4SiQ4jWFnb7nunsCcA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 13:50:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9548 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 13:50:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 15 Sep 2021 13:50:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F139 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021091001&jk=2085055848051550&bg=!Y2ClYCTNAAYT0U73E9E7ACkAdvg8WpmvQoKOaAUiEX70nh34M0U9vi0urTmaO65ADHCzu9cxsdOrQgIAAAJEUgAAABNoAQeZAofGL3s8l_pvo-CRlPDH-CkbCd39JUwgxO0Z2vI2t1UENB4za7W7ec0wbsaEPr1FRhF7t3HlZBE-vFK-94ciq9fjuv3vc4fXgmsRLkHH9qzWHXPBbrse-xnj_KM3WtR0mVP6aDot2J43Vp0ejlVd6eF8WU__QrETS2H7Xrcp_s2kglpoKLMP_h5_RLaCe3dKeLxazSgAruN7rL1gzW_XjiLb0wHMIkbAxxajhEVPFfZUEbGA22uxgGGD1zzVBXscRzHUo6ZrjowKLkPTNhK9cN59IxfH4yV4xcp4WYqAN5zd5OSATtyGalJ2TnGuTLM5Eh-HiZWF3M7yfn3B9dsjyFHQij6pMolif__uycTwD_KmWQzijY9Wi4w7AWVm2DN-3GcJNiwIVPnSoToi6zvW5QYvhhJh6mNzPIFNyoVsbpOGkanqrdxMknbZUMv3ffCYf8gmmznnGL4h7dFxYPKVlIdEX_9MaUhG4VTA2QF_8NgUk-3KvGgn9wa-xtgcJsDL23JWITQ1y4QAz38FLietznL0gOQp-torWU3HlXx7tuFphqDCF5fk2wHeWG6DiNgL-0Gy2rqrywjXHeLvrP9PWc2RIOSrGxzSmwoslTiDtN56_W945VahiudUPOuJ6vZF_bpQNMzNXIwSOCdA6rvM4qkDF11-lwo93GqJjCsBSiDEfC6Of9I9UqH4IEh5-9fVDvCDdtsr2PpxRBh1vxlYIep386vaDB53GqQG3YkcueW74muLdhzdP-tIcChw-AhxU1l6X0Ieq5Go5p6aQzBIVw-CtrDp4XdsviRVUrMWUdyeEz6tC47YFTWolB6ax184TUum24kNHGdKmt5VZC9y4r5YyZjwvPmhyg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 13:50:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5DE2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021091001&jk=2721376231387374&bg=!AwClAETNAAYT0U73E9E7ACkAdvg8WlpWJJkI_0EodJiLpPFnl9DUoZG1WwxQWJD8I48sNTQU04NOxQIAAAIBUgAAABFoAQcKAI4ekIWPz7ddw807KxLsqiAZptK87OueJ1A41m9DdrMbzCtWU1SatjuDjrnNdJ3PTBYRniNn4wIVHDVjAXDvZnZ_P5sTpiHvDXih4pjaps4f5kusz1rs3fLJqpvA-Xt06qz5kiV3CplXzwUbHoq9DoMDd4fKSWkC1Wz8L2M-v-7v-SnMnlNFt2Pg8miinxlNmQKaYDaEC1inbv3tIWsU65H6aPLI8y3Hj354ICX_QerV4q9hXOtbrlTQGcCaVKDm-xrmdxDgkxvK8BIOP6gYvpZ3GqfGUF52kYnoF7TXBNQ1kisLcZB56dqJK7g78wdVdCYDQbK0Vfbhj_azgo--H6upmDrC0fGbaxEN2a8XGq8NYOBSTE0bgFUgkF5hHatiBnQ3ANKXsX0FQHz2v8G15ElqKU-ZXB9aKEM6Fqkbba_mlmSEFrHJ-pItYdFA4Wft1deiUG5JDU5CF-aEwWAUZR1LeHL3Hlo87QwOcFh7KlljqIJsUU5n50GyHeBtFZPaC0c9Jb9g7ozf3Ftm76RdVKxVVrd-2uS_kykjxjcNExgiw4AaSuH8qFCSYxDWKzQJKlZUvcDkRX0mv_0LKaMCjD1GJWdKX4EfknIcT28op3wqBsV3ARO8Hnrwu-oHLvkitIca1A4lcyptn6ZFX2JfuyyJS1MuBWq1bAbU6XL1Dq8nAWNKh7TxJPqHCY8gmhJO3YkYOj0DTeiZAvRv5l4mTTtcQU8SqYwOqF_5jSg62ZUBRdAZKV8ewm4sr0GvzhI9Lqilnk9CbpRzmKkoXQQC8gaeuu2pv-4nE7T0jcv7ePydTLUrkg9I61kQ5S6UhHWdz8ppSd9Sm2vLR9DvNLLdhAzbzOieNUFuv1bmy2MGgGQ1P7_Rnkd8xYA_kRtEHacu-T9fA1XpaJAxB10hZcbo9N60JH5ebK43IKewOExaC2AxiiOyNiitwmVduX2vqWMLv0moS0JQQ3t_JQdmXA4CDsA_DgOf5O-2Jw9vaN3iVfsvVt8Zu9gsY6dWryExm5N7uB51fMpK6_ZvV6VeA8HcFnjfHm1ZFLLigPqMOeMudxv-o4RkCBlzqJZuv8VC
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 13:50:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7474 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021091001&jk=4151954087584424&bg=!sbKlsvbNAAYT0U73E9E7ACkAdvg8WiUTCLku_TGlVknzon1C85yD-bm73l20f55EHJ5FMs79JpagfQIAAAH0UgAAABVoAQcKAOvFx3dxzlZPGX0ANj1agRc7PrGMksBOaYpX4RsVgwunFBo9DnNX912UJ7uwrEGZOJCj1ktMkBfOxLwH42UPOiDB0TtcIVUEOT9LWXmQCTlj3biN_rwujd4iQUJ1zrFYwMl73U_Uddo94QzApc4OCAQ4ULtbpk3dBptAybUD15c7EZt5GGjjLJ5-Q75cnj2EO0tkf81evBY4uHY6Cscinh0ID2l3ZfRyqD45fcRYcnBxD5dh0hM7Esl_gqZdIE0N-w3i-57JsqFx7zHo1rYoPSwMvLh_LntKdVWHnQOUJ_RFiTd7FY54PwT4KqkKmQKF634NFEuYp4yO_wMRyKs2NNLWYx0q3lhNuuTKZFwdYUgNwel7Vii3jD73FKqADbMdjQGDOFy_enE2npELPUiXEOxPE9qc9KxbjFoEYb2zbIMQ0pxXt8mADODNNGjH4DiDiUvl-Kj2Xd-b7gTLt5ucIH-A6gbr8naElllNx_JGJriKVX0mgFMbs0vFlf3xm7ecoP7bjKRp4u7XspweiIE_BpXqq-mNCjOUPlwL4OsaSYv8e_jOeBSoG8diIA0KYu5UN45FYorgUT76sPrT8axkLNK0bnw-RSq9nL95b5IMl7RxKdIMREKh5o5INzIowPkU0Rs6FRZ20GvhqkHReBqc-urAAqZLnifam01g_GmXB0tau-01yw1lL5J4tlbAoMxgmKhfOeJXJ8ybqu1PS4Eu4WfDhVa5MPXD7s94vzRs3zny8_As4eoa_6len4o2uopvCiB1oRVq8ca-6oDC-A3tXhBF-qEbPMOVqnjWsc7eJ28vpO_XgpZc0t2-ARUhiX8TeDgdqJ-fyD0KqQDsru3zTBg9FvlPy1htAg50XcpU1MWIQK-F0aRm85f3EkvJkC6xYp7h9FCnZbFg0vU4Nqzl8poGIY3_IDCt94zf7qNqtOMZi-DyTPQ8wqVKsmAxadSVaLjZB6hTh677gy3F9qPAvmEwkSgPPbhrxW6LTBbpiAcLh68b4izxkBv46yc31A_R8vNC8gr1YwY7Mdd0vGbQ5J03aYHSWTO_sb_pP-DOAtvqDD9kWnGMJxxRvJh0mnP7H8xudDkj9Qtk00PVO5Xf6iq6aUiLkhL3I-8uFgta6vNaJpmyOO9JbZvEshg_Pfh-bziXNNyN91OL0MSSO-D3EpOODqwz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 13:50:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
pagead2.googlesyndication.com/bg/ Frame B5B7 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
sffe /
Resource Hash
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 19:25:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
66286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13196
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 19:25:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A0D6 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s28-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 13 Sep 2021 21:28:47 GMT
expires
Tue, 13 Sep 2022 21:28:47 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
145299
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 443C 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: powerball.com
URL: https://powerball.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr25s32-in-f4.1e100.net
Software
GSE /
Resource Hash
aba9f67673e81fb64779d52a01bfe468d9b9136be14c162b7e7a583312b17763
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-E9yUpcuUi2+6X9F1SGlGGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://powerball.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 15 Sep 2021 13:50:26 GMT
date
Wed, 15 Sep 2021 13:50:26 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-E9yUpcuUi2+6X9F1SGlGGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 443C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021091301&jk=1995013131318588&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 7CEF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021090801&jk=3888033112839442&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
pagead2.googlesyndication.com/bg/ Frame A0D6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
sffe /
Resource Hash
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 19:25:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
66287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13196
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 19:25:39 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BE74 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021090801&jk=3888033112839442&bg=!g4ClgMTNAAYT0U73E9E7ACkAdvg8Wm9-_4yI64RvZci5rw8qn0fkp59IUGN91Nymp4d40AjqtrawvAIAAAC7UgAAAA9oAQeZAp8rhqCd93aunm-NtIQsZAg9LGu81zJkxh3_ILJsJ-z6pgLSrrVrdK5nx1E-Ad2msnXZic7O6vR6ODhWQQlLpBdF_JJ8vf44-CH8zZYsTvRpNCWs2y989rzwQcln6TXmtGsI2kYGHxh71HUbSzfXY2OxcePVoEizOyB3lpTuPnJALlc6qLtwm-QgRORNHyPYEPJkJ7i3qbJaV2ubJYc3xtdaBjC7sIQy7CTo7nRLng-spLchx2162rMDVbKAz5j5PocIGK74EdXzBJdWjLraKUrkoIV0QopIdPY2eZZjymXWGPN2BcrWuORISR3t0ng6mWcI7LwiDPgLaA__5JSCEAjHytuQfKTL4da-onp_dWkou-yujeaKec9ZMsa3U9La_YBCE1k469mOHov9TCFJbCo0ann2sAPFcEh71q4jDdtRgP4lmTd_G2LfjZIwwWSxXuhANzJYf2DPRASV27KFE_EyLJ93CkZPbbINU3PtJ5drP1aFk_WtOZqz4ugD65JqZkBUlir4hKkUUYIWB54g8xYq7p4eOZ9jjmcoU30yiavkyZYRuaFdhRWXQqUG9oNRbF5y5XETCPBjE51xUBwKp9MNK0d3C06T3rUPSHVzO2aOe19ZEoyOBQBBAR3g4D8AxW5fCJm0xy46kLJk2oi3KIJLF0EV7D1YfvKq3iKxpGQ4lPFIWm9V1RdzwmYfIGLoPQGFEPRFkyV8SkpuQG1BRkGcgnesrI43EKlne0OcCZt42HnEAH1lBnUzz4zxPxPtiNAGtXwZXkeY5N-fNlKp4_1UlKb8ZG1Nx61bL36Gg94VmRTxSvtsgu-CKWVNvva0oQof-GUbgYeqUgPFER38S7UHYblVRAPsJRnJtU1ZffTcime_I9zSG5JyfYm8nbfsFw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 13:50:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9548 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021091301&jk=1995013131318588&bg=!wcKlwobNAAYT0U73E9E7ACkAdvg8WqelvAlEDX-RRApVsOO_2WefJf3zMSpcn-9dPTqExlFZy5prBwIAAACjUgAAAA1oAQcKALIZgNNf-jYVgiMQFUsBlB5VBjNBfly6o5JotA1eX53sC_WFL2xTNnOGpMYGPhkoYUIrgneOh2u4eD3gfLfqbkJNXa7s2oYvKHZBfHRF-iViexcKpH2PrNFYlqPNiC24_WL7AeiMPZVgbgEwF3wh8q28ghsoGezlNtPOd5N-q8Qd9NMUSmpklYT7kpyY36QW3JTsLiDDyENIIwhQEy9hVqk8EUHvUhNkQxMXyD8ICjq3vDcomQKT7XzYoq6RCCRsCE0aMT-mch08cPRHBYMsZ_e3zzWD-W--mQWFnHql0CMxBh9D6YxVqTbLHuaRFn8Z1WPXmoRtXaC3G9BjrsOJThY4W-GZsVC7P7iNpigzw-q8MwLA4MGcD3pi2aZgGIQ6Glzd5OF-9aBxqFnHD9_XEDtn7aQ9H5q8kRD-hqETktjFzcYpzqCeNs-o5Qv64YU8wD40LfiPKfRit94u76WM0Qf9iVEty_g-D1ltzU7YtoRYFiuj8JezwKF5TivFlX1r-5NlLQX4VZXM6mhJHQiNCO-an2xtVcR6ySRvdUiXHV88_jsYzkcdOx_ePnFpU6Yz5pb8tYEvWAkMXJdRmWCWoEwTCwbOlAZO17m_AzJg8Ob9vHeaXVKt8xvnnveiPGTLid7CFgBoLfLtZ1vhA3UvRdS2HxdnKW1OgLAyMdpzUPPjbIkB4PhmPi4cAlubC4erXI22KKZkM1ZuDcZizN_X_Zm5aIUb0oIx9C-b8gysqc2ldFkRyLd-pu3EUyB19vEwWeEBuiMfs36X44V9qwj4eQsQ47yMrsmMvGIeSvpdAYtDrKEObDe7YoWAqLmt_djfOTUbS78_ioH1IXaOBmIIPZUAmO__0lkbZh81Z9fFCpo2fsnkEEwAN9eUNrNIidd9pbX2Z1QjupB45B5A7G37sVwLIZ63bcJTCiFD3rrd1nL8cvwqxQrC8FIjfoq3Yxs1SPwBwE7yniWZNye0WSBfimTmCzn0udPyHPSST4gJIAZxrMFauGf6uyRpcr0iJ8gr9wECLzk3Q6NBAmTxWVIx-Zk9SfH_4vYAv9MJ0Oj1SsPAe26VtUGc2DYqzvhZ1ByGjjbsWabw-uMAOo59yc_eOfmfWivk15AgevQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.169.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr48s09-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://powerball.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Sep 2021 13:50:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
adserver.adtechus.com
URL
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=11b0be21ca66069;misc=1631713823628;bidfloor=0.3;
Domain
adserver.adtechus.com
URL
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=113fbcfe1c49758;misc=1631713823641;bidfloor=0.3;
Domain
adserver.adtechus.com
URL
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=118b0ae19cc2b8e;misc=1631713823651;bidfloor=0.3;
Domain
eu-u.openx.net
URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=0
Domain
eu-u.openx.net
URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=0
Domain
adserver.adtechus.com
URL
https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=119c850fa4a32ad;misc=1631713823698;bidfloor=0.3;
Domain
eu-u.openx.net
URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Domain
eu-u.openx.net
URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=0
Domain
eu-u.openx.net
URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Domain
eu-u.openx.net
URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405&gdpr=0
Domain
eu-u.openx.net
URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405
Domain
eu-u.openx.net
URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=81b4c02b-2295-4d05-bb87-601a1f12b405

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect boolean| originAgentCluster string| GoogleAnalyticsObject function| ga object| bigAdIds object| bigAdPassbacks object| smallAdIds object| smallAdPassbacks object| marqueeAdIds object| marqueeAdPassbacks object| mobHeaderIds object| mobHeaderPassbacks object| gweini object| Criteo object| adUnits object| googletag object| criteo_pubtag object| criteo_pubtag_113 object| Criteo_113 object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| includes function| updateTotalWinnerChart function| setupTotalWinners function| setupMegahits function| setMegaHitsJackpot function| slidePrizeAmount function| setupRecentNumbers function| dateSearch function| setupMenuRecentNumbers function| setupWinningNumbers function| setupaboutMusl function| setupPrizeEstimates function| setupPressContacts function| setupMuslMenu function| setupMuslMenuMobile function| setupHeroCarousel function| lsitDropdown function| setupHeartbeat function| setuptapmenu function| setupHowTall function| winnnerCarousel function| setupNewsCarousel function| faqAccordion function| dailogVideo function| imageResponsive function| setupWhereToPlay function| filterWinnerStory function| modal function| showTooltip function| playProContentToggle function| gameSubscription function| openPDFnewWindow function| priceTableNavSlider function| winnerStoryFromHome function| mediaCenterDownloads function| customSelectBox function| getDrawSummary number| powerballConfig_desktop number| powerballConfig_tablet number| powerballConfig_mobile undefined| $ function| jQuery object| drupalSettings object| Drupal function| moment function| setIdAndLoadAds object| $block2b2 object| $blockla string| gameName object| gweiniOptions undefined| currOptions undefined| tag object| script object| gweiniTrack object| gweiniTop object| gweiniZones

15 Cookies

Domain/Path Name / Value
.powerball.com/ Name: _ga
Value: GA1.2.1087763819.1631713823
.powerball.com/ Name: _gid
Value: GA1.2.541123781.1631713823
.powerball.com/ Name: _gat
Value: 1
.criteo.com/ Name: uid
Value: 66a3bc05-886d-4166-a85d-e9c5dedcf55f
.powerball.com/ Name: cto_bundle
Value: eJtNLF85JTJGM1VGZVhiNHFXelRJbmplSWtXSUMwQ0NIMTVOQjlMbFFKa1hkak0lMkIlMkJUcHRxaG5EVmRucGp2RUlaQ1ljU2NaQVdFWW9pdnhmdUpRSWVxa3d3YSUyRnFPQlF6TXpJMlN4OTlibjBGMlo0ZjBBUER2bG9XVXlLSVpmQ09mSGJ1dXlJMCUyRkRtbDlYSWZtTVhJUVhOSEx2NGJRJTNEJTNE
powerball.com/ Name: OX_plg
Value: pm
.openx.net/ Name: i
Value: ae647c36-3842-0f2a-3049-557b684a742e|1631713823
.rubiconproject.com/ Name: rsid
Value: 1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVwywYaQOmrhRaqUZrmDgY/CTx+qs1OnYX6qF0anVSaRRFrEpFc6uQw19gMkasvdREJwzG+vEKleU6LjTam3MjDFVf/xlH9h
.rubiconproject.com/ Name: ses15
Value:
.rubiconproject.com/ Name: vis15
Value: 20319^1
.rubiconproject.com/ Name: khaos
Value: KTLKA487-17-2LWE
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB2B6PYX1ju6Jxn7swBxLqEhsoPVz05fOg5ces9HnGww3Z8R0EgP7riRwFCfoC+4IsWXczYCm9bAILKpUjWTmmg0
.doubleclick.net/ Name: IDE
Value: AHWqTUnTltMkXpzmnfg58fIWFU759TwcxSIwpSq43zKK20QOYyTkdBpHc9MotbuSztE
.powerball.com/ Name: __gads
Value: ID=b778d90276e43951:T=1631713823:S=ALNI_MbN6EC41NWJ7xtTF6bNUftFGjzFbA
.media.net/ Name: gdpr_status
Value: 1

14 Console Messages

Source Level URL
Text
network error URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=970x250&SiteID=APST09010385POWB9702&Zone=ATF&g=538
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network error URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3001&Zone=ATF&g=910
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network error URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3002&Zone=ATF&g=289
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network error URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3004&Zone=ATF&g=54
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network error URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=970x250&SiteID=APST09010385POWB9701&Zone=ATF&g=327
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network error URL: https://api.lanistaads.com/ServeAd?s=t&AdSize=300x250&SiteID=APST04010385POWB3003&Zone=ATF&g=880
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
javascript error URL: https://powerball.com/
Message:
Access to XMLHttpRequest at 'https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=11b0be21ca66069;misc=1631713823628;bidfloor=0.3;' from origin 'https://powerball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=11b0be21ca66069;misc=1631713823628;bidfloor=0.3;
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://powerball.com/
Message:
Access to XMLHttpRequest at 'https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=113fbcfe1c49758;misc=1631713823641;bidfloor=0.3;' from origin 'https://powerball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=113fbcfe1c49758;misc=1631713823641;bidfloor=0.3;
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://powerball.com/
Message:
Access to XMLHttpRequest at 'https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=119c850fa4a32ad;misc=1631713823698;bidfloor=0.3;' from origin 'https://powerball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=119c850fa4a32ad;misc=1631713823698;bidfloor=0.3;
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://powerball.com/
Message:
Access to XMLHttpRequest at 'https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=118b0ae19cc2b8e;misc=1631713823651;bidfloor=0.3;' from origin 'https://powerball.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver.adtechus.com/pubapi/3.0/10363.1/4315967/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=118b0ae19cc2b8e;misc=1631713823651;bidfloor=0.3;
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

16f1fb10e2815876b42d3363e4a9c2bf.safeframe.googlesyndication.com
916693ab03439e93d624fe507e0d2f15.safeframe.googlesyndication.com
9fa7d11b8a39dbc63582fa64dd157d29.safeframe.googlesyndication.com
adserver.adtechus.com
adservice.google.com
api.lanistaads.com
as-sec.casalemedia.com
bdb11cd5f0bac12a7dd71badee449487.safeframe.googlesyndication.com
bidder.criteo.com
code.ionicframework.com
contextual.media.net
d2si3hiz85fm4q.cloudfront.net
d2tbmvllb55wxq.cloudfront.net
d4def9e2e11117645526dee7c32eb0cf.safeframe.googlesyndication.com
deio3v2go54x9.cloudfront.net
dmx.districtm.io
ece0d945c35ade9a565930132320e707.safeframe.googlesyndication.com
eu-u.openx.net
fastlane.rubiconproject.com
fonts.googleapis.com
fs.gweini.com
gum.criteo.com
hbopenbid.pubmatic.com
i.clean.gg
lanista-bidder-d.openx.net
lg3.media.net
muslapi.musl.com
pagead2.googlesyndication.com
powerball.com
s.gweini.com
s3.amazonaws.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
wowyowapi.com
www.google-analytics.com
www.google.com
www.googletagservices.com
adserver.adtechus.com
eu-u.openx.net
104.16.68.69
104.219.254.16
104.26.7.173
142.250.179.226
142.250.180.4
142.250.187.194
142.250.200.34
172.217.16.225
172.217.169.14
172.217.169.65
172.217.169.66
172.217.169.74
178.250.0.130
178.250.0.157
178.250.2.131
184.30.24.22
204.237.133.116
23.218.208.246
3.212.145.131
34.95.69.49
34.98.126.214
35.244.159.8
52.217.38.166
52.222.179.33
52.3.107.81
52.38.151.252
54.230.206.51
65.9.191.54
65.9.191.90
69.173.144.141
74.125.206.157
03bdd68a1e549bf59bc419d1842bec52628885efc75ed8a58a7d1f7671d6c4d7
0671e24e54ea99d9569a6edf540cfd1f833585638d8fa41273e17f244783a2a9
06ef905faafedcc71b11e25d395607fb6fef70fdbdaceb87c744255c67624799
084fd154266692bdc0410bb5e3a74dbd35c4c544b7e84ce52dd4643a0c49b97e
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
1215136d60c1e4ef811820846a4cd9077e547adc1c1d66ef32513a69a8c810c1
16bc74e3ebb6ef6cc2c56565701502e39ea269aa665dd74da5742d371f3b2939
1b1d51840695cebf90274b527443cd64945cd9dfc5d2b785b0a772996ec588fc
2107c8494ce94c0062eb31f0df774575e349ca830829c94459e08f16865c20f9
25ec9c81545b9436bd74bf33526893ac074ca45876cdd7ec001ad196eb31db51
2ae2901f146e2e0eb83648fdfc19c78aca16e1674313e164bc93c3739bba5d36
2c437174c8a07289020634f58f5a6c88b8338aaec20a4043cc3bd4fd11b7098d
2e9b8d1846540b011537938bde6ffbaf1f72b1729873345a7b4a6802aaca1a11
325cee8a45b452b68fe28fb92173f63a7f19967dbe3bf794bf4e3211772150c9
3359b4144b82f3b6da112c3f4363579c07c18d30269e624fdc96700e87fd2c22
36e9174f85bb9bbe4d46667ddec90e57d48afa42af4f632b43dfecb2ea9b0b65
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
37cc0451eec571b22864bfac29a3766ccebe2d1e48ac4a552a8e9b8e6f9be02f
3a04c03bc96ce2c771f7a564205e19d5681693d6545f0563c80f68bfe6e05e02
3a8cdc917fb78ed814b9ac97b1414fc553e90db71b622070224a5140a465e0ce
3cabc2ef173e2197ebf22984c8559180917e2e062017db2219241cfb9e45515b
3cd1f55c8002f39d824d6fa0a4cd362e8b76317b81176a7b271471e651858409
3cde3dc0691b364cf1af3f233269802b8b4d566b962c107fc49966e839222f1e
3d2094843cff85a4eac2b1d7e17bd1a4d6362ac6fc648ad6cd0a03aa1b1bf7a9
4216276d265d6d92418db268707729a185cffb5111785badaa8afc9870baffaa
43a626a5197b1ecf722bbd4be1d36aa7802aac0968d2951a02330f6ccbab03b6
47a3d1d29044a5086d50d45f66600b612cdd16df4893eaf01571c8d2d714f42c
4c4f262a6ae9b7b845b3db15e23fc65f39db970be6e1e59fb3fd2d2f9ca191cd
4d67612453471d92625a9b63c34bccd8df52b73db03240d4f276e99816dd2fbf
4e6bb09533b37582ebceb3511809da00c29b70a68b68525d1b59ce970e9eefbb
4f3247afd79f589a87853bcc1a47384fe4355feb6faddd6a53a94394f770227c
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5111b3af3c37b8466db90632f3cdb79670a1af92835aa85a510260b52f045a71
51f45c89e5baf365e97a33c12bcd2a8bd365f5e156a519eb3c6db4a270ef0d1a
52df59d1b76a211157c4ea14d0fbcb243011c92760b754b0511769a986a563ce
52fe2f0394335dab93ffb9cac2bea65d4460b5d24cbc3861e62392194b11bfff
53d8a71ff124686db541291edba4d41f1d75a5dc901661662398628521497753
57071f2bab2e1cf206029d4d3c6a0d769c41c1b883d0c8f3977d5225084fd577
58da6480fc50a14bd6f73842552e9bfbd623d883c9a81d68b7d27b52d0afe71c
59ef9066fda9ca8321be862f345abff089ac1bf3391bbf96970f35e36127326f
59ff4e9457a98e72723231e1ad962b8c2a77c67f6c025dc6464843931d061c0f
5bfa7a1f9b011ff9eeec5012c1d3febbd4eccc5fbcd4c37fac09f7e418f68c77
5d1765ca16cb96e4294a5c96b2084b580e200a2743b1ff7805d18bd8348825e9
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2
605978486b6329be34c14251e67da55bcaf74cccfca0cff8f6c2af0c5d01efdf
608aafbb729ffdf0badf441cfa10a5ea7ddd36c581366e2111e72e7be7ab56b2
60d9368fc1deb5a275b3786195a53ef1272fc24b05a313aa52b1bfcc0a0356a3
62a6c980b8be129cceb54b1c6e63cbf6be73035a0580640635096fb0df2d51ec
65155ddf8de00bbf50c46ba24cd573be47010cca2f6cbc9da004ff4be85d7a8b
66696a676a1388595854580c9ae3c394b97940d8a3ad16a233b36eb3a2954eab
676788eac82d90570b7eb37cbe79b56ddb61b3884014e19515ed5d0b175518d6
6a4b335db1e6827fdfc3e0959b53794ea979623174eb24a38399700945d37a86
6b5f06f4c416c2ce194d302d93cfbfec6d5ba65dfc8a46eba7e7409b76cbac4f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bac28b40c710514ce42fda86320277f18b0c22a4ddb3091748cfe6493359a78
70d84fb2488de452b5fb4c72b46862817164e29fe4fca402d678dfbe9516ce49
72cd2d8c7b057f29808829a9a8854a9058f8e904e31e9d706461cb107f616ad2
732f871d22887c308ef5703fed91a3ec6c54bc21741d3620f4f6b16dfbb091da
7345db8b8745d32b70fbbb0867ab8488760e99ce94aa40a78e73ad7fcba15866
75ec3e404e4c328842025d951ad5eaed550d51c72c5ac4deb8832150482ac113
77e253f505244807bb3b20519289552308191f98fee3bf62a5ed216ef0027bbf
7b0508a8b415486a1bacdf0ed343e084263f32b72be8fb86cd26d013065d845e
7c762af386248c7ad03c1f5ea770168f0c37d96af76fe8f25d18584305450c3c
7ecee3d17bdfd84907b2c17706a97263ffc2c8319a9f054a26f02b2e0fef45f5
80942c0ab70d97e2cac8c112f9f93974ee51dd815582826ef230bf12039205e4
821e02b7009ed37828e3acf4c71ae2f7949acd106935854e5e668d75c07e8d37
831d4939d5a0ace858101f59431aa789e9716504db702f0585994e3f5fd5e301
83d8061755b2af258116569fa45f2acb43146776c825029a87dc6dee9f533fb4
84498695ecbb07321191e331c2aecadeec5e2ba73f44f3b4ed7442dbbf1c5c37
8454ce9694f1185fb10b621e30ef236af8d829f1509e09c1a40cba39ed5bbbb5
8459ce8cedefe43c38e7a0a53975193615fbb687d5a928257ea4a24c90aaf9ae
85b2c561e2ee75165affc9dbe2fc1619f89ca6f8aeb654d441edfa462a2c108e
9047eb71a12fed19b726ab21eb53954d07ef00ee0487987fbb56eff36d27c73d
91822d970ea4cb3dbae6039431aaebfd36c46997c43a53a507518eed6dc230b2
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
946a4a92ed1abe0bc69dabb3125912b3214b7545ef0b69abb8d531047dd326ac
9965a16489395bdc3ae5837024e3ca3a4c7db0a8fa7bfc489bb213f59f524d57
9a82a4d48a1c343596c8810b3f872aef15d18e37a7d61e08fc78e6b1b891c739
9b0e415f742585b82139fb7076506657dde225088247e2ac0fba6f88a3d19588
9c51263cec535a55fc11ef3d999ea77f33b818fdf86eec0f9c5bde38d843c401
9c645679176592c99db214d128163dfe65bb4f8709c344b0222c4767815a00b3
9c84848eabb78f797efc390c56a1c455e25a0db2ff008aa94001e921f4b26eb6
a2ef194ebea955025ec930aaa5c9adfb4bb5169751962ef42720c95982827d76
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a7430448bde3c859ac03ab1fe90fe0fa8eb2aed198ea7ce7ed0f680d60211ddb
aba9f67673e81fb64779d52a01bfe468d9b9136be14c162b7e7a583312b17763
abad800eef4590318ce848a32308654a8560d116fc60cb05b1df59520850a0b5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4
b1049fe5f2f34aa0664eeabe5d4db87a2bf777802c5c5fe7908f1fa729d841b0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5abf5b778d2b365d80d73fe19360dc9d79b037de4533335716e3a10cb02a19e
b758f60ab7ad38a56bdff71e6464b146312ea575f56ab7f6b05ed7f157f5bc48
b78572d6e55b45054a090026984daf46b05a13ce30e447ce9a5b7c69770cb632
b9794414a44c1039237fcb2a43cd8d05375467b69c4d127db58e7271d6b39293
b9b9103c60ef2c61de42660d6cd67a82d9816426f2b0f0c0a8fa3a1deae3538c
bd4c78cb4cd5c2c87a907794076f7a7f7392f9df50958389afbec8c40eb5da8a
be248a59e429cb9ff72564243af19177a7f1dc84b381cd91016d419b9578605d
be57a8393d9ca7cb84fe99087431ea21d7e704a7de02b421590c34712c3bb9b4
becfbf498f3cc9647d8fc8a70816cb1f3f73803a9fa293735cb9059c77854409
c0f02a3ba3b3498d9ff3243cd2185bbf9f9c961f1373b2b463dfa025c2d57c5b
c60536e1387fd63f18755c87e9028bc138c1cb11fc77a64a159777aae49a12b5
cb2d6cb819c3cc59956fa818cb6533576ea181f4414502dcb088c5066ceaad78
cbc8abcf771fbe0106242a5f0fb5c6abcee8f5e2eb295bd5099999bafe14f446
cd9c139673051af705b80d8eb599aa53d534b8d51674f0f8d4dea65a449e51e2
d134107061dcfaad34af3db635f5ca3b3e368bdeeada543ac4b2b6e183c6ecb8
d535f757e7ced792995e6376472d1100df0a2a917079594c0fb8b36fbd4606b3
d67eaa6e32c34eea44a3f90b36561f63181ed3d0407665e4e7dc48d54e5b266d
da54811903f321582bdd2c6372118cecd91633df420dd4d284040b1fcd82853e
df3317fe7031ec742daeed002d97da566a8648fbacb939fce19093f17a79d5c1
e174741c49c2a66a942b06181db94e005fdafa269cf97ff47ae892a598b7053a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e432a19e1b3956f866dab718842316e9eebb0ee2726455be5d941371ee7d2f05
e448116e10103fac5b8d2792eb69913f5af49e5df0bab64f0393ba1c806967dd
e6e69ae9133bcc7f46c03b0b6608b525ed2cf440c9a218649f9525368093836a
e7365c368e00e50181f5a1928278918afd89a19c7b31d86219248f0d4385d9a6
e81de8bc1c4751db1794e59e65f7eaa3c7868a0873e669f609896d1cfd441a59
e9cb184a26e5fdc110bd95c79ac2b2d1f392b741c9a4158ef3b653b31b37c75c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f305db2d4af7b28e5a52e4d3bb69b5cf0d232ac3c741743941621f6bccccce31
f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff5e5f296b0ef16c2c0d6fbc4f47680335eac8b0a452f413e032531e9788238a
ffd2b669b1e9644f9c9173f577c545125cd4424a599f3c6068f57299cc2f5368