urlscan.io logo urlscan.io
SecurityTrails logo

promo.nj.betmgm.com Open in urlscan Pro
104.18.21.216  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.betmgm.com/
Effective URL: https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Submission: On July 16 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 22 domains to perform 62 HTTP transactions. The main IP is 104.18.21.216, located in United States and belongs to CLOUDFLARENET, US. The main domain is promo.nj.betmgm.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on August 27th 2020. Valid for: a year.
This is the only time promo.nj.betmgm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.18.20.216 13335 (CLOUDFLAR...)
3 104.18.21.216 13335 (CLOUDFLAR...)
5 104.16.162.243 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 142.250.186.38 15169 (GOOGLE)
2 151.101.13.140 54113 (FASTLY)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
6 2a03:2880:f01... 32934 (FACEBOOK)
2 35.201.79.141 15169 (GOOGLE)
3 5 185.33.221.50 29990 (ASN-APPNEX)
1 13.224.100.124 16509 (AMAZON-02)
1 13.224.96.39 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 35.186.226.184 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 54.154.124.189 16509 (AMAZON-02)
3 34.254.127.126 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 34.107.228.158 15169 (GOOGLE)
1 2 54.80.48.227 14618 (AMAZON-AES)
1 2 3.123.143.157 16509 (AMAZON-02)
1 1 54.171.42.33 16509 (AMAZON-02)
1 104.244.42.3 13414 (TWITTER)
17 2a03:2880:f11... 32934 (FACEBOOK)
62 22
1    104.18.20.216 (United States)

ASN13335 (CLOUDFLARENET, US)
www.betmgm.com
3    104.18.21.216 (United States)

ASN13335 (CLOUDFLARENET, US)
promo.nj.betmgm.com
scmedia.nj.betmgm.com
5    104.16.162.243 (United States)

ASN13335 (CLOUDFLARENET, US)
scmedia.itsfogo.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
9216824.fls.doubleclick.net
2    151.101.13.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
www.redditstatic.com
alb.reddit.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
6    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    35.201.79.141 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 141.79.201.35.bc.googleusercontent.com
sdk-cdn.optimove.net
5    185.33.221.50 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
ib.adnxs.com
1    13.224.100.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-100-124.zrh50.r.cloudfront.net
js.adsrvr.org
1    13.224.96.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-39.zrh50.r.cloudfront.net
sc-static.net
1    2606:4700:10::6816:34fc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.quantummetric.com
1    35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com
tr.snapchat.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    54.154.124.189 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-124-189.eu-west-1.compute.amazonaws.com
dpm.demdex.net
gvcus.demdex.net
3    34.254.127.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-127-126.eu-west-1.compute.amazonaws.com
insight.adsrvr.org
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    34.107.228.158 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 158.228.107.34.bc.googleusercontent.com
stream-705.optimove.net
2    54.80.48.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-48-227.compute-1.amazonaws.com
trkn.us
2    3.123.143.157 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
tags.w55c.net
1    54.171.42.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-42-33.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
17    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
17 www.facebook.com
6 connect.facebook.net promo.nj.betmgm.com
connect.facebook.net
5 scmedia.itsfogo.com promo.nj.betmgm.com
www.googletagmanager.com
4 secure.adnxs.com 2 redirects
3 insight.adsrvr.org js.adsrvr.org
9216824.fls.doubleclick.net
3 dpm.demdex.net scmedia.itsfogo.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
3 9216824.fls.doubleclick.net 1 redirects www.googletagmanager.com
adservice.google.com
2 gvcus.demdex.net scmedia.itsfogo.com
2 tags.w55c.net 1 redirects 9216824.fls.doubleclick.net
2 trkn.us 1 redirects 9216824.fls.doubleclick.net
2 stream-705.optimove.net sdk-cdn.optimove.net
2 sdk-cdn.optimove.net www.googletagmanager.com
sdk-cdn.optimove.net
2 www.googletagmanager.com promo.nj.betmgm.com
www.googletagmanager.com
2 promo.nj.betmgm.com promo.nj.betmgm.com
1 analytics.twitter.com
1 ib.adnxs.com 1 redirects
1 cm.everesttech.net 1 redirects
1 adservice.google.de 1 redirects
1 adservice.google.com 9216824.fls.doubleclick.net
1 tr.snapchat.com
1 alb.reddit.com
1 cdn.quantummetric.com promo.nj.betmgm.com
1 sc-static.net promo.nj.betmgm.com
1 js.adsrvr.org www.googletagmanager.com
1 www.redditstatic.com www.googletagmanager.com
1 scmedia.nj.betmgm.com promo.nj.betmgm.com
1 www.betmgm.com 1 redirects
62 28
Subject Issuer Validity Valid
*.nj.betmgm.com
DigiCert SHA2 Secure Server CA		 2020-08-27 -
2021-09-01		 a year crt.sh
*.itsfogo.com
DigiCert SHA2 Secure Server CA		 2020-03-06 -
2022-03-07		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-23 -
2021-11-18		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-04-12 -
2021-10-12		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.optimove.net
Sectigo RSA Domain Validation Secure Server CA		 2021-01-10 -
2022-02-10		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-11 -
2022-02-15		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-17 -
2021-08-17		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-23 -
2021-11-18		 6 months crt.sh
tr.snapchat.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-19 -
2022-01-23		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
trkn.us
Go Daddy Secure Certificate Authority - G2		 2021-01-19 -
2022-02-20		 a year crt.sh
*.w55c.net
Amazon		 2020-08-26 -
2021-09-26		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh

This page contains 7 frames:

Primary Page: https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Frame ID: 27939C2753CFDB43C916E58B5C84465E
Requests: 49 HTTP requests in this frame

Frame: https://9216824.fls.doubleclick.net/activityi;dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com
Frame ID: B3D81DD0E7C7402A6E643BA95BEACDEE
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=b1a7abb8-e191-45fa-9602-ec350d281e46
Frame ID: 812F3A41705724F3A3843774219B4E68
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com
Frame ID: 8C41C72611F5010E9FFE048F9B9F9AC1
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=sg65m8v&ref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&upid=crmc3k8&upv=1.1.0
Frame ID: C4B1F61368CD6854AE9B0A447F7D8B32
Requests: 1 HTTP requests in this frame

Frame: https://9216824.fls.doubleclick.net/ddm/fls/r/dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com
Frame ID: 88A748CC1046B8538E64D9C08D2441BD
Requests: 5 HTTP requests in this frame

Frame: https://gvcus.demdex.net/dest5.html?d_nsid=0
Frame ID: 930E4BCE08B97FF27B50761AD065EDAE
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.betmgm.com/ HTTP 302
    https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Page Statistics

62
Requests

100 %
HTTPS

32 %
IPv6

22
Domains

28
Subdomains

22
IPs

4
Countries

1047 kB
Transfer

3185 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.betmgm.com/ HTTP 302
    https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://9216824.fls.doubleclick.net/activityi;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com HTTP 302
  • https://9216824.fls.doubleclick.net/activityi;dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com
Request Chain 13
  • https://secure.adnxs.com/px?id=1092773&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1092773%26t%3D1
Request Chain 14
  • https://secure.adnxs.com/seg?add=17453349&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17453349%26t%3D1
Request Chain 28
  • https://adservice.google.de/ddm/fls/i/dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com HTTP 302
  • https://9216824.fls.doubleclick.net/ddm/fls/r/dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com
Request Chain 32
  • https://trkn.us/pixel/conv/ppt=7917;g=njplaymgm_ros;gid=27082;ord=357735681 HTTP 302
  • https://trkn.us/pixel/conv/ppt=7917;g=njplaymgm_ros;gid=27082;ord=357735681;ip=77.243.191.196;cuidchk=1
Request Chain 33
  • https://tags.w55c.net/rs?id=f1f9fc1f7bf949b9a52bed5cb8e91ffe&t=checkout&tx=1&sku=1&price=1 HTTP 302
  • https://tags.w55c.net/rs?sccid=92d80d43-d816-0f3f-435b-1ea701cc73d4&scc=1&id=f1f9fc1f7bf949b9a52bed5cb8e91ffe&t=checkout&tx=1&sku=1&price=1
Request Chain 36
  • https://cm.everesttech.net/cm/dd?d_uuid=85184441497759448762842693470634066354 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YPG8PAAAAGpjhSkN
Request Chain 38
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=1273711295837258083

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request geolocator
promo.nj.betmgm.com/en/promo/
Redirect Chain
  • http://www.betmgm.com/
  • https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
32 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc1f41c24f294d7c984d3e42e3b30bd38108f2eee1f3e74cc6d80465afe4ff2c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
promo.nj.betmgm.com
:scheme
https
:path
/en/promo/geolocator?orh=www.betmgm.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:04:59 GMT
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
server-timing
vanilla;dur=48.6753
set-cookie
ASP.NET_SessionId=n4cu1lqwmtbyo3kb2qpyibl3; domain=.nj.betmgm.com; path=/; secure; HttpOnly; SameSite=None trc.cid=98457d658acc48bb84e6d97ebb8c84a7; domain=.nj.betmgm.com; expires=Wed, 15-Jul-2026 17:04:59 GMT; path=/; secure; HttpOnly; SameSite=None usersettings=lc=false&cid=en-US&vc=1&sst=2021-07-16T17:04:59.3456568Z&psst=0001-01-01T00:00:00.0000000Z&lsid=n4cu1lqwmtbyo3kb2qpyibl3; domain=.nj.betmgm.com; expires=Mon, 14-Jul-2031 17:04:59 GMT; path=/; secure; HttpOnly; SameSite=None lang=en; domain=.nj.betmgm.com; path=/; secure; SameSite=None __cf_bm=f10f3f1ff0320c3c6f58fc448f7f27f04fb140ae-1626455099-1800-AeqNlYLJJX5k7ANIEHnm6RP2NGdRHUwGSSnQLbEVvCRWFyjTxIL2+0QvQoluOXf8ySvsNm2bIcxxLQj7eleuo4I=; path=/; expires=Fri, 16-Jul-21 17:34:59 GMT; domain=.betmgm.com; HttpOnly; Secure; SameSite=None
x-ua-compatible
IE=edge
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
66fcd0123e513a29-CDG
content-encoding
br

Redirect headers

Date
Fri, 16 Jul 2021 17:04:59 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-cache
Pragma
no-cache
Location
https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Vary
User-Agent
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip
Accept-Language
en-US
Host
www.betmgm.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Forwarded-For
77.243.191.196, 172.70.114.2
X-Forwarded-Proto
http
CF-Visitor
{"scheme":"http"}
Upgrade-Insecure-Requests
1
CF-Connecting-IP
77.243.191.196
True-Client-IP
77.243.191.196
CDN-Loop
cloudflare
Set-Cookie
redirex-original=http://www.betmgm.com:80/;Ip=77.243.191.196;Path=/;Domain=.betmgm.com;Expires=Fri, 16-Jul-2021 17:09:59 GMT;secure;HttpOnly __cf_bm=da3d68ad0eb6d8d4d86f341a75715fbcf9285c6b-1626455099-1800-AZgcjACM51PCgSQT7fajskyKvXfBy91pnHqFAUsuZ68WhlTY81hnw+I23uHwizuY6xbwqfaDakX+xGfb3lsFEA0=; path=/; expires=Fri, 16-Jul-21 17:34:59 GMT; domain=.betmgm.com; HttpOnly; SameSite=None
X-Redirect-Source
Redirex
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
66fcd0108b173a99-CDG
inject_wrapper_ccb.js
promo.nj.betmgm.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://promo.nj.betmgm.com/inject_wrapper_ccb.js
Requested by
Host: promo.nj.betmgm.com
URL: https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/inject_wrapper_ccb.js
pragma
no-cache
cookie
ASP.NET_SessionId=n4cu1lqwmtbyo3kb2qpyibl3; trc.cid=98457d658acc48bb84e6d97ebb8c84a7; usersettings=lc=false&cid=en-US&vc=1&sst=2021-07-16T17:04:59.3456568Z&psst=0001-01-01T00:00:00.0000000Z&lsid=n4cu1lqwmtbyo3kb2qpyibl3; lang=en; __cf_bm=f10f3f1ff0320c3c6f58fc448f7f27f04fb140ae-1626455099-1800-AeqNlYLJJX5k7ANIEHnm6RP2NGdRHUwGSSnQLbEVvCRWFyjTxIL2+0QvQoluOXf8ySvsNm2bIcxxLQj7eleuo4I=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
promo.nj.betmgm.com
referer
https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jul 2021 17:04:59 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
expires
-1
cache-control
no-cache, no-store, must-revalidate
server-timing
vanilla;dur=16.7684
cf-ray
66fcd013a8ee3a29-CDG
x-ua-compatible
IE=edge
f7c2eab99818481bafc68590d279f3ea.svg
scmedia.nj.betmgm.com/$-$/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scmedia.nj.betmgm.com/$-$/f7c2eab99818481bafc68590d279f3ea.svg
Requested by
Host: promo.nj.betmgm.com
URL: https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50b33426b52a8e4fbca5013c487962cd8e86ceb118e0b96deb0d33a3a78179f4

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:04:59 GMT
content-encoding
br
cf-cache-status
HIT
age
46874
cf-ray
66fcd013d9493a29-CDG
last-modified
Tue, 04 Feb 2020 15:01:00 GMT
server
cloudflare
etag
W/"F7C2EAB99818481BAFC68590D279F3EA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
expires
Sat, 16 Jul 2022 17:04:59 GMT
c29654013dd941419340d24d24c1dc0a.jpg
scmedia.itsfogo.com/$-$/ 		144 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scmedia.itsfogo.com/$-$/c29654013dd941419340d24d24c1dc0a.jpg
Requested by
Host: promo.nj.betmgm.com
URL: https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.162.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee5a559ea1116f16e98f96d2acf45d95269ba5dada93f63dffb0752fcf500738

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:04:59 GMT
cf-cache-status
HIT
age
849525
cf-polished
qual=85, origFmt=jpeg, origSize=887337
content-disposition
inline; filename="c29654013dd941419340d24d24c1dc0a.webp"
content-length
147878
timing-allow-origin
*
last-modified
Wed, 07 Oct 2020 14:14:22 GMT
server
cloudflare
etag
"C29654013DD941419340D24D24C1DC0A"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 16 Jul 2022 17:04:59 GMT
cache-control
public, max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
66fcd01439da4c31-AMS
access-control-allow-headers
*
cf-bgj
imgq:85,h2pri
gtm.js
www.googletagmanager.com/ 		422 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N48RN3R
Requested by
Host: promo.nj.betmgm.com
URL: https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5a2968fd880ae48282e04b7838e4997f520cfd88452ce57d0b381a6686252c8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:04:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71157
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 16:38:20 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Jul 2021 17:04:59 GMT
2dd8d17ccccc479588f0dc8f8cbabf0e.otf
scmedia.itsfogo.com/$-$/ 		157 KB
157 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://scmedia.itsfogo.com/$-$/2dd8d17ccccc479588f0dc8f8cbabf0e.otf
Requested by
Host: promo.nj.betmgm.com
URL: https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.162.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56daf9cf0d870f68417c6d388f03414d00d10fbbe70248ddc3130bf7ab7f2330

Request headers

Origin
https://promo.nj.betmgm.com
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:04:59 GMT
cf-cache-status
HIT
age
2452488
cf-ray
66fcd0154825c775-AMS
last-modified
Wed, 23 Oct 2019 15:11:59 GMT
server
cloudflare
etag
W/"2DD8D17CCCCC479588F0DC8F8CBABF0E"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
expires
Sat, 16 Jul 2022 17:04:59 GMT
gtm.js
www.googletagmanager.com/ 		467 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WLHF3HF&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N48RN3R
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f57c2a516e51ff19a8ffacb9b07eb9f17c0448bbd9ffb682e87a9e9b520083d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:04:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89488
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 16:38:20 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Jul 2021 17:04:59 GMT
4be2d490abfb4921b4d44a625d7375f1.js
scmedia.itsfogo.com/$-$/ 		99 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scmedia.itsfogo.com/$-$/4be2d490abfb4921b4d44a625d7375f1.js
Requested by
Host: promo.nj.betmgm.com
URL: https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.162.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf72285e2c030ae19359eac77d0b47b1038782bac2121701e4092499186946dd

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:04:59 GMT
content-encoding
br
cf-cache-status
HIT
age
6668382
cf-ray
66fcd0158c284c31-AMS
last-modified
Wed, 28 Apr 2021 11:27:53 GMT
server
cloudflare
etag
W/"4BE2D490ABFB4921B4D44A625D7375F1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
expires
Sat, 16 Jul 2022 17:04:59 GMT
activityi;dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeo...
9216824.fls.doubleclick.net/ Frame B3D8
Redirect Chain
  • https://9216824.fls.doubleclick.net/activityi;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fg...
  • https://9216824.fls.doubleclick.net/activityi;dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpr...
621 B
442 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9216824.fls.doubleclick.net/activityi;dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLHF3HF&l=dataLayer
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
a36d806c964a42a0ae61439f71f004833850a7bc3410a863a4e81af110d1316f
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9216824.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://promo.nj.betmgm.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jul 2021 17:05:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
417
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 16-Jul-2021 17:20:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jul 2021 17:04:59 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://9216824.fls.doubleclick.net/activityi;dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel.js
www.redditstatic.com/ads/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLHF3HF&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
7125a66456daa35dd3e3e8cca4b9523e05caf0b4fa5bd5874676e7c6db40f3aa

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:04:59 GMT
via
1.1 varnish, 1.1 varnish
last-modified
Wed, 14 Jul 2021 17:50:00 GMT
server
snooserv
etag
"912f60c72fda50b2f21068c65115175d"
vary
Accept-Encoding,Origin
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-encoding
gzip
content-length
7018
bat.js
bat.bing.com/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLHF3HF&l=dataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:04:59 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 20:25:24 GMT
x-msedge-ref
Ref A: AA575346A6A1489BA8547943E70121FE Ref B: FRAEDGE1314 Ref C: 2021-07-16T17:04:59Z
etag
"0d2a696ff53d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
9008
c7a9efa3e0474b58b4dcb8d7031097a6.js
scmedia.itsfogo.com/$-$/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scmedia.itsfogo.com/$-$/c7a9efa3e0474b58b4dcb8d7031097a6.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLHF3HF&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.162.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a6a9fe73708961ab27ee014bbead4e69ae74cae5f0bdffcb71171d3ef6ed4ed

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:04:59 GMT
content-encoding
br
cf-cache-status
HIT
age
7299493
cf-ray
66fcd0167d944c31-AMS
last-modified
Fri, 03 Jul 2020 14:04:56 GMT
server
cloudflare
etag
W/"C7A9EFA3E0474B58B4DCB8D7031097A6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
expires
Sat, 16 Jul 2022 17:04:59 GMT
fbevents.js
connect.facebook.net/en_US/ 		95 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: promo.nj.betmgm.com
URL: https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24676
x-xss-protection
0
pragma
public
x-fb-debug
/YVjtNnhSFdDQbw/iLwv1BgX1+yiGNo/DIOBbfnYQxe79o5ZHHBc9UMotONSX6g7f11gloo/sfWJVHN2PvyFLA==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Fri, 16 Jul 2021 17:04:59 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk-v1.0.7.js
sdk-cdn.optimove.net/websdk/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk-cdn.optimove.net/websdk/sdk-v1.0.7.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLHF3HF&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.79.141 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
141.79.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8089a46243dddf77b5786cbc374f48e39a785a90674d7f8dee18b3f0e1951ecc

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 13:40:15 GMT
content-encoding
gzip
age
12284
x-guploader-uploadid
ADPycdu1XTZv3cyis2qNYAboXcEj0quYsE6SmiSqqYNVHF7Y9YwPiwCjlF-AavwqhtFXGTY8aUAFejpsrWAmBeYncXEDddw8nA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
18172
last-modified
Sun, 13 Jun 2021 07:35:02 GMT
server
UploadServer
etag
"d807e93faee839db30769c394df45ca1"
x-goog-hash
crc32c=oEeYAQ==, md5=2AfpP67oOdswdpw5TfRcoQ==
x-goog-generation
1623569702826330
cache-control
public,max-age=3600,no-transform
x-goog-stored-content-length
18172
accept-ranges
bytes
content-type
application/javascript
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1092773&t=1
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1092773%26t%3D1
0
1007 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1092773%26t%3D1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jul 2021 17:05:00 GMT
X-Proxy-Origin
77.243.191.196; 77.243.191.196; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b4493b4f-0f2b-4d67-80ed-50b7662ee73b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jul 2021 17:04:59 GMT
X-Proxy-Origin
77.243.191.196; 77.243.191.196; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4bef82bd-e137-458e-98bc-6c94aea3cc71
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1092773%26t%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=17453349&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17453349%26t%3D1
0
1007 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17453349%26t%3D1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jul 2021 17:05:00 GMT
X-Proxy-Origin
77.243.191.196; 77.243.191.196; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c26c54d2-1d91-4622-93e8-0b7beea0b72b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jul 2021 17:04:59 GMT
X-Proxy-Origin
77.243.191.196; 77.243.191.196; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
6b983a25-d52a-4f3d-b2ec-f317e63a07bc
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17453349%26t%3D1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLHF3HF&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.100.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-100-124.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 12:11:24 GMT
Via
1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
17617
ETag
"98d98b3499058b76d58073cf8ede2f10"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
ZRH50-C1
Accept-Ranges
bytes
Content-Length
4593
X-Amz-Cf-Id
2ku7Hz8vzNmSmqu7qdTJg39fQ1tkr3BC8m-gacqQPn4kLBkecG3sdQ==
scevent.min.js
sc-static.net/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: promo.nj.betmgm.com
URL: https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-39.zrh50.r.cloudfront.net
Software
CloudFront /
Resource Hash
023e64b862c4d75dd3390eda64f830ce73e3d8c689d30fff89dec507ccabb780

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:05:00 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
ZRH50-C1
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
5720
via
1.1 b103085320b440f2b61bad94c412ff70.cloudfront.net (CloudFront)
x-amz-cf-id
ozNRV0h1fn6vlHsrUrvUA84b_alflyykBwgHdFweLPiAnevePALExQ==
quantum-betmgm.js
cdn.quantummetric.com/qscripts/ 		171 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.quantummetric.com/qscripts/quantum-betmgm.js
Requested by
Host: promo.nj.betmgm.com
URL: https://promo.nj.betmgm.com/en/promo/geolocator?orh=www.betmgm.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae3ff55a478cdc16ab0e09f5ee16a166117c03bfc49ee85fe34b6e81504df017
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:04:59 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
176
etag
W/"161463034887116250038566741626422404973"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
strict-transport-security
max-age=31536000
cf-ray
66fcd0169b3b1f41-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
134004772.js
bat.bing.com/p/action/ 		0
127 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/134004772.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 16 Jul 2021 17:04:59 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: F3788225772B49368450E0D53C94D321 Ref B: FRAEDGE1314 Ref C: 2021-07-16T17:04:59Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=134004772&tm=gtm001&Ver=2&mid=4e1000db-30c9-407c-9bf3-599dc1539aca&sid=f4441460e65711eb9a0f9d862a5576f5&vid=f4473500e65711eb8eb12f814209415a&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=BetMGM&p=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&r=&lt=970&evt=pageLoad&msclkid=N&sv=1&rn=443670
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 16 Jul 2021 17:05:00 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 9ED4A8D0D40E4A5BBBA3D5245D35D439 Ref B: FRAEDGE1314 Ref C: 2021-07-16T17:04:59Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
623537968086929
connect.facebook.net/signals/config/ 		261 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/623537968086929?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
da34afbb751148285ee3c4501ae1c0bd95104197461410faa169ab9e7be5ca40
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
a8Sh5ThoaDPBuntG6I73GcvjYjGAw5MXVrnm+QV8xDlcY1fSDG0IQSvGjzxsm422lksNVuDW8nsE3LUdIw6svQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Fri, 16 Jul 2021 17:05:00 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
690a05e4e4ce4d4989524fea24680488.js
scmedia.itsfogo.com/$-$/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scmedia.itsfogo.com/$-$/690a05e4e4ce4d4989524fea24680488.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLHF3HF&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.162.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7de0300b401fc4b48ea166e2614326595bf971fc3c90e795cbf9ffc78f3200d9

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:05:00 GMT
content-encoding
br
cf-cache-status
HIT
age
7299497
cf-ray
66fcd0171eaf4c31-AMS
last-modified
Fri, 03 Jul 2020 14:04:56 GMT
server
cloudflare
etag
W/"690A05E4E4CE4D4989524FEA24680488"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
expires
Sat, 16 Jul 2022 17:05:00 GMT
rp.gif
alb.reddit.com/ 		42 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1626455100023&id=t2_5rqjc17d&event=PageVisit&m.itemCount=&m.value=&m.currency=&m.transactionId=&m.customEventName=&uuid=5026e275-ac8e-4514-ad49-8e8508ca29d6&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_a797b96e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:05:00 GMT
via
1.1 varnish
server
Varnish
accept-ranges
bytes
content-length
42
retry-after
0
content-type
image/gif
web-configuration.1.0.0.js
sdk-cdn.optimove.net/webconfig/fa4ab4327366119d61a08004300f13faf922b4e0129f500fcd21733c1a0f8e77/ 		63 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk-cdn.optimove.net/webconfig/fa4ab4327366119d61a08004300f13faf922b4e0129f500fcd21733c1a0f8e77/web-configuration.1.0.0.js
Requested by
Host: sdk-cdn.optimove.net
URL: https://sdk-cdn.optimove.net/websdk/sdk-v1.0.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.79.141 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
141.79.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
18a25985fc2b0a97296c80d35cae48f0d824edad1c51e5af43dde61162e024b7

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:05:00 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABg5-Ux8xcmElL91PcPYxK__qonYSsCrHlC6JrmjYTC5i9zxtL2k_utwrCYZVW223OXfTt_PHFnW9HR537XgbEIpM7NjT5pwQg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
5018
last-modified
Wed, 28 Apr 2021 11:59:41 GMT
server
UploadServer
etag
"d2e675d04c0e52c0dc6b809df5653b4a"
vary
Accept-Encoding
x-goog-hash
crc32c=GH4Swg==, md5=0uZ10EwOUsDca4Cd9WU7Sg==
x-goog-generation
1619611181283538
cache-control
public,max-age=3600
x-goog-stored-content-length
5018
accept-ranges
bytes
content-type
application/javascript
i
tr.snapchat.com/cm/ Frame 812F 		0
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=b1a7abb8-e191-45fa-9602-ec350d281e46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
tr.snapchat.com
:scheme
https
:path
/cm/i?pid=b1a7abb8-e191-45fa-9602-ec350d281e46
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://promo.nj.betmgm.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://promo.nj.betmgm.com/

Response headers

server
nginx/1.17.3
date
Fri, 16 Jul 2021 17:05:00 GMT
content-type
text/html
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3F...
adservice.google.com/ddm/fls/i/ Frame 8C41 		620 B
487 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com
Requested by
Host: 9216824.fls.doubleclick.net
URL: https://9216824.fls.doubleclick.net/activityi;dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f17bc0d8ba408883031b6c08f8dccf6744c57eaaeb99f3e0676c32b0cc3772da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://9216824.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://9216824.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jul 2021 17:05:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
417
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
id
dpm.demdex.net/ 		707 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=279D61005DF23F560A495FB1%40AdobeOrg&d_nsid=0&ts=1626455100166
Requested by
Host: scmedia.itsfogo.com
URL: https://scmedia.itsfogo.com/$-$/c7a9efa3e0474b58b4dcb8d7031097a6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.124.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-124-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cc37ec8499ddc1ce8812430f49ce61c0d7d536eb93ad9a5a858a9a38a7efdd99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v012-0a5d1c7f9.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
wjs2kbYMQCU=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://promo.nj.betmgm.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
440
Expires
Thu, 01 Jan 1970 00:00:00 UTC
up
insight.adsrvr.org/track/ Frame C4B1 		0
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=sg65m8v&ref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&upid=crmc3k8&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.127.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-127-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
insight.adsrvr.org
:scheme
https
:path
/track/up?adv=sg65m8v&ref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&upid=crmc3k8&upv=1.1.0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://promo.nj.betmgm.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://promo.nj.betmgm.com/

Response headers

date
Fri, 16 Jul 2021 17:05:00 GMT
content-type
text/html
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3F...
9216824.fls.doubleclick.net/ddm/fls/r/ Frame 88A7
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.b...
  • https://9216824.fls.doubleclick.net/ddm/fls/r/dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpr...
691 B
441 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9216824.fls.doubleclick.net/ddm/fls/r/dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
413700baf689eb2144dd96fcc78f97384ea0a00cf916f30940cc369ef27032ed
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9216824.fls.doubleclick.net
:scheme
https
:path
/ddm/fls/r/dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jul 2021 17:05:00 GMT
expires
Fri, 16 Jul 2021 17:05:00 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
416
x-xss-protection
0
set-cookie
IDE=AHWqTUkiU-QwfPE8ACN4GJY27QkF1tvq7vV6R-XR0i7s1b7mE6FCR0T3AJPJmgPG0b0; expires=Wed, 10-Aug-2022 17:05:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 16 Jul 2021 17:05:00 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
location
https://9216824.fls.doubleclick.net/ddm/fls/r/dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
/
stream-705.optimove.net/ 		66 B
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stream-705.optimove.net/
Requested by
Host: sdk-cdn.optimove.net
URL: https://sdk-cdn.optimove.net/websdk/sdk-v1.0.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.228.158 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
158.228.107.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
b467382a8109d4be41fb92d1f2761e22b3480fcb408b487f2e74326c0c527df6

Request headers

Accept
application/json
Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Request-ID
0243e78e-be96-4e6c-ad31-fbe253240e76
Content-Type
application/json

Response headers

date
Fri, 16 Jul 2021 17:05:00 GMT
via
1.1 google
etag
W/"42-NnqNK2q2akYqdM4jZ7Or9sojH1E"
x-powered-by
Express
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
clear
content-length
66
/
stream-705.optimove.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://stream-705.optimove.net/
Protocol
H2
Server
34.107.228.158 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
158.228.107.34.bc.googleusercontent.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-request-id
Origin
https://promo.nj.betmgm.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
vary
Access-Control-Request-Headers
access-control-allow-headers
content-type,x-request-id
access-control-max-age
86400
content-length
0
date
Fri, 16 Jul 2021 17:05:00 GMT
via
1.1 google
alt-svc
clear
/
insight.adsrvr.org/track/pxl/ Frame 88A7 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=hjmfil0&ct=0:7evc7kx&fmt=3
Requested by
Host: 9216824.fls.doubleclick.net
URL: https://9216824.fls.doubleclick.net/ddm/fls/r/dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.127.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-127-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://9216824.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jul 2021 17:05:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ppt=7917;g=njplaymgm_ros;gid=27082;ord=357735681;ip=77.243.191.196;cuidchk=1
trkn.us/pixel/conv/ Frame 88A7
Redirect Chain
  • https://trkn.us/pixel/conv/ppt=7917;g=njplaymgm_ros;gid=27082;ord=357735681
  • https://trkn.us/pixel/conv/ppt=7917;g=njplaymgm_ros;gid=27082;ord=357735681;ip=77.243.191.196;cuidchk=1
42 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trkn.us/pixel/conv/ppt=7917;g=njplaymgm_ros;gid=27082;ord=357735681;ip=77.243.191.196;cuidchk=1
Requested by
Host: 9216824.fls.doubleclick.net
URL: https://9216824.fls.doubleclick.net/ddm/fls/r/dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.48.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-48-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://9216824.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jul 2021 17:05:00 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Fri, 16 Jul 2021 17:05:00 GMT
X-Content-Type-Options
nosniff
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/pixel/conv/ppt=7917;g=njplaymgm_ros;gid=27082;ord=357735681;ip=77.243.191.196;cuidchk=1
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
0
rs
tags.w55c.net/ Frame 88A7
Redirect Chain
  • https://tags.w55c.net/rs?id=f1f9fc1f7bf949b9a52bed5cb8e91ffe&t=checkout&tx=1&sku=1&price=1
  • https://tags.w55c.net/rs?sccid=92d80d43-d816-0f3f-435b-1ea701cc73d4&scc=1&id=f1f9fc1f7bf949b9a52bed5cb8e91ffe&t=checkout&tx=1&sku=1&price=1
42 B
699 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.w55c.net/rs?sccid=92d80d43-d816-0f3f-435b-1ea701cc73d4&scc=1&id=f1f9fc1f7bf949b9a52bed5cb8e91ffe&t=checkout&tx=1&sku=1&price=1
Requested by
Host: 9216824.fls.doubleclick.net
URL: https://9216824.fls.doubleclick.net/ddm/fls/r/dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.143.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Retargeting/v2.0.30-661-ga8ef792#rel-ec2-master i-01574fb08bde3815a@eu-central-1b@dxedge-app-eu-central-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://9216824.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Jul 2021 17:04:59 GMT
Server
Retargeting/v2.0.30-661-ga8ef792#rel-ec2-master i-01574fb08bde3815a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=604800; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jul 2021 17:04:59 GMT
Server
Retargeting/v2.0.30-661-ga8ef792#rel-ec2-master i-00d04c025752e7422@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=604800; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://tags.w55c.net/rs?sccid=92d80d43-d816-0f3f-435b-1ea701cc73d4&scc=1&id=f1f9fc1f7bf949b9a52bed5cb8e91ffe&t=checkout&tx=1&sku=1&price=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
/
insight.adsrvr.org/track/pxl/ Frame 88A7 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=hjmfil0&ct=0:k2knpa5&fmt=3
Requested by
Host: 9216824.fls.doubleclick.net
URL: https://9216824.fls.doubleclick.net/ddm/fls/r/dc_pre=CJCE5bOJ6PECFcbnUQodwU8Ehg;src=9216824;type=rosga0;cat=njpla0;ord=1;num=8136299542120;gtm=2wg7e0;auiddc=926401488.1626455100;u8=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com;~oref=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.127.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-127-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://9216824.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jul 2021 17:05:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dest5.html
gvcus.demdex.net/ Frame 930E 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gvcus.demdex.net/dest5.html?d_nsid=0
Requested by
Host: scmedia.itsfogo.com
URL: https://scmedia.itsfogo.com/$-$/c7a9efa3e0474b58b4dcb8d7031097a6.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.124.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-124-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
gvcus.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://promo.nj.betmgm.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=85184441497759448762842693470634066354
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://promo.nj.betmgm.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Fri, 16 Jul 2021 17:05:00 GMT
DCS
dcs-prod-irl1-1-v012-01935ebe6.edge-irl1.demdex.com 6.3.1.20210623115127
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Fri, 2 Jul 2021 08:33:35 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
doIzid56RHk=
Content-Length
2791
Connection
keep-alive
ibs:dpid=411&dpuuid=YPG8PAAAAGpjhSkN
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=85184441497759448762842693470634066354
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YPG8PAAAAGpjhSkN
42 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YPG8PAAAAGpjhSkN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.124.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-124-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v012-04fbb91e2.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
UUAgc1HzR3w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YPG8PAAAAGpjhSkN
Date
Fri, 16 Jul 2021 17:05:00 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
493355708326828
connect.facebook.net/signals/config/ 		260 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/493355708326828?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7b1f80833de3d6b133e8ef85b953cf456730e76581893cdefbc98eb4e69eaced
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
MydE4ALb++3xJXw1yDAdzuHKJbM2S87xGgLSZcdEhGllbIcKl9tEnDR6CStFJHw8wQDHWQkTa8adt4mZun72Hw==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Fri, 16 Jul 2021 17:05:00 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ibs:dpid=358&dpuuid=1273711295837258083
dpm.demdex.net/ Frame 930E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=1273711295837258083
42 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=1273711295837258083
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.124.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-124-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://gvcus.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v012-071874892.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
0LTMADMxTzs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Fri, 16 Jul 2021 17:05:00 GMT
X-Proxy-Origin
77.243.191.196; 77.243.191.196; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1609dc29-d72e-4da6-a381-24f057c0d5bb
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=1273711295837258083
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adsct
analytics.twitter.com/i/ Frame 930E 		43 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=85184441497759448762842693470634066354&p_id=38594
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gvcus.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Fri, 16 Jul 2021 17:05:00 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
3c3cafde6f59cfa838a5b297cf62bf4ef8c9d20f732acbfd3c1fefdf9a9634c2
x-transaction
acd3291eefcd2567
expires
Tue, 31 Mar 1981 05:00:00 GMT
event
gvcus.demdex.net/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gvcus.demdex.net/event?d_dil_ver=9.2&_ts=1626455100655
Requested by
Host: scmedia.itsfogo.com
URL: https://scmedia.itsfogo.com/$-$/690a05e4e4ce4d4989524fea24680488.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.124.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-124-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
551651448cc739d2e982a26f84abcafcd90d27fa7fb667749e588fc911b00c69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v012-0924b2ac2.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
CHlcMb3QT4E=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://promo.nj.betmgm.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
579
Expires
Thu, 01 Jan 1970 00:00:00 UTC
398072614313211
connect.facebook.net/signals/config/ 		261 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/398072614313211?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2661029ea13ea0e4d9b2f55def6d1a97e53758df9261f0ee34d6d4401e0c3991
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
aJqefZ1jXRh9CNwkY9lDg1XGWpd6uOnpVzLorqGq9UstmKi/IfR9m8ENS3GvdODfMr3oj5fs6VR/t9xuah0Kdg==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Fri, 16 Jul 2021 17:05:00 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=623537968086929&ev=Adobe-Audience-Manager-Segment&cd[segID]=18122814,18526575,18455740&noscript=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:05:00 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 16 Jul 2021 17:05:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1364869096985404&ev=Adobe-Audience-Manager-Segment&cd[segID]=18122814&noscript=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:05:00 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 16 Jul 2021 17:05:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2104368679676220&ev=Adobe-Audience-Manager-Segment&cd[segID]=18122814&noscript=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:05:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 16 Jul 2021 17:05:01 GMT
432560294477527
connect.facebook.net/signals/config/ 		260 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/432560294477527?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
19846e2814e07dd032879134ddb0e86efb1b77a0b57b882b8c78fc122a9fc404
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
unzFVN/08qpszkyXx2ztTNEplxqlyhnmrcZwOMyrHUgKY55wi0XPD2JwpXdMBnPX6fSz1xSAGn9TefmSbvN3HQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Fri, 16 Jul 2021 17:05:01 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=356109348327430&ev=Adobe-Audience-Manager-Segment&cd[segID]=18526575,18455740&noscript=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:05:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 16 Jul 2021 17:05:01 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2146541318755957&ev=Adobe-Audience-Manager-Segment&cd[segID]=18526575,18455740,18455740&noscript=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:05:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 16 Jul 2021 17:05:01 GMT
713604079125690
connect.facebook.net/signals/config/ 		261 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/713604079125690?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cc33ae4fb158534a0172fff6f358fd70eb4ba1bb385670156133d8e0af894f91
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
mf1ip/0NZYylSuF0ZuFMkOsnq5P/tcOife/AQjeH4pne/3BDw4l6W0fuviCAu075Lb0Xpj+txZSHYLVhpv4hYw==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Fri, 16 Jul 2021 17:05:01 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=713604079125690&ev=Adobe-Audience-Manager-Segment&cd[segID]=18526575&noscript=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:05:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 16 Jul 2021 17:05:01 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=398072614313211&ev=Adobe-Audience-Manager-Segment&cd[segID]=18526575,18455740&noscript=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:05:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 16 Jul 2021 17:05:01 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=623537968086929&ev=PageView&dl=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&rl=&if=false&ts=1626455101621&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1626455101619.560614399&it=1626455099992&coo=false&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:05:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 16 Jul 2021 17:05:01 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=493355708326828&ev=PageView&dl=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&rl=&if=false&ts=1626455101623&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1626455101619.560614399&it=1626455099992&coo=false&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:05:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 16 Jul 2021 17:05:01 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=398072614313211&ev=PageView&dl=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&rl=&if=false&ts=1626455101624&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1626455101619.560614399&it=1626455099992&coo=false&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:05:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 16 Jul 2021 17:05:01 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=432560294477527&ev=PageView&dl=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&rl=&if=false&ts=1626455101625&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1626455101619.560614399&it=1626455099992&coo=false&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:05:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 16 Jul 2021 17:05:01 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=713604079125690&ev=PageView&dl=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&rl=&if=false&ts=1626455101626&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1626455101619.560614399&it=1626455099992&coo=false&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:05:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 16 Jul 2021 17:05:01 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=623537968086929&ev=Microdata&dl=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&rl=&if=false&ts=1626455103123&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22BetMGM%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&fbp=fb.1.1626455103123.1834304612&it=1626455099992&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:05:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 16 Jul 2021 17:05:03 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=493355708326828&ev=Microdata&dl=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&rl=&if=false&ts=1626455103125&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22BetMGM%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&fbp=fb.1.1626455103123.1834304612&it=1626455099992&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:05:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 16 Jul 2021 17:05:03 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=398072614313211&ev=Microdata&dl=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&rl=&if=false&ts=1626455103126&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22BetMGM%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&fbp=fb.1.1626455103123.1834304612&it=1626455099992&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:05:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 16 Jul 2021 17:05:03 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=432560294477527&ev=Microdata&dl=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&rl=&if=false&ts=1626455103127&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22BetMGM%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&fbp=fb.1.1626455103123.1834304612&it=1626455099992&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:05:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 16 Jul 2021 17:05:03 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=713604079125690&ev=Microdata&dl=https%3A%2F%2Fpromo.nj.betmgm.com%2Fen%2Fpromo%2Fgeolocator%3Forh%3Dwww.betmgm.com&rl=&if=false&ts=1626455103129&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22BetMGM%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&fbp=fb.1.1626455103123.1834304612&it=1626455099992&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://promo.nj.betmgm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:05:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Fri, 16 Jul 2021 17:05:03 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated boolean| gPluginsPromoDisableM2NotFoundCtrl object| promoContent function| sendToNative object| dataLayer function| upLogin object| afterViewInitScripts object| google_tag_manager object| GlobalSnowplowNamespace function| gvc_inhouse boolean| isfp2Generated boolean| isBeforeUnloadMouseOut function| _typeof object| Snowplow object| google_tag_data function| rdt object| uetq function| fbq function| _fbq function| snaptr object| r function| UET function| UET_init function| UET_push function| e object| adobe function| Visitor object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels function| openTestTool object| optimoveSDK function| QuantumMetricInstrumentationStart object| QuantumMetricAPI boolean| triedToSendCookieToNative object| WebJSBridge function| ttd_dom_ready function| TTDUniversalPixelApi function| DIL object| customerIDSyncObject undefined| dsid object| gvcAAM object| s_c_il number| s_c_in object| visitor object| optimoveTenantConfiguration function| trackPageLevels object| pages_params undefined| folders function| tell

7 Cookies

Domain/Path Name / Value
.betmgm.com/ Name: _sp_ses.3176
Value: *
.betmgm.com/ Name: _sp_id.3176
Value: 0a8ea26d-2c35-405a-97c1-4542ff057402.1626455100.1.1626455100.1626455100.35b762a5-0182-4c93-a72a-6d6738284ccd
.betmgm.com/ Name: __cf_bm
Value: f10f3f1ff0320c3c6f58fc448f7f27f04fb140ae-1626455099-1800-AeqNlYLJJX5k7ANIEHnm6RP2NGdRHUwGSSnQLbEVvCRWFyjTxIL2+0QvQoluOXf8ySvsNm2bIcxxLQj7eleuo4I=
.nj.betmgm.com/ Name: lang
Value: en
.nj.betmgm.com/ Name: usersettings
Value: lc=false&cid=en-US&vc=1&sst=2021-07-16T17:04:59.3456568Z&psst=0001-01-01T00:00:00.0000000Z&lsid=n4cu1lqwmtbyo3kb2qpyibl3
.nj.betmgm.com/ Name: trc.cid
Value: 98457d658acc48bb84e6d97ebb8c84a7
.nj.betmgm.com/ Name: ASP.NET_SessionId
Value: n4cu1lqwmtbyo3kb2qpyibl3

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9216824.fls.doubleclick.net
adservice.google.com
adservice.google.de
alb.reddit.com
analytics.twitter.com
bat.bing.com
cdn.quantummetric.com
cm.everesttech.net
connect.facebook.net
dpm.demdex.net
gvcus.demdex.net
ib.adnxs.com
insight.adsrvr.org
js.adsrvr.org
promo.nj.betmgm.com
sc-static.net
scmedia.itsfogo.com
scmedia.nj.betmgm.com
sdk-cdn.optimove.net
secure.adnxs.com
stream-705.optimove.net
tags.w55c.net
tr.snapchat.com
trkn.us
www.betmgm.com
www.facebook.com
www.googletagmanager.com
www.redditstatic.com
104.16.162.243
104.18.20.216
104.18.21.216
104.244.42.3
13.224.100.124
13.224.96.39
142.250.186.38
151.101.13.140
185.33.221.50
2606:4700:10::6816:34fc
2620:1ec:c11::200
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:830::2008
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.123.143.157
34.107.228.158
34.254.127.126
35.186.226.184
35.201.79.141
54.154.124.189
54.171.42.33
54.80.48.227
023e64b862c4d75dd3390eda64f830ce73e3d8c689d30fff89dec507ccabb780
0a6a9fe73708961ab27ee014bbead4e69ae74cae5f0bdffcb71171d3ef6ed4ed
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18a25985fc2b0a97296c80d35cae48f0d824edad1c51e5af43dde61162e024b7
19846e2814e07dd032879134ddb0e86efb1b77a0b57b882b8c78fc122a9fc404
2661029ea13ea0e4d9b2f55def6d1a97e53758df9261f0ee34d6d4401e0c3991
413700baf689eb2144dd96fcc78f97384ea0a00cf916f30940cc369ef27032ed
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
50b33426b52a8e4fbca5013c487962cd8e86ceb118e0b96deb0d33a3a78179f4
551651448cc739d2e982a26f84abcafcd90d27fa7fb667749e588fc911b00c69
56daf9cf0d870f68417c6d388f03414d00d10fbbe70248ddc3130bf7ab7f2330
5a2968fd880ae48282e04b7838e4997f520cfd88452ce57d0b381a6686252c8a
7125a66456daa35dd3e3e8cca4b9523e05caf0b4fa5bd5874676e7c6db40f3aa
73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1
7b1f80833de3d6b133e8ef85b953cf456730e76581893cdefbc98eb4e69eaced
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7de0300b401fc4b48ea166e2614326595bf971fc3c90e795cbf9ffc78f3200d9
8089a46243dddf77b5786cbc374f48e39a785a90674d7f8dee18b3f0e1951ecc
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
a36d806c964a42a0ae61439f71f004833850a7bc3410a863a4e81af110d1316f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae3ff55a478cdc16ab0e09f5ee16a166117c03bfc49ee85fe34b6e81504df017
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b467382a8109d4be41fb92d1f2761e22b3480fcb408b487f2e74326c0c527df6
bc1f41c24f294d7c984d3e42e3b30bd38108f2eee1f3e74cc6d80465afe4ff2c
bf72285e2c030ae19359eac77d0b47b1038782bac2121701e4092499186946dd
cc33ae4fb158534a0172fff6f358fd70eb4ba1bb385670156133d8e0af894f91
cc37ec8499ddc1ce8812430f49ce61c0d7d536eb93ad9a5a858a9a38a7efdd99
da34afbb751148285ee3c4501ae1c0bd95104197461410faa169ab9e7be5ca40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee5a559ea1116f16e98f96d2acf45d95269ba5dada93f63dffb0752fcf500738
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17bc0d8ba408883031b6c08f8dccf6744c57eaaeb99f3e0676c32b0cc3772da
f57c2a516e51ff19a8ffacb9b07eb9f17c0448bbd9ffb682e87a9e9b520083d9