urlscan.io logo urlscan.io
SecurityTrails logo

promo.nj.betmgm.com Open in urlscan Pro
172.64.155.6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://betmgm.com/
Effective URL: https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Submission Tags: falconsandbox
Submission: On August 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 34 IPs in 5 countries across 28 domains to perform 73 HTTP transactions. The main IP is 172.64.155.6, located in United States and belongs to CLOUDFLARENET, US. The main domain is promo.nj.betmgm.com. The Cisco Umbrella rank of the primary domain is 490986.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on July 14th 2022. Valid for: a year.
This is the only time promo.nj.betmgm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 74.217.235.86 13789 (INTERNAP-...)
3 172.64.155.6 13335 (CLOUDFLAR...)
6 104.16.163.243 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 172.217.16.198 15169 (GOOGLE)
1 2a04:4e42::396 54113 (FASTLY)
1 18.66.120.247 16509 (AMAZON-02)
5 2a03:2880:f01... 32934 (FACEBOOK)
2 35.201.79.141 15169 (GOOGLE)
2 5 185.89.211.116 29990 (ASN-APPNEX)
1 108.138.15.119 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 18.189.130.102 16509 (AMAZON-02)
3 52.223.40.198 16509 (AMAZON-02)
1 2 18.157.110.72 16509 (AMAZON-02)
1 2 3.228.232.15 14618 (AMAZON-AES)
1 199.232.16.157 54113 (FASTLY)
4 35.190.43.134 15169 (GOOGLE)
1 151.101.1.140 54113 (FASTLY)
1 34.102.240.186 15169 (GOOGLE)
4 107.154.132.121 19551 (INCAPSULA)
3 4 18.158.57.249 16509 (AMAZON-02)
9 9 18.194.56.109 16509 (AMAZON-02)
1 34.255.211.170 16509 (AMAZON-02)
6 2a03:2880:f11... 32934 (FACEBOOK)
3 104.244.42.197 13414 (TWITTER)
3 104.244.42.67 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 216.239.34.21 15169 (GOOGLE)
1 3 76.223.111.18 16509 (AMAZON-02)
1 52.87.80.8 14618 (AMAZON-AES)
1 3.126.196.52 16509 (AMAZON-02)
1 99.80.114.38 16509 (AMAZON-02)
73 34
1    74.217.235.86 (Staten Island, United States)

ASN13789 (INTERNAP-BLK3, US)
betmgm.com
3    172.64.155.6 (United States)

ASN13335 (CLOUDFLARENET, US)
promo.nj.betmgm.com
scmedia.nj.betmgm.com
6    104.16.163.243 (None, )

ASN13335 (CLOUDFLARENET, US)
scmedia.itsfogo.com
4    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net
9216824.fls.doubleclick.net
1    2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
1    18.66.120.247 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-120-247.fra60.r.cloudfront.net
sc-static.net
5    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    35.201.79.141 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 141.79.201.35.bc.googleusercontent.com
sdk-cdn.optimove.net
5    185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
ib.adnxs.com
1    108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net
js.adsrvr.org
1    2606:4700:10::ac43:149e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.quantummetric.com
3    2a02:26f0:3500:14::1724:a251 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tm.ads.sportradar.com
tracker.ads.sportradar.com
2    18.189.130.102 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-189-130-102.us-east-2.compute.amazonaws.com
collector-14871.us.tvsquared.com
3    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
2    18.157.110.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-110-72.eu-central-1.compute.amazonaws.com
tags.w55c.net
2    3.228.232.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-232-15.compute-1.amazonaws.com
trkn.us
1    199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)
static.ads-twitter.com
4    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
1    151.101.1.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
1    34.102.240.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.240.102.34.bc.googleusercontent.com
sdkuaservice.optimove.net
4    107.154.132.121 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.132.121.ip.incapdns.net
stream-705.optimove.net
realtime-705.optimove.net
4    18.158.57.249 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-57-249.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
9    18.194.56.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-56-109.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    34.255.211.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-211-170.eu-west-1.compute.amazonaws.com
echoback.ads.sportradar.com
6    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
3    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    216.239.34.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net
api.feedad.com
tags.feedad.com
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    52.87.80.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-80-8.compute-1.amazonaws.com
match.sharethrough.com
1    3.126.196.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-196-52.eu-central-1.compute.amazonaws.com
eu.sportradarserving.com
1    99.80.114.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-114-38.eu-west-1.compute.amazonaws.com
serving.ads.sportradar.com
Apex Domain
Subdomains		 Transfer
9 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
6 KB
7 optimove.net
sdk-cdn.optimove.net — Cisco Umbrella Rank: 24175
sdkuaservice.optimove.net — Cisco Umbrella Rank: 41786
stream-705.optimove.net — Cisco Umbrella Rank: 251129
realtime-705.optimove.net — Cisco Umbrella Rank: 257037
23 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 111
753 B
6 itsfogo.com
scmedia.itsfogo.com — Cisco Umbrella Rank: 117069
303 KB
5 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2550
eu.sportradarserving.com — Cisco Umbrella Rank: 62547
6 KB
5 sportradar.com
tm.ads.sportradar.com — Cisco Umbrella Rank: 57327
tracker.ads.sportradar.com — Cisco Umbrella Rank: 59273
echoback.ads.sportradar.com — Cisco Umbrella Rank: 97453
serving.ads.sportradar.com — Cisco Umbrella Rank: 62570
79 KB
5 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 463
ib.adnxs.com — Cisco Umbrella Rank: 230
5 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 158
299 KB
4 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 972
1 KB
4 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1320
insight.adsrvr.org — Cisco Umbrella Rank: 610
3 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
338 KB
4 betmgm.com
betmgm.com — Cisco Umbrella Rank: 128157
promo.nj.betmgm.com — Cisco Umbrella Rank: 490986
scmedia.nj.betmgm.com — Cisco Umbrella Rank: 769538
9 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 418
870 B
3 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 517
755 B
3 t.co
t.co — Cisco Umbrella Rank: 489
712 B
2 feedad.com
api.feedad.com — Cisco Umbrella Rank: 13633
tags.feedad.com — Cisco Umbrella Rank: 46335
478 B
2 trkn.us
trkn.us — Cisco Umbrella Rank: 1994
1 KB
2 w55c.net
tags.w55c.net — Cisco Umbrella Rank: 3752
1 KB
2 tvsquared.com
collector-14871.us.tvsquared.com — Cisco Umbrella Rank: 271906
9 KB
2 doubleclick.net
9216824.fls.doubleclick.net — Cisco Umbrella Rank: 302098
1 KB
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 544
279 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8811
870 B
1 google.com
adservice.google.com — Cisco Umbrella Rank: 88
889 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1466
157 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 606
15 KB
1 quantummetric.com
cdn.quantummetric.com — Cisco Umbrella Rank: 2475
69 KB
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 968
8 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1349
8 KB
73 28
Domain Requested by
9 x.bidswitch.net 9 redirects
6 www.facebook.com
6 scmedia.itsfogo.com promo.nj.betmgm.com
www.googletagmanager.com
scmedia.itsfogo.com
5 connect.facebook.net promo.nj.betmgm.com
connect.facebook.net
4 a.sportradarserving.com 3 redirects
4 tr.snapchat.com sc-static.net
4 secure.adnxs.com 2 redirects
4 www.googletagmanager.com promo.nj.betmgm.com
www.googletagmanager.com
3 eb2.3lift.com 1 redirects
3 analytics.twitter.com
3 t.co
3 insight.adsrvr.org js.adsrvr.org
2 realtime-705.optimove.net sdk-cdn.optimove.net
2 tracker.ads.sportradar.com tm.ads.sportradar.com
tracker.ads.sportradar.com
2 stream-705.optimove.net sdk-cdn.optimove.net
2 trkn.us 1 redirects
2 tags.w55c.net 1 redirects
2 collector-14871.us.tvsquared.com promo.nj.betmgm.com
2 sdk-cdn.optimove.net www.googletagmanager.com
sdk-cdn.optimove.net
2 9216824.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 promo.nj.betmgm.com promo.nj.betmgm.com
1 serving.ads.sportradar.com
1 eu.sportradarserving.com
1 tags.feedad.com
1 match.sharethrough.com
1 ib.adnxs.com
1 api.feedad.com
1 adservice.google.de adservice.google.com
1 adservice.google.com 9216824.fls.doubleclick.net
1 echoback.ads.sportradar.com
1 sdkuaservice.optimove.net sdk-cdn.optimove.net
1 alb.reddit.com
1 static.ads-twitter.com www.googletagmanager.com
1 tm.ads.sportradar.com promo.nj.betmgm.com
1 cdn.quantummetric.com promo.nj.betmgm.com
1 js.adsrvr.org www.googletagmanager.com
1 sc-static.net www.googletagmanager.com
1 www.redditstatic.com www.googletagmanager.com
1 scmedia.nj.betmgm.com promo.nj.betmgm.com
1 betmgm.com 1 redirects
73 40
Subject Issuer Validity Valid
*.nj.betmgm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-14 -
2023-08-14		 a year crt.sh
*.itsfogo.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-07 -
2023-03-08		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-03 -
2022-12-30		 6 months crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-01-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-03 -
2022-09-01		 3 months crt.sh
*.optimove.net
Sectigo RSA Domain Validation Secure Server CA		 2022-01-20 -
2023-02-20		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-16 -
2023-06-16		 a year crt.sh
tracker.ads.sportradar.com
R3		 2022-07-06 -
2022-10-04		 3 months crt.sh
*.us.tvsquared.com
Amazon		 2022-06-28 -
2023-07-27		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.snap.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-08-16		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-03 -
2022-12-30		 6 months crt.sh
imperva.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-05-29 -
2022-11-28		 6 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
api.feedad.com
GTS CA 1D4		 2022-07-02 -
2022-09-30		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
tags.feedad.com
GTS CA 1D4		 2022-08-07 -
2022-11-05		 3 months crt.sh
*.ads.sportradar.com
Amazon		 2022-08-17 -
2023-09-15		 a year crt.sh

This page contains 7 frames:

Primary Page: https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Frame ID: 04A684855DAC86A0AB5E53D54238ACCA
Requests: 65 HTTP requests in this frame

Frame: https://9216824.fls.doubleclick.net/activityi;dc_pre=COCF-e2L4vkCFb1JkQUduDkILQ;src=9216824;type=rosga0;cat=njpla0;ord=1;num=7773921730444;gtm=2wg8m0;auiddc=1514109753.1661433972;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com
Frame ID: 5B4915C474737F98CB5AADCDE6C3F02D
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=b1a7abb8-e191-45fa-9602-ec350d281e46&u_scsid=87dfbbd8-bf74-4698-8d1d-32f06882221d&u_sclid=bcfad3e4-19d8-4ea7-9f4a-e44337bcbac8
Frame ID: A30E8D9A81FAF36E760E2D506BF2A489
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=sg65m8v&ref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&upid=crmc3k8&upv=1.1.0
Frame ID: E74F99884437D3532ACA371D8998B277
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=hjmfil0&ref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&upid=4h8vcb4&upv=1.1.0
Frame ID: 1F3443C55785CF30843C6E00FE3D604B
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COCF-e2L4vkCFb1JkQUduDkILQ;src=9216824;type=rosga0;cat=njpla0;ord=1;num=7773921730444;gtm=2wg8m0;auiddc=1514109753.1661433972;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com
Frame ID: D640D8BE3200906C8FAA2D7EFF2641B7
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=COCF-e2L4vkCFb1JkQUduDkILQ;src=9216824;type=rosga0;cat=njpla0;ord=1;num=7773921730444;gtm=2wg8m0;auiddc=1514109753.1661433972;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com
Frame ID: 76D4CB9518861DE6DA73E1FF85AB096F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BetMGM

Page URL History Show full URLs

  1. http://betmgm.com/ HTTP 302
    https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js

Page Statistics

73
Requests

85 %
HTTPS

23 %
IPv6

28
Domains

40
Subdomains

34
IPs

5
Countries

1178 kB
Transfer

4134 kB
Size

42
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://betmgm.com/ HTTP 302
    https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://9216824.fls.doubleclick.net/activityi;src=9216824;type=rosga0;cat=njpla0;ord=1;num=7773921730444;gtm=2wg8m0;auiddc=1514109753.1661433972;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com HTTP 302
  • https://9216824.fls.doubleclick.net/activityi;dc_pre=COCF-e2L4vkCFb1JkQUduDkILQ;src=9216824;type=rosga0;cat=njpla0;ord=1;num=7773921730444;gtm=2wg8m0;auiddc=1514109753.1661433972;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com
Request Chain 17
  • https://secure.adnxs.com/px?id=1092773&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1092773%26t%3D1
Request Chain 18
  • https://secure.adnxs.com/seg?add=17453349&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17453349%26t%3D1
Request Chain 24
  • https://tags.w55c.net/rs?id=f1f9fc1f7bf949b9a52bed5cb8e91ffe&t=checkout&tx=$TRANSACTION_ID&sku=$SKUS&price=$price&gtmcb=2107409753 HTTP 302
  • https://tags.w55c.net/rs?sccid=d9154f5e-ab44-e9e0-19e5-dd392750d408&scc=1&id=f1f9fc1f7bf949b9a52bed5cb8e91ffe&t=checkout&tx=$TRANSACTION_ID&sku=$SKUS&price=$price&gtmcb=2107409753
Request Chain 25
  • https://trkn.us/pixel/conv/ppt=18374;g=ros;gid=42263;ord=1801540681?gtmcb=209342773 HTTP 302
  • https://trkn.us/pixel/conv/ppt=18374;g=ros;gid=42263;ord=1801540681?gtmcb=209342773;ip=37.58.57.4;cuidchk=1
Request Chain 41
  • https://a.sportradarserving.com/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId= HTTP 302
  • https://x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=4610c6d8-92cc-4973-a67b-cb21c8e80649&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D4610c6d8-92cc-4973-a67b-cb21c8e80649 HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=4610c6d8-92cc-4973-a67b-cb21c8e80649&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D4610c6d8-92cc-4973-a67b-cb21c8e80649 HTTP 302
  • https://echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=4610c6d8-92cc-4973-a67b-cb21c8e80649
Request Chain 42
  • https://a.sportradarserving.com/pixel?type=js&aid=1119&id=1834 HTTP 302
  • https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1119&id=1834
Request Chain 58
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=4610c6d8-92cc-4973-a67b-cb21c8e80649&cb=ea4375ca-219e-4304-9ed0-955b2a87a576 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=4610c6d8-92cc-4973-a67b-cb21c8e80649&cb=ea4375ca-219e-4304-9ed0-955b2a87a576 HTTP 302
  • https://ib.adnxs.com/setuid?entity=388&code=f468ae4f-1ef5-46dc-aa2a-4f61912432dc
Request Chain 59
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=4610c6d8-92cc-4973-a67b-cb21c8e80649&cb=19512d1a-ebe4-4ca9-b30c-07d38ad0a50e HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=4610c6d8-92cc-4973-a67b-cb21c8e80649&cb=19512d1a-ebe4-4ca9-b30c-07d38ad0a50e HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=f468ae4f-1ef5-46dc-aa2a-4f61912432dc&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=f468ae4f-1ef5-46dc-aa2a-4f61912432dc&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
Request Chain 60
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=4610c6d8-92cc-4973-a67b-cb21c8e80649&cb=edd0bd64-9305-4cf8-89d0-b703fcb9b1df HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=4610c6d8-92cc-4973-a67b-cb21c8e80649&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Request Chain 63
  • https://x.bidswitch.net/syncd?dsp_id=409&user_id=4610c6d8-92cc-4973-a67b-cb21c8e80649&user_group=3&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=4610c6d8-92cc-4973-a67b-cb21c8e80649&user_group=3&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D HTTP 302
  • https://eu.sportradarserving.com/bsw_sync?bsw_uid=f468ae4f-1ef5-46dc-aa2a-4f61912432dc

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request geolocator
promo.nj.betmgm.com/en/promo/
Redirect Chain
  • http://betmgm.com/
  • https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
39 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af99ee516c363d495bd72314edf41eeb172b4b8d5f0fbb3448a7177968273f7
Security Headers
Name Value
Content-Security-Policy frame-src *
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7404a872482f8fd4-FRA
content-encoding
br
content-security-policy
frame-src *
content-type
text/html; charset=utf-8
date
Thu, 25 Aug 2022 13:26:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
-1
pragma
no-cache
server
cloudflare
server-timing
vanilla;dur=52.8789
strict-transport-security
max-age=2592000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
de-DE,de;q=0.9
Cache-Control
no-cache
Content-Type
text/html; charset=utf-8
Date
Thu, 25 Aug 2022 13:26:11 GMT
Host
betmgm.com
Location
https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Pragma
no-cache
Transfer-Encoding
chunked
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Vary
User-Agent
X-Forwarded-For
37.58.57.4
X-Redirect-Source
Redirex
inject_wrapper_ccb.js
promo.nj.betmgm.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://promo.nj.betmgm.com/inject_wrapper_ccb.js
Requested by
Host: promo.nj.betmgm.com
URL: https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src *
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
server-timing
vanilla;dur=19.4937
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
content-security-policy
frame-src *
cf-ray
7404a8738a218fd4-FRA
expires
-1
f7c2eab99818481bafc68590d279f3ea.svg
scmedia.nj.betmgm.com/$-$/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scmedia.nj.betmgm.com/$-$/f7c2eab99818481bafc68590d279f3ea.svg
Requested by
Host: promo.nj.betmgm.com
URL: https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50b33426b52a8e4fbca5013c487962cd8e86ceb118e0b96deb0d33a3a78179f4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:11 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
55461
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
last-modified
Tue, 04 Feb 2020 15:01:00 GMT
server
cloudflare
etag
W/"F7C2EAB99818481BAFC68590D279F3EA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
7404a873ba6e8fd4-FRA
access-control-allow-headers
*
expires
Fri, 25 Aug 2023 13:26:11 GMT
b1b287353a8d432eb04cf105708fbf2b.js
scmedia.itsfogo.com/$-$/ 		49 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scmedia.itsfogo.com/$-$/b1b287353a8d432eb04cf105708fbf2b.js
Requested by
Host: promo.nj.betmgm.com
URL: https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.163.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c1e6257003a5210dd3c5c13fb8f87ba0eb7130cbb83a48263b36ed7dc597bfc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:11 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
15050644
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
last-modified
Fri, 04 Mar 2022 07:18:25 GMT
server
cloudflare
etag
W/"B1B287353A8D432EB04CF105708FBF2B"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
7404a873ebea911f-FRA
access-control-allow-headers
*
expires
Fri, 25 Aug 2023 13:26:11 GMT
178f7cb9b67c48e9b74586da04087e47.js
scmedia.itsfogo.com/$-$/ 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scmedia.itsfogo.com/$-$/178f7cb9b67c48e9b74586da04087e47.js
Requested by
Host: promo.nj.betmgm.com
URL: https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.163.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09bd9311931b56231b2fb2c836c4bcfa71976fcc6a20c7e91163f7fb81eaeedd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:11 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
4420494
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
last-modified
Tue, 05 Jul 2022 04:12:25 GMT
server
cloudflare
etag
W/"178F7CB9B67C48E9B74586DA04087E47"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
7404a873ebeb911f-FRA
access-control-allow-headers
*
expires
Fri, 25 Aug 2023 13:26:11 GMT
7c4f4e90143a4b72bb928b841e776555.jpg
scmedia.itsfogo.com/$-$/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scmedia.itsfogo.com/$-$/7c4f4e90143a4b72bb928b841e776555.jpg
Requested by
Host: promo.nj.betmgm.com
URL: https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.163.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e49e52f2ac57c0c0b0b316cbf98a528b7b0bacc14947eec07b94fa1f7a33a975
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:11 GMT
vary
Accept
cf-cache-status
HIT
age
965097
cf-polished
qual=85, origFmt=jpeg, origSize=403878
content-disposition
inline; filename="7c4f4e90143a4b72bb928b841e776555.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80188
timing-allow-origin
*
last-modified
Tue, 31 Aug 2021 16:47:41 GMT
server
cloudflare
etag
"7C4F4E90143A4B72BB928B841E776555"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 25 Aug 2023 13:26:11 GMT
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7404a873ebe9911f-FRA
access-control-allow-headers
*
cf-bgj
imgq:85,h2pri
gtm.js
www.googletagmanager.com/ 		603 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N48RN3R
Requested by
Host: promo.nj.betmgm.com
URL: https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9cfc861f421f1cbdb89445aa732f5267f8e3b35072ce2f74998505d795c7543d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108740
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 25 Aug 2022 13:26:12 GMT
2dd8d17ccccc479588f0dc8f8cbabf0e.otf
scmedia.itsfogo.com/$-$/ 		157 KB
157 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://scmedia.itsfogo.com/$-$/2dd8d17ccccc479588f0dc8f8cbabf0e.otf
Requested by
Host: promo.nj.betmgm.com
URL: https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.163.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56daf9cf0d870f68417c6d388f03414d00d10fbbe70248ddc3130bf7ab7f2330
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://promo.nj.betmgm.com/
Origin
https://promo.nj.betmgm.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:11 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
63544
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
last-modified
Wed, 23 Oct 2019 15:11:59 GMT
server
cloudflare
etag
W/"2DD8D17CCCCC479588F0DC8F8CBABF0E"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
7404a874cfc39231-FRA
access-control-allow-headers
*
expires
Fri, 25 Aug 2023 13:26:11 GMT
a7a8e4316295438093f94c5a11cb9a59.js
scmedia.itsfogo.com/$-$/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scmedia.itsfogo.com/$-$/a7a8e4316295438093f94c5a11cb9a59.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N48RN3R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.163.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f36e62821d38776e807b1e6eb32d49917c5b9fda0f769d29215aabf4daac5a6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:12 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
7964454
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
last-modified
Tue, 10 May 2022 05:36:27 GMT
server
cloudflare
etag
W/"A7A8E4316295438093F94C5A11CB9A59"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
7404a875be5f690a-FRA
access-control-allow-headers
*
expires
Fri, 25 Aug 2023 13:26:12 GMT
gtm.js
www.googletagmanager.com/ 		477 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WLHF3HF&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N48RN3R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f5250f75e34ae244f42aa307c21d618fe00e72199f0e0607be5d09de0610ba05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101457
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 25 Aug 2022 13:26:12 GMT
gtm.js
www.googletagmanager.com/ 		334 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W269F47&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N48RN3R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dc33172a8b9a87ac658e278513354107c74bb42ad8aa7b9b056006ff83cc472c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72770
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 12:30:59 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 25 Aug 2022 13:26:12 GMT
gtm.js
www.googletagmanager.com/ 		300 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N9DJMRX&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N48RN3R
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4f8484c767f75bd497059e2210b8901b711755ca00dbd84c6d4f3e1774716c15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:12 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62494
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 25 Aug 2022 13:26:12 GMT
257186f2d4e04ba1a11043e517ef0f1b.js
scmedia.itsfogo.com/$-$/ 		70 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scmedia.itsfogo.com/$-$/257186f2d4e04ba1a11043e517ef0f1b.js
Requested by
Host: scmedia.itsfogo.com
URL: https://scmedia.itsfogo.com/$-$/a7a8e4316295438093f94c5a11cb9a59.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.163.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4daac2f4f6206cbb67a15711293b2a35b6044f964fda598b5ff4e360b7453d83
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:12 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
13319771
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
last-modified
Tue, 22 Mar 2022 14:06:01 GMT
server
cloudflare
etag
W/"257186F2D4E04BA1A11043E517EF0F1B"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
7404a8760edd690a-FRA
access-control-allow-headers
*
expires
Fri, 25 Aug 2023 13:26:12 GMT
activityi;dc_pre=COCF-e2L4vkCFb1JkQUduDkILQ;src=9216824;type=rosga0;cat=njpla0;ord=1;num=7773921730444;gtm=2wg8m0;auiddc=1514109753.1661433972;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fge...
9216824.fls.doubleclick.net/ Frame 5B49
Redirect Chain
  • https://9216824.fls.doubleclick.net/activityi;src=9216824;type=rosga0;cat=njpla0;ord=1;num=7773921730444;gtm=2wg8m0;auiddc=1514109753.1661433972;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2F...
  • https://9216824.fls.doubleclick.net/activityi;dc_pre=COCF-e2L4vkCFb1JkQUduDkILQ;src=9216824;type=rosga0;cat=njpla0;ord=1;num=7773921730444;gtm=2wg8m0;auiddc=1514109753.1661433972;u8=https%3A%2F%2Fp...
622 B
446 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9216824.fls.doubleclick.net/activityi;dc_pre=COCF-e2L4vkCFb1JkQUduDkILQ;src=9216824;type=rosga0;cat=njpla0;ord=1;num=7773921730444;gtm=2wg8m0;auiddc=1514109753.1661433972;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLHF3HF&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f6.1e100.net
Software
cafe /
Resource Hash
c2af519def3cfba2adc211aa6e6742c13c4b49538e2ed24cbd590f2f356e9380
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
421
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 13:26:12 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 13:26:12 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9216824.fls.doubleclick.net/activityi;dc_pre=COCF-e2L4vkCFb1JkQUduDkILQ;src=9216824;type=rosga0;cat=njpla0;ord=1;num=7773921730444;gtm=2wg8m0;auiddc=1514109753.1661433972;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel.js
www.redditstatic.com/ads/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLHF3HF&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:12 GMT
via
1.1 varnish, 1.1 varnish
last-modified
Tue, 19 Jul 2022 22:48:09 GMT
server
snooserv
etag
"95212d33cfff78ad59f5af5b20c48c53"
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
accept-ranges
bytes
content-encoding
gzip
content-length
7722
scevent.min.js
sc-static.net/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLHF3HF&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.120.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-120-247.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
b1c8384f493600f8ca471b69029eb14dc4a9b7e4070305c2f418752d0fc4ceef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:12 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
FRA60-P2
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
7905
via
1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
x-amz-cf-id
TCELG7wJs9Mlsgg6vtgEod2svQACicE-6lrbBg-oG2KYP02buhZA-Q==
fbevents.js
connect.facebook.net/en_US/ 		100 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: promo.nj.betmgm.com
URL: https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aba13e76e0dfc68cd2710d1745d55c6b210cb2bec6ecd14a541615b685af8564
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26535
x-xss-protection
0
pragma
public
x-fb-debug
ELNB7ivhr0YR/LlEdNSYemtpnaDzl8gX9nkywmrOdQF+EuhDwUqEL9Jnw6jNbkxMKOoRShJLcVihY+kqZt7RAQ==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 25 Aug 2022 13:26:12 GMT
vary
Accept-Encoding
x-content-cdn-origin-ts
1661433755191
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk-v1.0.7.js
sdk-cdn.optimove.net/websdk/ 		47 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk-cdn.optimove.net/websdk/sdk-v1.0.7.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLHF3HF&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.79.141 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
141.79.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ea72d65510bac7fef3b1e6751e4498724db58a44048c20418e4ab0b150b8f5ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 17:36:33 GMT
content-encoding
gzip
age
71379
x-guploader-uploadid
ADPycdsprcTRbfKV6yNGyJkkuel1KS3SSYd5UjAV-CCush2obnKnOd46sihzPOqERe7Tq5bgal7KTA3APDLlpLbpQj4jSiwDFIiO
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16535
last-modified
Mon, 08 Aug 2022 09:25:09 GMT
server
UploadServer
etag
"342d44d7bb3876b754e0b9a663cd6098"
x-goog-hash
crc32c=/7+NuQ==, md5=NC1E17s4drdU4LmmY81gmA==
x-goog-generation
1659950709340451
cache-control
public,max-age=3600,no-transform
x-goog-stored-content-length
16535
accept-ranges
bytes
content-type
application/javascript
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1092773&t=1
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1092773%26t%3D1
0
1011 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1092773%26t%3D1
Protocol
HTTP/1.1
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 13:26:12 GMT
X-Proxy-Origin
37.58.57.4; 37.58.57.4; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
74e19aa5-46f9-4089-80ae-f541393d8fde
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 13:26:12 GMT
X-Proxy-Origin
37.58.57.4; 37.58.57.4; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
3a14faed-67d3-449a-b273-d727f17bc3ca
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1092773%26t%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=17453349&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17453349%26t%3D1
0
1011 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17453349%26t%3D1
Protocol
HTTP/1.1
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 13:26:12 GMT
X-Proxy-Origin
37.58.57.4; 37.58.57.4; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
91303a63-0a3e-4794-88da-77eb0f5b7ed2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 13:26:12 GMT
X-Proxy-Origin
37.58.57.4; 37.58.57.4; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
2f618453-459b-437e-8c46-80762a6100ee
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17453349%26t%3D1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLHF3HF&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-15-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 24 Aug 2022 19:33:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
64372
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-P7
X-Amz-Cf-Id
pbcQ0IGN1rIizTvI5MZBfGehFEU5DnVgSVZY9XCoqfBmfLgglmoLDA==
quantum-betmgm.js
cdn.quantummetric.com/qscripts/ 		209 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.quantummetric.com/qscripts/quantum-betmgm.js
Requested by
Host: promo.nj.betmgm.com
URL: https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:149e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
344802332a1d8d95b6ef9230affb1999cecea5ff9411292a2e3fdd62f520396b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:13 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
etag
W/"161463034887116613605351101661414402426"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
strict-transport-security
max-age=31536000
cf-ray
7404a87738ac9168-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
tag-manager.js
tm.ads.sportradar.com/dist/ 		278 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAALF
Requested by
Host: promo.nj.betmgm.com
URL: https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:14::1724:a251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
391a026f0b01e8f1d634c79ca77b2539cdf9b9080ae0e0ef0ce920ce0319de2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:12 GMT
content-encoding
gzip
cache-control
max-age=900, public
vary
Accept-Encoding
content-type
application/javascript
x-n
S
content-length
37043
apigw-requestid
Xa_COh_6joEEM5w=
tv2track.js
collector-14871.us.tvsquared.com/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://collector-14871.us.tvsquared.com/tv2track.js
Requested by
Host: promo.nj.betmgm.com
URL: https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.130.102 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-130-102.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 13:26:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 11:01:47 GMT
Server
nginx
ETag
"6306051b-2133"
Content-Type
application/javascript
Cache-Control
max-age=600
Connection
keep-alive
X-Robots-Tag
noindex
Content-Length
8499
Expires
Thu, 25 Aug 2022 13:36:12 GMT
/
insight.adsrvr.org/track/pxl/ 		70 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=hjmfil0&ct=0:7evc7kx&fmt=3&gtmcb=843046193
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 13:26:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rs
tags.w55c.net/
Redirect Chain
  • https://tags.w55c.net/rs?id=f1f9fc1f7bf949b9a52bed5cb8e91ffe&t=checkout&tx=$TRANSACTION_ID&sku=$SKUS&price=$price&gtmcb=2107409753
  • https://tags.w55c.net/rs?sccid=d9154f5e-ab44-e9e0-19e5-dd392750d408&scc=1&id=f1f9fc1f7bf949b9a52bed5cb8e91ffe&t=checkout&tx=$TRANSACTION_ID&sku=$SKUS&price=$price&gtmcb=2107409753
42 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.w55c.net/rs?sccid=d9154f5e-ab44-e9e0-19e5-dd392750d408&scc=1&id=f1f9fc1f7bf949b9a52bed5cb8e91ffe&t=checkout&tx=$TRANSACTION_ID&sku=$SKUS&price=$price&gtmcb=2107409753
Protocol
HTTP/1.1
Server
18.157.110.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-110-72.eu-central-1.compute.amazonaws.com
Software
Retargeting/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-0b4faee82b62afb2e@eu-central-1b@dxedge-app-eu-central-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 13:26:12 GMT
Server
Retargeting/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-0b4faee82b62afb2e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 13:26:11 GMT
Server
Retargeting/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-083ca9c8ddef9a183@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://tags.w55c.net/rs?sccid=d9154f5e-ab44-e9e0-19e5-dd392750d408&scc=1&id=f1f9fc1f7bf949b9a52bed5cb8e91ffe&t=checkout&tx=$TRANSACTION_ID&sku=$SKUS&price=$price&gtmcb=2107409753
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
ppt=18374;g=ros;gid=42263;ord=1801540681
trkn.us/pixel/conv/
Redirect Chain
  • https://trkn.us/pixel/conv/ppt=18374;g=ros;gid=42263;ord=1801540681?gtmcb=209342773
  • https://trkn.us/pixel/conv/ppt=18374;g=ros;gid=42263;ord=1801540681?gtmcb=209342773;ip=37.58.57.4;cuidchk=1
42 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trkn.us/pixel/conv/ppt=18374;g=ros;gid=42263;ord=1801540681?gtmcb=209342773;ip=37.58.57.4;cuidchk=1
Protocol
HTTP/1.1
Server
3.228.232.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-232-15.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 13:26:12 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Thu, 25 Aug 2022 13:26:12 GMT
X-Content-Type-Options
nosniff
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/pixel/conv/ppt=18374;g=ros;gid=42263;ord=1801540681?gtmcb=209342773;ip=37.58.57.4;cuidchk=1
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
0
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLHF3HF&l=dataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1287fc0aa84dc8d13adf7173f344a0143511840be8c95fa6203396984a462d4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:12 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 17:42:23 GMT
etag
"58faa0bb9a63121ea57a3106609bc291+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
15291
x-served-by
cache-iad-kiad7000171-IAD, cache-vie6342-VIE
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.77
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
20715
x-xss-protection
0
pragma
public
x-fb-debug
GitmYZ+wyn3/tsuCoDjBcxQwG6wxd9RuZfY2HY2GemsPZAGfaApSPIiS6n6FrDY25EAzvIr4vOdj7wnbm1SGwg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 25 Aug 2022 13:26:12 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1661433537195
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
493355708326828
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/493355708326828?v=2.9.77&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9dc0df577864d74eddbec7c75751966107a79e43d5c1fd3eed6f87fe2c2b4e6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86047
x-xss-protection
0
pragma
public
x-fb-debug
44i/wNqcWT5FdNeJ4NOQYrgfOmoxK6HkvucyldL01I271WXlQDExyTrK3kTUV5XFG+Uz7BJgg8R5f5wzZ9fMog==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 25 Aug 2022 13:26:12 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1661433846321
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
init
tr.snapchat.com/ 		126 B
483 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/init?pids=b1a7abb8-e191-45fa-9602-ec350d281e46
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
5401c21a3cd89bdad51073e73536d7f4625bcf02d1cbdcf355363e60d4de5a76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:12 GMT
content-encoding
gzip
server
API Gateway
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://promo.nj.betmgm.com
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via
1.1 google
is_enabled
tr.snapchat.com/collector/ 		78 B
165 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/collector/is_enabled?pids=b1a7abb8-e191-45fa-9602-ec350d281e46&tld=com
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
8dc96d1f370f1931b0dc5b7f00be6ffadc384b61eb48e0a681e5dc05c830baa2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:12 GMT
content-encoding
gzip
server
API Gateway
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://promo.nj.betmgm.com
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via
1.1 google
i
tr.snapchat.com/cm/ Frame A30E 		0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=b1a7abb8-e191-45fa-9602-ec350d281e46&u_scsid=87dfbbd8-bf74-4698-8d1d-32f06882221d&u_sclid=bcfad3e4-19d8-4ea7-9f4a-e44337bcbac8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.nj.betmgm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 25 Aug 2022 13:26:12 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
web-configuration.1.0.0.js
sdk-cdn.optimove.net/webconfig/fa4ab4327366119d61a08004300f13faf922b4e0129f500fcd21733c1a0f8e77/ 		65 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk-cdn.optimove.net/webconfig/fa4ab4327366119d61a08004300f13faf922b4e0129f500fcd21733c1a0f8e77/web-configuration.1.0.0.js
Requested by
Host: sdk-cdn.optimove.net
URL: https://sdk-cdn.optimove.net/websdk/sdk-v1.0.7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.79.141 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
141.79.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
09ec372e30ccd964dd2f6b02029c5118c523a5011e6ba5e77a175d679e0b4dad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:12:23 GMT
content-encoding
gzip
age
829
x-guploader-uploadid
ADPycdtVdP4ehdm4c9MljyVmx2CrxjjvOAKhyn2xmGh4DVa6rcnygbbhv9H9IGPWPtf_WSqcfJdfL4O5wpqDQmjfB-RUBQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5338
last-modified
Mon, 31 Jan 2022 11:33:03 GMT
server
UploadServer
etag
"0f2221b00a7672bd9e82e7a6a1eebc77"
vary
Accept-Encoding
x-goog-hash
crc32c=Vlr2kg==, md5=DyIhsAp2cr2eguemoe68dw==
x-goog-generation
1643628783582327
cache-control
public,max-age=3600
x-goog-stored-content-length
5338
accept-ranges
bytes
content-type
application/javascript
rp.gif
alb.reddit.com/ 		42 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1661433972403&id=t2_5rqjc17d&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=e380845a-c5ea-4d77-8d08-883830aaf525&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_02c59ad6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:13 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
p
tr.snapchat.com/ 		68 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?trackId=00ff7beb-3566-4d8b-88eb-b2f381d99341&pid=b1a7abb8-e191-45fa-9602-ec350d281e46&ev=PAGE_VIEW&pl=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&ts=1661433972407&rf=&v=1.6.0&if=false&bt=1d53c387&intg=gtm&m_sl=1113&m_rd=1150&m_pi=702.5&m_dcl=711.1999988555908&m_fcps=634.7999992370605&m_pl=1051.5&m_ic=0&m_pv=v2&u_c1=210f80d8-1ecd-4928-bad0-0c9aaf034741&u_scsid=87dfbbd8-bf74-4698-8d1d-32f06882221d&u_sclid=bcfad3e4-19d8-4ea7-9f4a-e44337bcbac8&s_r_ids=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:12 GMT
via
1.1 google
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
432560294477527
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/432560294477527?v=2.9.77&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7a1faeb950ae56ecfc2c476d108c2870eb6a3f975ba83043955fbd46928effe5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86179
x-xss-protection
0
pragma
public
x-fb-debug
CHYyNB9QQOOJKyOoIoWmn01YCBzktD4+prMmi8M+fI0jP6pIuq/jxd3JXnn299j+YrCxtmphfAXVZd6+dNIexg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 25 Aug 2022 13:26:12 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1661433847137
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
up
insight.adsrvr.org/track/ Frame E74F 		0
181 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=sg65m8v&ref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&upid=crmc3k8&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo.nj.betmgm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html
date
Thu, 25 Aug 2022 13:26:12 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
up
insight.adsrvr.org/track/ Frame 1F34 		0
181 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=hjmfil0&ref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&upid=4h8vcb4&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo.nj.betmgm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html
date
Thu, 25 Aug 2022 13:26:12 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
/
sdkuaservice.optimove.net/ 		414 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdkuaservice.optimove.net/
Requested by
Host: sdk-cdn.optimove.net
URL: https://sdk-cdn.optimove.net/websdk/sdk-v1.0.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.240.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.240.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
14dbde9c96ed4bf66a2f54350d56689107a555b5eeef18770603316f8dfd21d7

Request headers

Referer
https://promo.nj.betmgm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=utf-8

Response headers

access-control-allow-origin
*
date
Thu, 25 Aug 2022 13:26:12 GMT
via
1.1 google
x-powered-by
Express
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
414
content-type
application/json
/
stream-705.optimove.net/ 		49 B
442 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stream-705.optimove.net/
Requested by
Host: sdk-cdn.optimove.net
URL: https://sdk-cdn.optimove.net/websdk/sdk-v1.0.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.132.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.132.121.ip.incapdns.net
Software
/ Express
Resource Hash
c22caf8eee94e7e90bb1029fd4af363b5826d865c69ef4fd9c33b9b8c1f7169c

Request headers

Accept
application/json
Referer
https://promo.nj.betmgm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
X-Request-ID
5a9d77eb-af73-4c1d-91da-97e31350aa1c
Content-Type
application/json

Response headers

date
Thu, 25 Aug 2022 13:26:13 GMT
via
1.1 google
etag
W/"31-fHVfWkNspEPodWFQ1u0jaJDx2ZQ"
x-cdn
Imperva
x-powered-by
Express
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-iinfo
9-33386758-33386781 PNYN RT(1661433971922 467) q(0 0 0 1) r(1 1) U6
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tracker.js
tracker.ads.sportradar.com/dist/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.ads.sportradar.com/dist/tracker.js
Requested by
Host: tm.ads.sportradar.com
URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAALF
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:14::1724:a251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
feda67648acd203488c2c74a84f52bef7a05a3154a00cb2fbc94c62d559afb46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:12 GMT
content-encoding
gzip
last-modified
Wed, 20 Jan 2021 14:51:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"5ff82a1c468a89919e9437d33e0402cb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900, public
accept-ranges
bytes
content-length
11553
x-amz-cf-id
3lLMCbxWZLYp-1icc1KNO2z2UzI6YChuh5-iq2bP8oQT1Ht_L4TIZQ==
_adsCookieSyncCallback
echoback.ads.sportradar.com/echoBack/
Redirect Chain
  • https://a.sportradarserving.com/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
  • https://a.sportradarserving.com/ul_cb/sync?source=sr&redirect=//echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=
  • https://x.bidswitch.net/syncd?dsp_id=409&user_group=1&user_id=4610c6d8-92cc-4973-a67b-cb21c8e80649&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId%3D461...
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_group=1&user_id=4610c6d8-92cc-4973-a67b-cb21c8e80649&redir=https%3A%2F%2Fechoback.ads.sportradar.com%2FechoBack%2F_adsCookieSyncCallback%3FuserId...
  • https://echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=4610c6d8-92cc-4973-a67b-cb21c8e80649
74 B
384 B 		Script
General
Check archive.org
Download Go to
Full URL
https://echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=4610c6d8-92cc-4973-a67b-cb21c8e80649
Protocol
H2
Server
34.255.211.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-211-170.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ea1bc42ac8db9e7813ca908d4407cf7682c1f659c49b4d64fae3650cb8fa8bbf
Security Headers
Name Value
Content-Security-Policy script-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 13:26:13 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
application/javascript
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'self'
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
74
x-xss-protection
1; mode=block
expires
0

Redirect headers

Location
https://echoback.ads.sportradar.com/echoBack/_adsCookieSyncCallback?userId=4610c6d8-92cc-4973-a67b-cb21c8e80649
Date
Thu, 25 Aug 2022 13:26:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
a.sportradarserving.com/ul_cb/
Redirect Chain
  • https://a.sportradarserving.com/pixel?type=js&aid=1119&id=1834
  • https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1119&id=1834
2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1119&id=1834
Protocol
HTTP/1.1
Server
18.158.57.249 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-57-249.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0c93ca542532cc04d6b409e8965b0347a151e3abf2b6d4e1e42fbcc914a31623

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 13:26:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
2325
Content-Type
text/javascript; charset=UTF-8

Redirect headers

Location
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1119&id=1834
Date
Thu, 25 Aug 2022 13:26:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
stream-705.optimove.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://stream-705.optimove.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.132.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.132.121.ip.incapdns.net
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id
Access-Control-Request-Method
POST
Origin
https://promo.nj.betmgm.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-request-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 25 Aug 2022 13:26:12 GMT
vary
Access-Control-Request-Headers
via
1.1 google
x-cdn
Imperva
x-iinfo
9-33386758-33386781 NNNN CT(1 4 0) RT(1661433971922 129) q(0 0 0 0) r(0 0) U6
x-powered-by
Express
2286876164657123
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2286876164657123?v=2.9.77&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
59c64bfe4c64abfae9efcedc96ed393d756d6d7ab7ff193846ef7944fa8554d3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86009
x-xss-protection
0
pragma
public
x-fb-debug
rgo/QuxJHsK1Qj2TxHPKqaEGzOQ+pzH0PfmBB23GFRGlazqcMwvtimE5UfrkVkybz4yMs/aejegTRvQ8mQgP9A==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 25 Aug 2022 13:26:12 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1661433847443
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=493355708326828&ev=PageView&dl=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&rl=&if=false&ts=1661433972641&sw=1600&sh=1200&v=2.9.77&r=stable&ec=0&o=30&fbp=fb.1.1661433972640.198691196&it=1661433972355&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 25 Aug 2022 13:26:12 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=432560294477527&ev=PageView&dl=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&rl=&if=false&ts=1661433972642&sw=1600&sh=1200&v=2.9.77&r=stable&ec=0&o=30&fbp=fb.1.1661433972640.198691196&it=1661433972355&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 25 Aug 2022 13:26:12 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2286876164657123&ev=PageView&dl=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&rl=&if=false&ts=1661433972687&sw=1600&sh=1200&v=2.9.77&r=stable&ec=0&o=30&fbp=fb.1.1661433972640.198691196&it=1661433972355&coo=false&tm=1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 25 Aug 2022 13:26:12 GMT
adsct
t.co/i/ 		43 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=22bc6e4f-3b90-4830-beb7-f56e53f76395&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=1d8bbbf5-b2e6-4649-9c64-9e4ebaef0d93&tw_document_href=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1vs8&type=javascript&version=2.3.26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-response-time
178
date
Thu, 25 Aug 2022 13:26:12 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
0672e9a1c5f451d0b61a8e0a1d0d5614bb792857dbf1c8b628611a21896d083f
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=22bc6e4f-3b90-4830-beb7-f56e53f76395&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=1d8bbbf5-b2e6-4649-9c64-9e4ebaef0d93&tw_document_href=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1vs8&type=javascript&version=2.3.26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-response-time
169
date
Thu, 25 Aug 2022 13:26:12 GMT
server
tsa_o
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
8b8ff4b0b062e98a398a88f3b1c6d95c30613055bfe16d2fd69c9a154ca288ff
content-length
43
adsct
t.co/i/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=40da888a-2e89-4374-853c-2cbec54d6e87&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=1d8bbbf5-b2e6-4649-9c64-9e4ebaef0d93&tw_document_href=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2f4c&type=javascript&version=2.3.26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-response-time
176
date
Thu, 25 Aug 2022 13:26:12 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
0672e9a1c5f451d0b61a8e0a1d0d5614bb792857dbf1c8b628611a21896d083f
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=40da888a-2e89-4374-853c-2cbec54d6e87&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=1d8bbbf5-b2e6-4649-9c64-9e4ebaef0d93&tw_document_href=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2f4c&type=javascript&version=2.3.26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-response-time
170
date
Thu, 25 Aug 2022 13:26:12 GMT
server
tsa_o
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
8b8ff4b0b062e98a398a88f3b1c6d95c30613055bfe16d2fd69c9a154ca288ff
content-length
43
adsct
t.co/i/ 		43 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=bb3605c5-00b9-4e73-a547-41738cab7e41&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=1d8bbbf5-b2e6-4649-9c64-9e4ebaef0d93&tw_document_href=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5gb5&type=javascript&version=2.3.26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-response-time
169
date
Thu, 25 Aug 2022 13:26:12 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
0672e9a1c5f451d0b61a8e0a1d0d5614bb792857dbf1c8b628611a21896d083f
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=bb3605c5-00b9-4e73-a547-41738cab7e41&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=1d8bbbf5-b2e6-4649-9c64-9e4ebaef0d93&tw_document_href=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5gb5&type=javascript&version=2.3.26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-response-time
175
date
Thu, 25 Aug 2022 13:26:12 GMT
server
tsa_o
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
8b8ff4b0b062e98a398a88f3b1c6d95c30613055bfe16d2fd69c9a154ca288ff
content-length
43
sp-2.14.0.js
tracker.ads.sportradar.com/dist// 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.ads.sportradar.com/dist//sp-2.14.0.js
Requested by
Host: tracker.ads.sportradar.com
URL: https://tracker.ads.sportradar.com/dist/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:14::1724:a251 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
50cf303cfaa020fcbedd6ad1bf045a008cbb88dfc792f731f07235dd1ca13599

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:12 GMT
content-encoding
gzip
last-modified
Wed, 20 Jan 2021 14:51:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
"8dba669b94e3865c9205ef8fd15ee4d1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900, public
accept-ranges
bytes
content-length
30370
x-amz-cf-id
Vk_JOKIBXywXVgWwb5xbgX9cWofmHAmIKJke7fUA_iV40yWrh5al1g==
dc_pre=COCF-e2L4vkCFb1JkQUduDkILQ;src=9216824;type=rosga0;cat=njpla0;ord=1;num=7773921730444;gtm=2wg8m0;auiddc=1514109753.1661433972;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3...
adservice.google.com/ddm/fls/i/ Frame D640 		621 B
889 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=COCF-e2L4vkCFb1JkQUduDkILQ;src=9216824;type=rosga0;cat=njpla0;ord=1;num=7773921730444;gtm=2wg8m0;auiddc=1514109753.1661433972;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com
Requested by
Host: 9216824.fls.doubleclick.net
URL: https://9216824.fls.doubleclick.net/activityi;dc_pre=COCF-e2L4vkCFb1JkQUduDkILQ;src=9216824;type=rosga0;cat=njpla0;ord=1;num=7773921730444;gtm=2wg8m0;auiddc=1514109753.1661433972;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
327e823eb7c5bb15af48bf23a4e5fe2c33c3dcbcd1056e9677082dbd4e0fc498
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9216824.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
421
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 13:26:12 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=COCF-e2L4vkCFb1JkQUduDkILQ;src=9216824;type=rosga0;cat=njpla0;ord=1;num=7773921730444;gtm=2wg8m0;auiddc=1514109753.1661433972;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3...
adservice.google.de/ddm/fls/i/ Frame 76D4 		194 B
870 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=COCF-e2L4vkCFb1JkQUduDkILQ;src=9216824;type=rosga0;cat=njpla0;ord=1;num=7773921730444;gtm=2wg8m0;auiddc=1514109753.1661433972;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COCF-e2L4vkCFb1JkQUduDkILQ;src=9216824;type=rosga0;cat=njpla0;ord=1;num=7773921730444;gtm=2wg8m0;auiddc=1514109753.1661433972;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
177
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 13:26:12 GMT
expires
Thu, 25 Aug 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
usersyncs
api.feedad.com/1.1/web/ 		42 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.feedad.com/1.1/web/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=4610c6d8-92cc-4973-a67b-cb21c8e80649
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-cloud-trace-context
799727426d5932cf9a271c15be8cd136
cache-control
private
server
Google Frontend
content-type
image/gif
date
Thu, 25 Aug 2022 13:26:12 GMT
content-length
42
expires
Thu, 25 Aug 2022 13:26:12 GMT
setuid
ib.adnxs.com/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=4610c6d8-92cc-4973-a67b-cb21c8e80649&cb=ea4375ca-219e-4304-9ed0-955b2a87a576
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=4610c6d8-92cc-4973-a67b-cb21c8e80649&cb=ea4375ca-219e-4304-9ed0-955b2a87a576
  • https://ib.adnxs.com/setuid?entity=388&code=f468ae4f-1ef5-46dc-aa2a-4f61912432dc
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=388&code=f468ae4f-1ef5-46dc-aa2a-4f61912432dc
Protocol
HTTP/1.1
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 13:26:13 GMT
X-Proxy-Origin
37.58.57.4; 37.58.57.4; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
b278e8db-b1aa-4f0e-9249-b3293c5e4643
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Location
//ib.adnxs.com/setuid?entity=388&code=f468ae4f-1ef5-46dc-aa2a-4f61912432dc
Date
Thu, 25 Aug 2022 13:26:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=4610c6d8-92cc-4973-a67b-cb21c8e80649&cb=19512d1a-ebe4-4ca9-b30c-07d38ad0a50e
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=409&expires=14&user_group=3&user_id=4610c6d8-92cc-4973-a67b-cb21c8e80649&cb=19512d1a-ebe4-4ca9-b30c-07d38ad0a50e
  • https://eb2.3lift.com/xuid?mid=2409&xuid=f468ae4f-1ef5-46dc-aa2a-4f61912432dc&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
  • https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=f468ae4f-1ef5-46dc-aa2a-4f61912432dc&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=f468ae4f-1ef5-46dc-aa2a-4f61912432dc&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=2409&xuid=f468ae4f-1ef5-46dc-aa2a-4f61912432dc&dongle=d3d3&gdpr=0&cmp_cs=&us_privacy=
date
Thu, 25 Aug 2022 13:26:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=4610c6d8-92cc-4973-a67b-cb21c8e80649&cb=edd0bd64-9305-4cf8-89d0-b703fcb9b1df
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=4610c6d8-92cc-4973-a67b-cb21c8e80649&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=4610c6d8-92cc-4973-a67b-cb21c8e80649&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Protocol
H2
Server
52.87.80.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-80-8.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:13 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Location
//match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=&seat_user_id=4610c6d8-92cc-4973-a67b-cb21c8e80649&seat_key=409&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Date
Thu, 25 Aug 2022 13:26:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7963&xuid=4610c6d8-92cc-4973-a67b-cb21c8e80649&dongle=3oy7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
usersyncs
tags.feedad.com/1/ 		42 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.feedad.com/1/usersyncs?b=8461718b-151b-486e-8ea2-a9b349f07f98&u=4610c6d8-92cc-4973-a67b-cb21c8e80649
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
Google Frontend /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-cloud-trace-context
c057fd9afc2c4f9e8bb3247be628391d
server
Google Frontend
date
Thu, 25 Aug 2022 13:26:12 GMT
content-length
42
content-type
image/gif
bsw_sync
eu.sportradarserving.com/
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=409&user_id=4610c6d8-92cc-4973-a67b-cb21c8e80649&user_group=3&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=409&user_id=4610c6d8-92cc-4973-a67b-cb21c8e80649&user_group=3&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
  • https://eu.sportradarserving.com/bsw_sync?bsw_uid=f468ae4f-1ef5-46dc-aa2a-4f61912432dc
43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu.sportradarserving.com/bsw_sync?bsw_uid=f468ae4f-1ef5-46dc-aa2a-4f61912432dc
Protocol
HTTP/1.1
Server
3.126.196.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-196-52.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 13:26:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
//eu.sportradarserving.com/bsw_sync?bsw_uid=f468ae4f-1ef5-46dc-aa2a-4f61912432dc
Date
Thu, 25 Aug 2022 13:26:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
tv2track.php
collector-14871.us.tvsquared.com/ 		42 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector-14871.us.tvsquared.com/tv2track.php?action_name=BetMGM&idsite=TV-8154182781-1&rec=1&r=737130&h=13&m=26&s=12&url=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&_id=3556752abb87c373&_idts=1661433973&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.130.102 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-130-102.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 13:26:13 GMT
Server
nginx
Connection
keep-alive
Request-Id
76bab687-5f4a-403c-b704-9e3cc3a14d90
P3p
CP='OTI DSP COR NID STP UNI OTPa OUR'
Content-Length
42
Content-Type
image/gif
reportEvent
realtime-705.optimove.net/ 		77 B
432 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://realtime-705.optimove.net/reportEvent
Requested by
Host: sdk-cdn.optimove.net
URL: https://sdk-cdn.optimove.net/websdk/sdk-v1.0.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.132.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.132.121.ip.incapdns.net
Software
/ Express
Resource Hash
14811480475c2171ce84c472a6d16a5355ce92a03e8955814fde8827e8a34d55

Request headers

Accept
application/json
Referer
https://promo.nj.betmgm.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
X-Request-ID
b628be2c-5e3a-4018-8b39-161f606aa059
Content-Type
application/json

Response headers

date
Thu, 25 Aug 2022 13:26:13 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cdn
Imperva
x-powered-by
Express
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
*
x-iinfo
9-33386758-33386829 PNYN RT(1661433971922 900) q(0 0 0 0) r(0 0) U6
content-encoding
gzip
access-control-allow-headers
X-Requested-With,Content-Type
reportEvent
realtime-705.optimove.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://realtime-705.optimove.net/reportEvent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.132.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.132.121.ip.incapdns.net
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id
Access-Control-Request-Method
POST
Origin
https://promo.nj.betmgm.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-request-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 25 Aug 2022 13:26:13 GMT
vary
Access-Control-Request-Headers
via
1.1 google
x-cdn
Imperva
x-iinfo
9-33386758-33386829 NNNN CT(3 10 0) RT(1661433971922 558) q(0 0 0 1) r(1 1) U6
x-powered-by
Express
47c30bbd-e787-4644-b9fb-694ed9610793
https://promo.nj.betmgm.com/ 		17 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://promo.nj.betmgm.com/47c30bbd-e787-4644-b9fb-694ed9610793
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbe3697b071fd50671af8291f50429de1ff2e2df9dd5610caf887afcbbe0d51c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length
17224
Content-Type
application/javascript
i
serving.ads.sportradar.com/ 		43 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.ads.sportradar.com/i?stm=1661433973108&e=se&se_ca=cookie_sync&se_ac=b9ae41db-7fe3-4482-9b34-656a8e0040a1&se_la=4610c6d8-92cc-4973-a67b-cb21c8e80649&tv=js-2.14.0&tna=cf&aid=sr-tracker-promo-nj-betmgm-com&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=d5a8e322-f02d-4d13-91fa-ae6618f3fa0e&dtm=1661433973106&vp=1600x1200&ds=1600x1200&vid=1&sid=ce4754e3-3f17-4d25-8785-1cb0558a47f4&duid=b9ae41db-7fe3-4482-9b34-656a8e0040a1&url=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7fX1dfQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.114.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-114-38.eu-west-1.compute.amazonaws.com
Software
akka-http/10.1.12 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 13:26:13 GMT
Server
akka-http/10.1.12
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
image/gif
Content-Length
43
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=493355708326828&ev=Microdata&dl=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&rl=&if=false&ts=1661433974145&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22BetMGM%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.77&r=stable&ec=1&o=30&fbp=fb.1.1661433972640.198691196&it=1661433972355&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:14 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 25 Aug 2022 13:26:14 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=432560294477527&ev=Microdata&dl=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&rl=&if=false&ts=1661433974150&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22BetMGM%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.77&r=stable&ec=1&o=30&fbp=fb.1.1661433972640.198691196&it=1661433972355&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:14 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 25 Aug 2022 13:26:14 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2286876164657123&ev=Microdata&dl=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&rl=&if=false&ts=1661433974190&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22BetMGM%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.77&r=stable&ec=1&o=30&fbp=fb.1.1661433972640.198691196&it=1661433972355&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 13:26:14 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 25 Aug 2022 13:26:14 GMT

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation boolean| gPluginsPromoDisableM2NotFoundCtrl object| promoContent function| sendToNative object| dataLayer function| upLogin object| afterViewInitScripts number| xOffset number| yOffset string| bubblepos object| gvczendesk function| messageToZendesk object| __alloyNS function| alloy object| entain object| google_tag_manager object| gvc_inhouse object| GlobalSnowplowNamespace function| spTracker function| preProcessfunction object| google_tag_data function| rdt function| snaptr function| fbq function| _fbq object| srtmCommands object| x object| y object| _tvq function| twq object| snaptrContext boolean| triedToSendCookieToNative object| WebJSBridge function| openTestTool object| optimoveSDK object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels function| ttd_dom_ready function| TTDUniversalPixelApi object| optimoveTenantConfiguration object| webpackJsonp_ads function| setImmediate function| clearImmediate object| _ads object| _srt_namespace function| _srt_argus function| _ads_popstate_listener function| _adsCookieSyncCallback object| regeneratorRuntime object| twttr object| core function| snowplowApi object| JSON2 object| TV2Track function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow function| QuantumMetricInstrumentationStart object| QuantumMetricAPI function| qmflate function| _QuantumMetricSymbol function| trackPageLevels object| pages_params undefined| folders function| tell

42 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
.nj.betmgm.com/ Name: ASP.NET_SessionId
Value: mfvdjph3itrsuf1a1r4b5hqx
.nj.betmgm.com/ Name: trc.cid
Value: 9ee3caa6b4c54682aec741fd58a647b1
.nj.betmgm.com/ Name: usersettings
Value: cid=en-US&vc=1&sst=2022-08-25T13:26:11.6724635Z&psst=0001-01-01T00:00:00.0000000Z&lsid=mfvdjph3itrsuf1a1r4b5hqx
.nj.betmgm.com/ Name: isLanguageChanged
Value: false
.nj.betmgm.com/ Name: lang
Value: en
promo.nj.betmgm.com/ Name: ADRUM_BTa
Value: R:0|g:403ddddc-7017-444a-b6cd-d50bc1a2dfa5|n:customer1_3ad3683b-4f2b-49aa-91cf-d6bdadcc6baf
promo.nj.betmgm.com/ Name: SameSite
Value: None
promo.nj.betmgm.com/ Name: ADRUM_BT1
Value: R:0|i:644070|e:20
.betmgm.com/ Name: __cf_bm
Value: xCjWwUtMhU3qJAI5T7r1MGeixOXGXYcWnvRtXqEOOOo-1661433971-0-AbW6G0JOZ0NDopUYYstn7Hs0eMkhRlhLqwJuOJGmOE5YFRyglcLXeFVoq8xpgnU/ZSIRlJTxlWTLU0jYrMd02Qg=
.itsfogo.com/ Name: __cf_bm
Value: CIOmJTcGsg3JVqp88gbyFJUrwuUq6nK1_vDGJdYv6fI-1661433971-0-AeeJgOhjhuOCdXetmQMmokHq3m88+kzI+LW/J9RFjZ//sV3fTPZgMde4SoSWx5r9hWLr+qGj8lVHfpgQDtj0C+U=
.betmgm.com/ Name: _sp_ses.3176
Value: *
.betmgm.com/ Name: _sp_id.3176
Value: ed588485-3951-4109-867f-787597659ed5.1661433972.1.1661433972.1661433972.49e4efa2-5646-4cef-a59e-e2667f9f0ab0
.betmgm.com/ Name: _gcl_au
Value: 1.1.1514109753.1661433972
.adnxs.com/ Name: uuid2
Value: 7348199541546087322
.betmgm.com/ Name: _rdt_uuid
Value: 1661433972402.e380845a-c5ea-4d77-8d08-883830aaf525
.betmgm.com/ Name: _scid
Value: 210f80d8-1ecd-4928-bad0-0c9aaf034741
.betmgm.com/ Name: _fbp
Value: fb.1.1661433972640.198691196
.w55c.net/ Name: wfivefivec
Value: Iwfi8TMH1OrcS82
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBhw0AIAwDsIsqdYSRcwKc0eOxS4oNlwlBw7huGge2Lkh5Jh+7Y85AFVe2f6YByFAyAAAA
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.sportradarserving.com/ Name: c
Value: 1661433972
.sportradarserving.com/ Name: zuuid_lu
Value: 1661433972
.sportradarserving.com/ Name: zuuid
Value: 4610c6d8-92cc-4973-a67b-cb21c8e80649
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1661433972
.sportradarserving.com/ Name: bss
Value: !bidswitch,430691172
.sportradarserving.com/ Name: cm4
Value: !bidswitch,430763172
.trkn.us/ Name: barometric[cuid]
Value: cuid_4eb613b3-b8f8-4dc8-bc64-a74019438d1b
promo.nj.betmgm.com/ Name: _tq_id.TV-8154182781-1.59a9
Value: 3556752abb87c373.1661433973.0.1661433973..
.t.co/ Name: muc_ads
Value: fea17fec-db7a-48b9-ad0c-1ed1c7d95c60
.feedad.com/ Name: fa_8461718b-151b-486e-8ea2-a9b349f07f98_u
Value: 4610c6d8-92cc-4973-a67b-cb21c8e80649
.bidswitch.net/ Name: c
Value: 1661433972
.bidswitch.net/ Name: tuuid_lu
Value: 1661433972
.bidswitch.net/ Name: tuuid
Value: f468ae4f-1ef5-46dc-aa2a-4f61912432dc
.3lift.com/ Name: tluid
Value: 2704447316162519609883
.betmgm.com/ Name: _sp_srt_ses.3176
Value: *
.betmgm.com/ Name: _sp_srt_id.3176
Value: b9ae41db-7fe3-4482-9b34-656a8e0040a1.1661433973.1.1661433973.1661433973.ce4754e3-3f17-4d25-8785-1cb0558a47f4
.twitter.com/ Name: personalization_id
Value: "v1_wRjgznNFv2lEUSG3wAZ/ug=="
.adnxs.com/ Name: anj
Value: dTM7k!M4.FEVNsVF']wIg2In3nY11?!]tcJ8i_j5:lKRN-lbOkQ7%jE[d(^cD??:4^+0>V_BS0K?846gV`OpKXtp5>?.j13k.5v<^]uQS3PVX23nXm/!!fWcub*=t
.sharethrough.com/ Name: stx_user_id
Value: c0fc494f-c126-42f0-954b-cc154dee0291
.sportradar.com/ Name: _sr_ads
Value: a99557b4-4b2c-461e-b5a1-de302410778c

1 Console Messages

Source Level URL
Text
network error URL: https://promo.nj.betmgm.com/inject_wrapper_ccb.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-src *
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9216824.fls.doubleclick.net
a.sportradarserving.com
adservice.google.com
adservice.google.de
alb.reddit.com
analytics.twitter.com
api.feedad.com
betmgm.com
cdn.quantummetric.com
collector-14871.us.tvsquared.com
connect.facebook.net
eb2.3lift.com
echoback.ads.sportradar.com
eu.sportradarserving.com
ib.adnxs.com
insight.adsrvr.org
js.adsrvr.org
match.sharethrough.com
promo.nj.betmgm.com
realtime-705.optimove.net
sc-static.net
scmedia.itsfogo.com
scmedia.nj.betmgm.com
sdk-cdn.optimove.net
sdkuaservice.optimove.net
secure.adnxs.com
serving.ads.sportradar.com
static.ads-twitter.com
stream-705.optimove.net
t.co
tags.feedad.com
tags.w55c.net
tm.ads.sportradar.com
tr.snapchat.com
tracker.ads.sportradar.com
trkn.us
www.facebook.com
www.googletagmanager.com
www.redditstatic.com
x.bidswitch.net
104.16.163.243
104.244.42.197
104.244.42.67
107.154.132.121
108.138.15.119
151.101.1.140
172.217.16.198
172.64.155.6
18.157.110.72
18.158.57.249
18.189.130.102
18.194.56.109
18.66.120.247
185.89.211.116
199.232.16.157
216.239.34.21
2606:4700:10::ac43:149e
2a00:1450:4001:813::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a02:26f0:3500:14::1724:a251
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::396
3.126.196.52
3.228.232.15
34.102.240.186
34.255.211.170
35.190.43.134
35.201.79.141
52.223.40.198
52.87.80.8
74.217.235.86
76.223.111.18
99.80.114.38
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
09bd9311931b56231b2fb2c836c4bcfa71976fcc6a20c7e91163f7fb81eaeedd
09ec372e30ccd964dd2f6b02029c5118c523a5011e6ba5e77a175d679e0b4dad
0c1e6257003a5210dd3c5c13fb8f87ba0eb7130cbb83a48263b36ed7dc597bfc
0c93ca542532cc04d6b409e8965b0347a151e3abf2b6d4e1e42fbcc914a31623
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1287fc0aa84dc8d13adf7173f344a0143511840be8c95fa6203396984a462d4b
14811480475c2171ce84c472a6d16a5355ce92a03e8955814fde8827e8a34d55
14dbde9c96ed4bf66a2f54350d56689107a555b5eeef18770603316f8dfd21d7
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
327e823eb7c5bb15af48bf23a4e5fe2c33c3dcbcd1056e9677082dbd4e0fc498
344802332a1d8d95b6ef9230affb1999cecea5ff9411292a2e3fdd62f520396b
391a026f0b01e8f1d634c79ca77b2539cdf9b9080ae0e0ef0ce920ce0319de2f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4daac2f4f6206cbb67a15711293b2a35b6044f964fda598b5ff4e360b7453d83
4f8484c767f75bd497059e2210b8901b711755ca00dbd84c6d4f3e1774716c15
50b33426b52a8e4fbca5013c487962cd8e86ceb118e0b96deb0d33a3a78179f4
50cf303cfaa020fcbedd6ad1bf045a008cbb88dfc792f731f07235dd1ca13599
5401c21a3cd89bdad51073e73536d7f4625bcf02d1cbdcf355363e60d4de5a76
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56daf9cf0d870f68417c6d388f03414d00d10fbbe70248ddc3130bf7ab7f2330
59c64bfe4c64abfae9efcedc96ed393d756d6d7ab7ff193846ef7944fa8554d3
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
7a1faeb950ae56ecfc2c476d108c2870eb6a3f975ba83043955fbd46928effe5
8af99ee516c363d495bd72314edf41eeb172b4b8d5f0fbb3448a7177968273f7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc96d1f370f1931b0dc5b7f00be6ffadc384b61eb48e0a681e5dc05c830baa2
8f36e62821d38776e807b1e6eb32d49917c5b9fda0f769d29215aabf4daac5a6
9cfc861f421f1cbdb89445aa732f5267f8e3b35072ce2f74998505d795c7543d
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
aba13e76e0dfc68cd2710d1745d55c6b210cb2bec6ecd14a541615b685af8564
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1c8384f493600f8ca471b69029eb14dc4a9b7e4070305c2f418752d0fc4ceef
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2
c22caf8eee94e7e90bb1029fd4af363b5826d865c69ef4fd9c33b9b8c1f7169c
c2af519def3cfba2adc211aa6e6742c13c4b49538e2ed24cbd590f2f356e9380
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
dbe3697b071fd50671af8291f50429de1ff2e2df9dd5610caf887afcbbe0d51c
dc33172a8b9a87ac658e278513354107c74bb42ad8aa7b9b056006ff83cc472c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49e52f2ac57c0c0b0b316cbf98a528b7b0bacc14947eec07b94fa1f7a33a975
e9dc0df577864d74eddbec7c75751966107a79e43d5c1fd3eed6f87fe2c2b4e6
ea1bc42ac8db9e7813ca908d4407cf7682c1f659c49b4d64fae3650cb8fa8bbf
ea72d65510bac7fef3b1e6751e4498724db58a44048c20418e4ab0b150b8f5ca
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f5250f75e34ae244f42aa307c21d618fe00e72199f0e0607be5d09de0610ba05
feda67648acd203488c2c74a84f52bef7a05a3154a00cb2fbc94c62d559afb46